[Samba] Executable 'username map'

[François LAUPRETRE]

Hi,

I currently manage an environment where my Unix and Windows usernames are 
defined, but different. So, I must use a username map. But I have several Samba 
servers (one for each NFS package) and I must maintain all these username map 
files. As we want everybody to map the same way on every Samba servers in a NIS 
domain, we added the 'Windows user' information to the NIS 'passwd' map (by 
adding a string like '<win=xxx>' to the gecos field).

Now, as the only way for Samba to get this mapping information is through a 
flat file, I have to push this file onto every samba server every time I build 
the NIS passwd map. And, in order to do that, I must maintain a list of these 
servers on the NIS master server (assuming a standard path for storing this 
file on each samba server).

Instead of such a 'push' solution, I would much prefer a 'pull' one. The only 
way I found, with the current Samba implementation, would be to write an NSS 
module which would only implement the getpwnam function. I started looking at 
this solution but we quickly decided not to go further because of the problems 
of maintainability of such a piece of code.

Another solution, much easier to implement, would be to modify the code in 
map_username(), so that, if the 'username map' file has the executable bit set, 
it would be executed instead of being parsed, and it would give an answer on 
stdout (with an empty value if no mapping found). This way, there is no change 
in Samba configuration. The only potential incompatibility would be if a 
current username map file has the executable bit set, although it is a plain 
file, once the user updates Samba to the new version, it would start executing 
the file. In order to remove this incompatibility, we could add a 'execute 
username map' option...

What do you think about this change ? I can send a patch for it, but it is very 
easy to implement with a call to smbrun().

Regards,

François