Patch to handle sid compression for consideration ...
Hemanth Thummala
hemanth.thummala at gmail.com
Mon Jun 16 11:14:34 MDT 2014
Hi Richard,
I have a query. In the patch, If merge_resource_sids() failed for some
reason, netsamlogon cache update is skipped and just return from there. Is
this intentional? Shouldn't we update the primary group and or existing
extra SID information to netsamlogon cache before we return. If there is
some problem with copying resource group information, we will never be able
to update the group membership netsam logon cache. Please correct me if I
am wrong.
Thanks,
Hemanth.
On Mon, Jun 16, 2014 at 9:07 PM, Richard Sharpe <realrichardsharpe at gmail.com
> wrote:
> On Mon, Jun 16, 2014 at 7:56 AM, Simo <simo at samba.org> wrote:
> > On Mon, 2014-06-16 at 07:45 -0700, Richard Sharpe wrote:
> >> Hi folks,
> >>
> >> Attached is a cleaned up patch to handle sid compression in master.
> >>
> >> I have implemented Volker's suggestion to not mess with SID internals
> >> and use compose_sid instead.
> >>
> >> I have also moved things around a bit to fit better into the existing
> >> code and not expose too many internal functions.
> >>
> >> Finally, I added a call to winbindd_pam where needed.
> >>
> >> This is a first pass at handling SID compression, and if we find we
> >> need to handle resource SIDs differently depending on which domain
> >> they are in, then the function merge_resource_sids_and_cache can
> >> absorb that code.
> >>
> >> Review please, and if acceptable, please push.
> >
> > Wouldn't it be better to copy info3 first and then modify the copy ?
>
> Sure, I could do that. What advantage do you see? We actually need the
> modified info3 later when we create the token, at least in one path.
>
> --
> Regards,
> Richard Sharpe
> (何以解憂?唯有杜康。--曹操)
>
More information about the samba-technical
mailing list