[Samba] Executable 'username map'
François LAUPRETRE
francois.laupretre at calyon.com
Thu Jul 21 16:29:36 GMT 2005
Hi,
I currently manage an environment where my Unix and Windows usernames are
defined, but different. So, I must use a username map. But I have several Samba
servers (one for each NFS package) and I must maintain all these username map
files. As we want everybody to map the same way on every Samba servers in a NIS
domain, we added the 'Windows user' information to the NIS 'passwd' map (by
adding a string like '<win=xxx>' to the gecos field).
Now, as the only way for Samba to get this mapping information is through a
flat file, I have to push this file onto every samba server every time I build
the NIS passwd map. And, in order to do that, I must maintain a list of these
servers on the NIS master server (assuming a standard path for storing this
file on each samba server).
Instead of such a 'push' solution, I would much prefer a 'pull' one. The only
way I found, with the current Samba implementation, would be to write an NSS
module which would only implement the getpwnam function. I started looking at
this solution but we quickly decided not to go further because of the problems
of maintainability of such a piece of code.
Another solution, much easier to implement, would be to modify the code in
map_username(), so that, if the 'username map' file has the executable bit set,
it would be executed instead of being parsed, and it would give an answer on
stdout (with an empty value if no mapping found). This way, there is no change
in Samba configuration. The only potential incompatibility would be if a
current username map file has the executable bit set, although it is a plain
file, once the user updates Samba to the new version, it would start executing
the file. In order to remove this incompatibility, we could add a 'execute
username map' option...
What do you think about this change ? I can send a patch for it, but it is very
easy to implement with a call to smbrun().
Regards,
François
More information about the samba
mailing list