updated newidmap
Volker Lendecke
Volker.Lendecke at SerNet.DE
Tue Oct 3 15:39:04 GMT 2006
On Tue, Oct 03, 2006 at 11:28:42AM -0400, simo wrote:
> Uhmm this is a bet and need cooperation from other code.
> What if we cannot lookup a trusted domain SID because a WAN link is down
> and then we find out it was a user SID? We cannot retroactively change
> the permissions set on disk.
>
> Back in 2001 at Jermey's house (CIFS conf) I remember I already proposed
> to always use a single range and alloc both a uid and a gid at the same
> time and always use both the uid and the gid in file permissions, but
> this was not accepted as Jeremy said it would have had a too big impact
> on the ACL code.
It will be intrusive, but if we mess with idmap we should
get it right.
Volker
P.S: I hope I don't sound like someone pushing back
solutions because they are not 100%. I'm not saying that
this is a really no-go, but I would like to see it done with
that problem in mind.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20061003/97b5f22f/attachment.bin
More information about the samba-technical
mailing list