S3: getgrouplist_internals (source3/lib/system_smbd.c)
Volker Lendecke
Volker.Lendecke at SerNet.DE
Fri Mar 4 10:48:56 MST 2011
On Fri, Mar 04, 2011 at 09:27:40AM -0500, yaberger at ca.ibm.com wrote:
> Currently, if getgrouplist() is not available on the system,
> getgrouplist_internals() is called.
> getgrouplist_internals() will call initgroups() and getgroups() to
> retrieve the gid list.
> If initgroups() is also not available on the system, it will be replaced
> by rep_initgroups().
> rep_initgroups() is using getgrent()
> getgrent() only fetch the local groups and is also known to be slow when
> there is hundred of thousand of groups and users.
>
> OpenSSH and ProFTPD are doing it differently.
> Instead of using initgroups() and getgroups() combinaison, they are using
> getgrset().
> In ProFTPD, if getgrouplist() and getgrset() are not available, getgrent()
> is used as last resort.
>
> See these bug reports for these projects which resulted in the use of
> getgrset() when getgrouplist() is not available.
> https://bugzilla.mindrot.org/show_bug.cgi?id=1081
> http://bugs.proftpd.org/show_bug.cgi?id=3231
>
>
>
> When getgrouplist() is not available, could you use getgrset() if it's
> available instead of the initgroups() and getgroups() ?
> If getgrset() is not available, then the old logic could still be used.
>
> I'm pretty sure some of you might not understand the purpose of this
> request.
> The reason behind this request is a pretty long story.
> Let's just say for now that using getgrset() instead of initgroups() would
> fix an issue probably only present in my rare (if not unique) environment.
You don't happen to have a patch available? :-)
Volker
--
SerNet GmbH, Bahnhofsallee 1b, 37081 Göttingen
phone: +49-551-370000-0, fax: +49-551-370000-9
AG Göttingen, HRB 2816, GF: Dr. Johannes Loxen
More information about the samba-technical
mailing list