Upgrade issue with 3.0.21b->3.0.22
Volker Lendecke
Volker.Lendecke at SerNet.DE
Tue Feb 7 23:18:22 GMT 2006
Hi!
With the trunk->3_0 merge in place now we have to solve the
inevitable upgrade issue in a sane way.
For some critical operations we now assume that an explicit
group mapping is in place, 3.0.21b had an algorithmic
fallback. I removed that, this was severely broken from the
beginning.
What I would like to replace it with is an automatic group
mapping. We can do this now, as we have the RID allocator
around even when winbind is not running.
So if query_groupmem gets a group from nss that is not in
the group mapping db, it can (it does not yet) allocate a
RID for it and create an explicit group mapping entry.
This does not work for existing user databases, as the group
memberships assume the algorithmic fall back. The groups
would have to be auto-created with the RID algorithm instead
of the RID allocator.
One way around this is to have a one-shot upgrade script and
never look back again. An idea I don't really like.
Another possibility would be a parameter where we have to
choose the default very carefully. The problem here is that
I just removed the 'enable rid algorithm' parameter...
How should we handle this? Any opinions?
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20060208/01ddd7e3/attachment.bin
More information about the samba-technical
mailing list