outsourcing DCE/RPC to alternate programs - runtime config option

Luke Kenneth Casson Leighton lkcl at lkcl.net
Mon Dec 13 13:13:52 GMT 2004


On Mon, Dec 13, 2004 at 11:32:29PM +1100, tridge at samba.org wrote:
> Luke,
> 
>  > > I don't consider that much of a problem at all - what is the issue with
>  > > implementing 3 interfaces in one daemon? 
>  > 
>  >  it's just a design decision that i would consider to be closing down a
>  >  few strategic options (hinted at below)
> 
> You've been going on about this "all separate daemons" idea for far
> too many years. Did you actually ever check that windows does
> implement them all as separate daemons? 

 yes: the hint is from the response of the rpc bind ack packet: the name
 of the server that is actually handling the pipe is put in the
 response.


> It doesn't.
 
  yes, i know.

  i didn't consider it relevant: i made a design decision and decided to
  stick with it, in order to help me code up and real-world test the
  client and server side implementations of what became netlogond, samrd
  and lsarpcd.

  as a result of that design decision, i was far more
  confident of the robustness of the three services, the
  ncalrpc implementation, and the client-side functions.

  such that i could then advocate other projects.

  i have not mentioned before (explicitly) that it occurred
  to me many many times as i got rather pissed off and frustrated with
  the "separation" process i had undertaken, giving serious
  consideration to bypassing the ncalrpc interface i was creating, and
  linking one big monster program combining the three services - exactly
  as you say.

  the reasons why i _didn't_ do that were primarily because
  of samrd: if i _had_ done one big monster authentication
  program, it would have meant more code for anyone
  wishing to implement samrldapd, samrsqld or samrtdbd, or
  sam-whatever-somebody-other-than-me-chose-d.


  also, i believe that if you analyse NT 3.5 i expect you'll find that
  there, the three services _are_ separate (or at least two of them).

 
  anyway: the point is that just because NT implements three
  services in one daemon, that isn't a good enough reason
  to terminate any _possibility_ for implementing three
  protected/authenticated services in separate daemons, and
  it certainly isn't a good enough reason to justify _not_ adding
  security-context-inheritance to ncalrpc.

  however, i realise that it's entirely up to you: should
  you choose to implement those three closely inter-related
  services in one daemon, that's your design decision, and one
  of the major technical justifications for doing sec-ctx-inh
  in ncalrpc goes away.

  if there were other projects - real-world examples - that
  needed it, [and i'm sorry to have to point out that because
  you have delayed adding ncacn_np "outsourcing" in samba for
  over five years there _aren't_ any such examples] ...




> As for your comments about posix and NTFS, if you'd actually followed
> the development we've been doing for the last few years then you'd
> know that we already use nt-like file sharing interfaces internally,
> and have had discussions with the Linux ntfs people about working
> together. You would also know that Samba4 is almost completely
> independent of posix, except for 8k lines of "glue" code that
> implements the posix backend.

 GREAT.

 that's fantastic.

 i'm genuinely pleased.

 it's such a far cry from the "samba is just a file and
 print sharer" argument which jeremy used in 1999 to stop me
 advocating improvements to samba 3's smb vfs layer.



> If your only contribution is "wise words" based on 4 year old
> information then please just go away.
 
 andrew, listen to yourself.  please calm down.

 l.

-- 
--
<a href="http://lkcl.net">http://lkcl.net</a>
--


More information about the samba-technical mailing list