From owner-freebsd-current@FreeBSD.ORG Mon Aug 25 19:25:27 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 00D9B16A4C0 for ; Mon, 25 Aug 2003 19:25:27 -0700 (PDT) Received: from smtp.intrex.net (smtp.intrex.net [209.42.192.250]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2309A43FBF for ; Mon, 25 Aug 2003 19:25:26 -0700 (PDT) (envelope-from vangyzen@stat.duke.edu) Received: from vangyzen.client.intrex.net [209.42.213.136] by smtp.intrex.net with ESMTP (SMTPD32-7.13) id A51E366D017E; Mon, 25 Aug 2003 22:25:34 -0400 From: Eric van Gyzen To: freebsd-current@freebsd.org Date: Mon, 25 Aug 2003 22:25:24 -0400 User-Agent: KMail/1.5.2 Organization: Duke University, ISDS MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200308252225.24017.vangyzen@stat.duke.edu> X-Declude-Sender: vangyzen@stat.duke.edu [209.42.213.136] Subject: Hesiod grplist Implementation X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Aug 2003 02:25:27 -0000 I plan to implement support for the "grplist" Hesiod Type, and would like some advice and/or sanity checks. It seems that the best way is to modify getgrouplist() and make it little more than a call to nsdispatch(), similar to getgrent_r(). I would write backend methods such as files_grplist, dns_grplist, etc. to be called from nsdispatch. My *_grplist methods would need to iterate over their respective databases, essentially calling getgrent but without going through nsswitch. The obvious way to do this without duplicating a lot of code is to call the corresponding methods from getgrent.c, such as files_group. The problem is, they are static methods, and not visible from getgrouplist.c. Could they be [renamed and] exported? Could getgrouplist() be moved into getgrent.c? How else could this problem be solved? Should the group-%d "compatibility" be retained as a fallback in the absence of a grplist RR for the given user? Are there any sites out there using Hesiod /without/ grplist RRs? There is no real need to remove it, but... Using all configured services to find group memberships seems most logical. Otherwise, where would I stop? Stopping on a "first match" doesn't make sense. Opinions? Thanks in advance, Eric -- Eric van Gyzen Sr. Systems Programmer http://www.stat.duke.edu/~vangyzen/ ISDS, Duke University