What is blocking a Samba4 Tech Preview?
abartlet at samba.org
Mon Dec 19 16:13:57 GMT 2005
On Mon, 2005-12-19 at 15:55 +0100, Jelmer Vernooij wrote:
> On Sun, Dec 18, 2005 at 06:37:10PM -0800, Andrew Bartlett wrote about 'Re: What is blocking a Samba4 Tech Preview?':
> > On Mon, 2005-12-19 at 02:00 +0100, Jelmer Vernooij wrote:
> > > On Mon, Dec 19, 2005 at 08:43:34AM +1100, tridge at samba.org wrote about 'Re: What is blocking a Samba4 Tech Preview?':
> > > > > > In the ACL space I don't think that the current (very valuable) work
> > > > > > tridge is doing should block the release of the code. Instead we should
> > > > > > hard-code the same 'admin write, others read' ACL that Samba3 has.
> > > > > That's a sane alternative, indeed.
> > > > yep, and then when the ldb ACLs are working we can do an updated
> > > > release.
> > > What exactly would be necessary for such a hardcoded ACL? I'm
> > > afraid I'm not really sure what kind of architecture we're planning to
> > > use for authorization. Security tokens or something similar?
> > We already push a session_info into LDB. I'm not sure the js is right,
> > but the basics are there for the rest of smbd. The SID list in that can
> > be checked against the hard-coded ACL.
> How does this work at the API level? Will we have a function that
> takes a session_info pointer, an ACL and an access mask and returns
> True or False? I never understood the way this stuff is handled in
> Samba 3.
Pretty much, yes.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20051219/03bf28d6/attachment.bin
More information about the samba-technical