Modifying winbind to work over TCP socket - questions

Richard Sharpe rsharpe at ns.aus.com
Thu Jun 20 10:12:01 GMT 2002 

On Thu, 20 Jun 2002, Nir Soffer wrote:

> 
> Hello!
> 
> I want to get winbind to work over TCP sockets instead of a UNIX domain
> socket (so I could run winbindd on one machine and avoid running it on 
> several machines in a cluster).

Hmmm, you know that security info goes over this connection ...

However, we have done this ... It is relatively simple ...
 
> I've got several questions -
> 
> I've already modified winbindd.c to accept another command line option
> so it would listen to a TCP socket. I'm now having trouble dealing with
> the client aspect.
> 
> Would modifying wb_common.c to read a configuration file for
> configuration details be prudent? Wouldn't that mean that every time I
> use a get*ent call the configuration file would be open()'d and then
> close()'d?

Here's what we do ...

#if WINBIND_USE_PIPE

        /* Create UNIX domain socket */
        
        if ((accept_sock = create_sock()) == -1) {

#else
        /* Create tcp/ip socket */
        
        if ((accept_sock = create_sock_inet()) == -1) {

#endif

That is in winbindd. This could clearly be done on a command line flag ...

This is what we do in wbcommon.c ... This requires more work if you want 
to choose your poison.

#ifdef WINBIND_USE_PIPE
        if (winbind_open_pipe_sock() == -1) {
#else
        if (open_inet_sock() == -1) {
#endif


> Or perhaps I should put it in there as a compile time option? Or maybe
> create a new service that would run as a winbind client and have the NSS
> connect to the client process using a UNIX domain socket?
> 
> Any ideas you might have will be appreciated :)
> Ofcourse - I'll be more than happy to send patches back if anyone wants
> them.
> 
> On another note - I've modified smbd to accept connections on a tcp port
> and then close them automatically without a fork - for an inhouse
> heartbeat mechanism (We didn't want smbd to fork every 5 seconds when we
> queried it). Is there any demand in the community for such modifications
> to be released back?

What's wrong with one fork every now and then?

> Thanks!
> Nir.
> 
> --
> Nir Soffer -=- Software Engineer, Exanet Inc. -=-
> "Father, why are all the children weeping? / They are merely crying son
>  O, are they merely crying, father? / Yes, true weeping is yet to come"
>         -- Nick Cave and the Bad Seeds, The Weeping Song
>  
> 

-- 
Regards
-----
Richard Sharpe, rsharpe at ns.aus.com, rsharpe at samba.org, 
sharpe at ethereal.com

More information about the samba-technical mailing list