IDMAP_BOTH support in smbd

Michael Adam obnox at samba.org
Wed Mar 21 03:47:51 MDT 2012 

Hi Andrew,

Andrew Bartlett wrote:
> I've been working to slowly move to supporting IDMAP_BOTH in smbd, so as
> to allow s3fs to function in all circumstances. 

Can you explain under what circumstances s3fs is working and
under which it is not? (Maybe we can discuss this later on irc...)

> Attached are my first two (untested at this time) patches, reworking the
> in-memory cache and sids_to_unix_ids routine. 

I will look at those patches more closely and test..

> From here, I plan to:
>  - change the passdb pdb_sid_to_id() call to return a struct unixid
> (from idmap.idl)
>  - change struct wbcUnixId users (including those I've just added) to
> struct unixid, avoiding the union in the libwbclient structure
>  - consolidate legacy_sid_to_uid and legacy_sid_to_gid into a single
> legacy_sid_to_id() call
>  - consolidate sid_to_uid() and sid_to_gid() into a sid_to_id(), which
> will be a wrapper around sids_to_unix_ids()

sid_to_uid() and sid_to_gid() are already wrappers around the backend
sids_to_unixids() calls, so that should be fairly easy!

Please have a look at idmap_backends_sid_to_unixid() which is
called by idmap_sid_to_uid() and idmap_sid_to_gid().


>  - consolidate the caching layer in such a way that IDMAP_BOTH can be
> supported. 
> 
> To do this, I will need to determine if the winbindd idmap code is
> dependent on the type of ID asked for:  That is, if we move from
> wbcSidToUid() to wbcSidsToUnixIds(), will the returned values change at
> all?

See the comment above.
Also see that we are exposing the plural sids_to_unixids to the
winbindd api already and using it in some (not all) places.
The server implementation is in
source3/winbindd/winbindd_dual_srv.c:_wbint_Sids2UnixIDs()

I am happy to work with you on the idmap topic as time permits.

Cheers - Michael

> Thanks,
> 
> Andrew Bartlett
> -- 
> Andrew Bartlett                                http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20120321/4f2bf538/attachment.pgp>

More information about the samba-technical mailing list