new ldb group mapping code

tridge at tridge at
Wed Sep 27 04:07:58 GMT 2006


 > This seems a little hackish and prone to error.  I would have
 > to make two steps and think about their interaction if I wanted to
 > create an ldb with mode 0600.

ldb already has a two step connect process. ldb_init() gives you a
handle, and takes only a mem_ctx. Then you call any functions you want
on the handle to change defaults (setup logging etc), then you call
ldb_connect() to actually connect to a ldap server, local tdb etc.

 >  What is wrong with simply specifying a way to define the mode in
 > the ldb_connect().

yes, that would be equivalent to tdb_open_ex(). I'm trying to get away
from that, as it means that whenever you want a new thing that can be
set, you have to change the API. That's why tdb_open_ex() is different
between Samba3 and Samba4 right now.

So I'm proposing that by default ldb obeys posix conventions, but we
have a way to override.

To make it less error prone, we should probably add a
ldb_wrap_connect() function into Samba3 like we have in Samba4. In
Samba4 that is used by all Samba code that opens a ldb. It sets up
private auth handlers, sets up Samba specific attribute handlers, and
sets up a Samba specific logging function.

I didn't do that in Samba3 as I didn't need anything other than the
defaults. Now we need something other than the reasonable defaults for
ldb, we can add ldb_wrap_connect() into Samba3.

I'd like to get Simos comment as well though. He may have other plans.

Cheers, Tridge

More information about the samba-technical mailing list