From owner-freebsd-current@FreeBSD.ORG Sun May 28 17:32:49 2006 Return-Path: <owner-freebsd-current@FreeBSD.ORG> X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B748716ACE1 for <freebsd-current@freebsd.org>; Sun, 28 May 2006 17:32:49 +0000 (UTC) (envelope-from matthijs@katherina.student.utwente.nl) Received: from katherina.student.utwente.nl (katherina.student.utwente.nl [130.89.168.160]) by mx1.FreeBSD.org (Postfix) with ESMTP id 58C6143D46 for <freebsd-current@freebsd.org>; Sun, 28 May 2006 17:32:49 +0000 (GMT) (envelope-from matthijs@katherina.student.utwente.nl) Received: from matthijs by katherina.student.utwente.nl with local (Exim 4.62) (envelope-from <matthijs@katherina.student.utwente.nl>) id 1FkP86-0005yI-OJ for freebsd-current@freebsd.org; Sun, 28 May 2006 19:32:42 +0200 Date: Sun, 28 May 2006 19:32:42 +0200 From: Matthijs Kooijman <m.kooijman@student.utwente.nl> To: freebsd-current@freebsd.org Message-ID: <20060528173242.GC16530@katherina.student.utwente.nl> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-PGP-Fingerprint: 7F6A 9F44 2820 18E2 18DE 24AA CF49 D0E6 8A2F AFBC X-PGP-Key: http://katherina.student.utwente.nl/~matthijs/gpg_pubkey.asc User-Agent: Mutt/1.5.11+cvs20060403 X-Mailman-Approved-At: Mon, 29 May 2006 20:24:10 +0000 Subject: Re: FreeBSD nss, getgroupmembership(3) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current <freebsd-current.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current> List-Post: <mailto:freebsd-current@freebsd.org> List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>, <mailto:freebsd-current-request@freebsd.org?subject=subscribe> X-List-Received-Date: Sun, 28 May 2006 17:32:54 -0000 (Sorry for the lack of an In-Reply-To header, I couldn't find the message ID anywhere). Hey, I've been playing around with this issue myself as well. I want to support nested groups through winbind, which is supported through winbind_getgrouplist, but not through getgrent... > I have been playing around with nss and libc this weekend to find > ways to make nss_ldap work more efficiently by coupling getgrouplist > (3) with _nss_ldap_initgroups_dyn. init_groups_dyn seems to be the function used by linux. It has pretty much the same interface as getgroupmembership from NetBSD, with just a difference in memory allocation. > By coincidence I found that NetBSD has created the infrastructure > needed to make this a reallity allready! In NetBSD getgrouplist(3) is > now a front-end for getgroupmembership(3). I just found this one too. I'm not sure how widespread the implementation of getgroupmembership is, though. I know nss_winbind does not implement it, but does implement initgroups_dyn. From your post I think nss_ldap does this also. > Is there any chance for FreeBSD to get an updated import of NSS from > NetBSD anytime soon? :-) Due to the (possibly) limited support of getgroupmembership in nss backends, it might be better to use initgroups_dyn instead? Anyway, I've spent some words on this issue on my blog [1], if anyones interested. I'm planning on trying to make this work on FreeBSD sometime soon. But, since I only have FreeBSD 6.0 machines to play around with (possibly 6.1 soon), I will probably code up a patch for 6.0. Have there been big changes to nss since then that might make this a useless idea? Gr. Matthijs [1]: http://katherina.student.utwente.nl/~matthijs/cgi-bin/blosxom/software/samba/WinbindNested.html