FreeBSD nss, getgroupmembership(3)
Danny Braniss
danny at cs.huji.ac.il
Mon Jan 7 05:20:53 PST 2008
> On 7. jan.. 2008, at 11.10, Matthijs Kooijman wrote:
>
> > a while back (or actually, more than a year back...) there was some
> > discussion
> > in this thread about implementing getgroupmembership support in
> > FreeBSD NSS.
> >
> > FYI, Michael Bushkov has commited support for this a few weeks back
> > based on
> > work by me and largely by Michael Hanselmann. For now, there is no
> > support yet
> > in the nss_ldap and nss_winbind modules, but patches are already
> > available.
> >
> > Support wil not be merged to 7.0, but hopefully it will be in 7.1.
> >
> > See pr 115196 [1] for more details about it, and links to the
> > winbind/ldap patches.
> >
> > Gr.
> >
> > Matthijs
> >
> > [1]: http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/115196
>
> Thank you for letting me know, this is fantastic!! :-) A big thank you
> to everyone involved in making this happen.
>
> I will attempt to put this to test in a production system in good time
> before 7.1 so any issues can be resolved before release.
>
> Any chance the patch will apply on 6.x?
>
> --
> Frode Nordahl
>
sorry if this sounds like a party-poopper but:
1- why not just fix getgrouplist instead of inventing getgroupmembership?
(the patch replaces the code of getgrouplist by a call to
getgroupmembership anyways)
2- why not just make a new table, with key uid/username and with data the list
of groups?
this is what we have here, the list is autogenerated each time the main
password file
and/or group are modified. this reduces network noice and cycles
conciderably.
danny
More information about the freebsd-current
mailing list