Dynamic groups (was Samba and groups > 16)
Gerald (Jerry) Carter
jerry at samba.org
Mon Mar 7 21:29:53 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David Collier-Brown wrote:
| Actually I'd expect to use the group of the file: assume
| I'm uid=57957(davecb) gid=10(staff) groups=10(staff),100(pwrtl)
| and for simplicity, the maximum number of groups I can have
| is two (;-)).
|
| I try to read /tmp/foo via samba, but the open fails with EACCES.
| A stat of the file returns
| -rw-r--r-- 1 n1sps n1sps 0 Mar 7 12:45 /tmp/foo
|
| Samba looks in my long list of (AD) groups, finds n1sps, sees
| it is NOT in my active groups list and substitutes it for pwrtl.
|
| It then retries, and if it's a read request succeeds. If it's
| a write request it gets EACCESS again, but this time I'm already
| in the right group, so samba returns -1, errno=EACCESS.
Why can't we get Sun to fix their broken OS ?
But I would expect the proposed solution to slow things down
a good bit. But then again if you are on a broken system,
slow is better than not at all I guess.
Jeremy's right. It's an interesting approach (like a manual newgrp),
but I'm not writing the patch.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCLMfRIR7qMdg1EfYRAp+zAKCCznGYLoThfWL7JynN1ZP/Abje5wCeO5WO
RbEU2GFuz2FCHhXwyB9j1pE=
=3W0m
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list