[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

NIS storm solutions?

I think the NIS problems with /etc/group could be solved in the following

1. Implement a cache for the initgroups library call that is so frequently
used to find all groups a user belongs to. This will also improve
general performance without NIS since the search of the complete
/etc/groups file does not have to be repeated again and again.

2. Create a new NIS map group.byuid that provides a list of groups for a
given uid. That list can be generated during the generation of the NIS

3. Modify the library subroutine to consult that new map instead of
rereading the complete group.byname map.

The cache should be fairly simple to implement, but the consultation of
that new map might be quite complex for situations in which /etc/group
includes only a subset of the NIS /etc/group contents.

INITGROUPS(3)       Linux Programmer's Manual       INITGROUPS(3)

       initgroups  -  initialize  the  supplementary group access

       #include <grp..h>
       #include <sys/types.h>

       int initgroups(const char *user, gid_t group);

       The initgroups() function  initializes  the  group  access
       list  by  reading  the group database /etc/group and using
       all groups of which user  is  a  member.   The  additional
       group group is also added to the list.


{}    Snail Mail:   FTS Box 466, 135 N.Oakland Ave, Pasadena, CA 91182        {}
{}    FISH Internet System Administrator at Fuller Theological Seminary       {}
PGP Public Key  =  FB 9B 31 21 04 1E 3A 33  C7 62 2F C0 CD 81 CA B5 

Reply to: