[RFC][WIP] cache-only name lookups in smbd

Mon Nov 28 09:26:32 UTC 2016

Hi, Uri!

Question -- the cache invalidation of winbindd_cache.tdb is fishy at
best. For this type of caching that is pretty much public information,
wouldn't it be better to go to gencache.tdb? In the caching case, we
would avoid the roundtrip to winbind.

Volker

On Mon, Nov 28, 2016 at 09:42:08AM +0200, Uri Simchoni wrote:
> I'm trying to allow smbd to serve files in the presence of short
> interruptions in the connection to AD. One challenge is that shares
> defined in smb.conf have user / group names in their access lists (read
> list, write list, valid users, ...) and those names are converted to
> SIDs on each tree connect. Sometimes this conversion causes a network
> lookup. When a few minute outage occurs, the first user to try the
> network lookup experience a Windows Explorer freeze, and that creates
> support calls. Subsequent users find winbindd in a different mood
> (offline) and get service.
> 
> One approach I've tried to handle this challenge is to:
> a. constantly prime the winbindd cache
> b. introduce a cache-only lookup (essentially equivalent to the lookup
> in offline state - no check for expiration)
> c. since the current and new approach represent different tradeoffs,
> I've made it configurable.
> 
> This approach is in the attached patch - adding a "priming daemon" and
> an API to winbindd to do cache-only lookups. The patch set is still
> rough around the edges, doesn't handle SIGHUP, the primed restart (which
> I've copied from notifyd) doesn't work reliably, but you can get the
> general idea.
> 
> I'd appreciate feedback as to whether this approach is desirable at all
> in samba. Some of my thoughts are:
> 
> 1. An alternative approach is to use the RPC-managed share ACLs,
> everything there is in SIDs, or pre-translate names to SIDs and put the
> SIDs in smb.conf. From an appliance point of view, this shifts the added
> complexity outside of Samba.
> 
> 2. It complicates things, and having two modes of lookup is likely to
> make one mode bit-rot, esp. since it's difficult to simulate network outage.
> 
> 3. It can't possibly handle all parameter substitutions - another source
> of conceptual complication (some lookups are cached and some aren't)
> 
> 4. So far I haven't managed to avoid some code duplication between the
> lazy evaluation code in share_access.c and primed. The netgroups kind of
> make this hard.
> 
> Despite all of the above, in the cases where it works (no substitutions
> and no configuration errors), this does make for more robust operation,
> and may prove useful to others.
> 
> Thanks,
> Uri.

> From 7a23003437a70af0e40ecf3e1ebd396fab445e32 Mon Sep 17 00:00:00 2001
> From: Uri Simchoni <uri at samba.org>
> Date: Mon, 28 Nov 2016 08:40:50 +0200
> Subject: [PATCH 1/9] s3-passdb - add LOOKUP_NAME_CACHE_ONLY lookup flag
> 
> This flag shall be used later by lookup_name() and
> internally by winbindd