Recent changes to autorid (was Re: [SCM] Samba Shared Repository - branch master updated)

Michael Adam obnox at samba.org
Fri May 2 17:48:48 MDT 2014


On 2014-05-02 at 21:10 +0200, Christian Ambach wrote:
> Am 30.04.14 01:26, schrieb Michael Adam:
> 
> >2. Define fixed (hard coded) mutually disjoint ranges < IDMAP_LOW :
> >    a) a range for the wellknowns
> >    b) a range for the builtins
> >    c) a range as unix-id-pool (for group mapping, etc)
> >
> >3. Hard code mappings for the builtins and wellknowns
> >    in the above ranges.
> >    This can eventually allow us to remove quite a few special
> >    cases from idmap and passdb code.
> 
> This idea sounds quite interesting, but hardcoded is likely to be
> wrong for somebody.

Right. I was trying to give my owm sightly more substantial
version of Jeremy's idea, which really has its appeal.

But Mathias has already given a good example
when this will be wrong for someone: If you use
SFU via idmap_ad - In this case the IDs are not
under the samba admin's control, and we may not
have a chance to stay above IDMAP_LOW.

Thinking about it, we could introduce an extension
of idmap_ad to circumvent it: we could add some kind
of offset or shift parameter to idmap_ad, which
specifies a minimum number to which the xids
from SFU are added. Not precisely beautiful
but would allow one to have the IDMAP_LOW barrier... :-)

> So better would be at least configurable ranges
> with good default settings that virtually nobody will ever need to
> touch, but for the unlikely case, the necessary setting is
> available.

Yeah, I also think we need a way out...

Cheers - Michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140503/ce0e3a6f/attachment.pgp>


More information about the samba-technical mailing list