[PATCH] add pdb_set_{user,group}_sid_from_string

Andrew Bartlett abartlet at samba.org
Fri Jun 14 07:40:04 GMT 2002 

Jelmer Vernooij wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Ok, grabbing together some emails. Mutt's join replies function is
> cool :-)
> > I figured I may as well ask:  How would you like to be creditied in CVS
> > commits?  As 'ctrlsoft' or as 'Jelmer' or as '<jelmer at nl.linux.org>' or
> > ... ?
> Please use 'Jelmer Vernooij' or 'Jelmer'; there's some weird
> east-asian company out there that has called itself ctrlsoft so that
> might be confusing.

OK, will do.

> > I was talking to tpot recently, and he found an interesting bug in the
> > current mulitple pdb code.
> 
> > If we don't implment setsampwent() in a backend, and that is the only
> > backend then we segfault...
> 
> > Now the is relitivly easy to 'fix', but I wonder if there is a better
> > way to do the design:
> 
> > How about doing all the setsampwent() calls at the start, then storing
> > the 'getsampwent' and 'endsampwent' fucntion pointers in some sort of
> > list.  This way we do all memory allocation etc during the 'set', and
> > not implicitly halfway thought the 'get'.  We can also ensure that we
> > actually do the 'end' correctly, no matter what modules did/did not
> > implement this.
>
> > I was thinking we should just have two linked lists, one of
> > 'getsampwent' functions, another of 'endsampwent' functions and use them
> > in the various loops.
> 
> > How does this sound?
> Sounds cool! One sidenote: in case someone calls endsampwent when
> one hasn't retrieved all users, we might be calling some setsampwent
> and endsampwent functions unnecessarily. What would you say?

I have no problem with doing a few extra 'set' and 'end' if we don't
finish the list - I would prefer them to the current setup, which would
imply a lot of loops all over the getent code to get correct.
> 
> > I figured I might just jot down some ideas for the future of the passdb
> > subsystem, as well as some of the more immediate todo items:
> 
> > Also, we need to get interface versioning going:  We have just changed
> > the interface, but we didn't tell anybody :-)  (SID stuff).
> 
> How would we do this? Like the VFS subsystem ? (have an int with
> the number of functions in the pdb_methods struct?) Or only load
> plugins that have the same version number as the samba binaries have?

I quite like the way I saw in your pdb_xml, where the XML lib has a
macro ensuring correct versions.   Or just passing the version number as
an arugment or (this one I quite like) having Samba read a global
variable from the pdb module.

> > I would like to get pdb_xml into Samba at some stage.  What do people
> > think of the idea?  (Its a passdb that exports to XML in order to allow
> > backups/hand updates pdb backends, tdbsam in particular.)  I've not
> > looked at it much, but it does require the basic stuff like new
> > configure magic (to detect the XML lib etc).
> 
> > http://people.nl.linux.org/~jelmer/downloads/
> 
> Maybe a directory 'plugins' could be added to the current CVS
> repository? There are currently some plugins in 'examples', but I
> think that's the wrong place. Or maybe add a directory source/plugins,
> in case we want to have a Makefile generated for the plugins (which
> could be quite necessary, seeing the dependencies on things like
> libxml, libmysql, virusscanner, etc).
> 
> I heard someone (tridge, ab?) was working on a tool that retrieves the
> CFLAGS and LDFLAGS for samba plugins. Such a tool would be quite
> useful, because that would also mean that plugin developers don't need
> to have the samba sources on their system. Who knows more about it?

I think ab was working on it.

> Oh, another idea: have a way to easily select what to do with modules
> : build them in static, build them as a plugin or don't build them at
> all. This is very useful for people who:
> 
> - - have a OS without dl support(they can even build 'foreign' modules
>   static)
> - - packagers who don't want their package to depend on a lot of other
>   stuff (libldap, libxml, etc) but still can build packages with only
>   a plugin

Sounds like a nice idea - I'll see what others think of it.

Andrew Bartlett,

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba-technical mailing list