Patch to handle sid compression for consideration ...
Richard Sharpe
realrichardsharpe at gmail.com
Mon Jun 16 11:19:30 MDT 2014
On Mon, Jun 16, 2014 at 10:14 AM, Hemanth Thummala
<hemanth.thummala at gmail.com> wrote:
> Hi Richard,
> I have a query. In the patch, If merge_resource_sids() failed for some
> reason, netsamlogon cache update is skipped and just return from there. Is
> this intentional? Shouldn't we update the primary group and or existing
> extra SID information to netsamlogon cache before we return. If there is
> some problem with copying resource group information, we will never be able
> to update the group membership netsam logon cache. Please correct me if I am
> wrong.
Sure, but the only reason it will fail, IMO, is that we have run out
of memory. In that case, the logon will fail anyway.
> Thanks,
> Hemanth.
>
>
> On Mon, Jun 16, 2014 at 9:07 PM, Richard Sharpe
> <realrichardsharpe at gmail.com> wrote:
>>
>> On Mon, Jun 16, 2014 at 7:56 AM, Simo <simo at samba.org> wrote:
>> > On Mon, 2014-06-16 at 07:45 -0700, Richard Sharpe wrote:
>> >> Hi folks,
>> >>
>> >> Attached is a cleaned up patch to handle sid compression in master.
>> >>
>> >> I have implemented Volker's suggestion to not mess with SID internals
>> >> and use compose_sid instead.
>> >>
>> >> I have also moved things around a bit to fit better into the existing
>> >> code and not expose too many internal functions.
>> >>
>> >> Finally, I added a call to winbindd_pam where needed.
>> >>
>> >> This is a first pass at handling SID compression, and if we find we
>> >> need to handle resource SIDs differently depending on which domain
>> >> they are in, then the function merge_resource_sids_and_cache can
>> >> absorb that code.
>> >>
>> >> Review please, and if acceptable, please push.
>> >
>> > Wouldn't it be better to copy info3 first and then modify the copy ?
>>
>> Sure, I could do that. What advantage do you see? We actually need the
>> modified info3 later when we create the token, at least in one path.
>>
>> --
>> Regards,
>> Richard Sharpe
>> (何以解憂?唯有杜康。--曹操)
>
>
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
More information about the samba-technical
mailing list