ACL module patches

Andrew Bartlett abartlet at
Tue Jul 6 16:23:25 MDT 2010

On Tue, 2010-07-06 at 20:50 +0300, Nadezhda Ivanova wrote:
> Hi Matthias,
> I basically made sure to do what you did in password_hash, and I did not see
> this control there, but it looks all right. As for the memory context
> patches - I am not so sure. They will not have any effect but as far as I
> know contexts should be as granular as possible, otherwise you risk a method
> freeing a context that was passed as parameter instead of the local one. And
> the habit of moving line endings around even if they do not exceed the
> character limit... Well, in short, I am not convinced that the second patch
> is necessary, but I am not against applying it. However, since they are your
> patches, I think you should push them :). Just make sure to run both
> and tests before that.

I've made some comments below:

> Regards,
> Nadya
> On Tue, Jul 6, 2010 at 7:55 PM, Matthias Dieter Wallnöfer <mdw at>wrote:
> > Hi Nadya,
> >
> > the ACL password work does work well beside one exception of which you
> > probably wasn't aware. I put here the link to the patch from which the
> > commit message should explain the reason:
> >
> >

When samdb_check_password is called in the cases indicated (user
password changes over samr or kpasswd) isn't the system_session() used

This looks like a reasonable change, but I don't think it's a sufficient
change to actually test this. 

> > The other patch should fix the outstanding memory contexts:
> >
> > Would be nice if you could integrates this one too.
> >

I really don't like this patch.  We should use tmp_ctx more, not less,
in a complex module such as this.  

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the samba-technical mailing list