tight loop in tdb_find()

Volker Lendecke Volker.Lendecke at SerNet.DE
Mon May 25 10:17:18 GMT 2009

On Mon, May 25, 2009 at 08:03:46PM +1000, tridge at samba.org wrote:
>  > We need to fill in the server affinity with net ads join and then use it
>  > in winbindd later.
> If that information is important, why is it put in gencache? Perhaps
> it should be in secrets.tdb?
>  > That would add a lot of complexity to gencache...
> yep, and I'd certainly prefer to use one of the two simpler options,
> but if the concensus is that transactions would be too slow, and that
> TDB_CLEAR_IF_FIRST is unacceptable then we are left with no choice
> except the additional complexity I think.
> I don't think we can just continue to hope the corruption isn't too
> bad. We really could end up with pretty much anything in gencache, and
> it is even possible this could be a security hole for some of the
> information stored in gencache.
> So shall I just add transactions and wait for the speed complaints, or
> does someone else think we should go for the 2 level cache?

If possible, can you remove the idmap cache from
gencache.tdb again if you use transactions on gencache?
Logging into a fresh server with a large token will
definitely hurt. The idmap cache was moved to gencache to
avoid roundtrips from smbd into winbind, but this might turn
out to be the wrong decision now.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20090525/e9ca98ae/attachment.bin

More information about the samba-technical mailing list