Broken idmap interface design

Gerald (Jerry) Carter jerry at samba.org
Thu Apr 19 22:03:17 GMT 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jeremy Allison wrote:
> On Thu, Apr 19, 2007 at 04:15:00PM -0500, Gerald (Jerry) Carter wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Gerald (Jerry) Carter wrote:
>>
>>> Here is a patch bundle
>>>
>>> auth_util.patch		Revert create_local_token() to
>>> 			the 3.0.24 codebase
>>>
>>> idmap_type.patch	Have the caller fillin the
>>> 			id_map.xid.type field when
>>> 			resolving a SID so that if we allocate
>>> 			a new id, we know what type to use
>>>
>> new idmap_type.patch (had accidentally duplicated
>> the idmap_rid changes in the previous version).
> 
> At quick scan these look ok to me...

OK.  Simo agrees as well.  I'm going to commit this set of
patches and will follow up with a change to validate the
SID in winbindd.

To illustrate, this should not work using the tdb alloc
backend:

  $ wbinfo -S S-1-5-21-2366234788-659026988-763736888-513
  100003





cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGJ+clIR7qMdg1EfYRAtF0AKCykJ3hhWG7XmvAC0Br4Gpvtj8s3wCcCjEy
oHZu5x9F2w4rc47i8TyGJkU=
=hGLj
-----END PGP SIGNATURE-----


More information about the samba-technical mailing list