On 05/14/2011 01:29 AM, Jan Zeleny wrote: > Hi, > I'm sending the first version of the patch solving issues with nested groups > without GID. The patch is definitely not final, let's say it's the first > draft > of final patch. It depends on Jakub's recent series of rfc2307bis patches and > it won't be final until they are pushed. > > At this moment I'd like to hear your opinion on the concept of the patch. > > Thanks in advance > Jan >
Instead of modifying the global search filter to not include GID and using the generic sdap_nested_group_lookup_group(), why not create a separate function with a special non-posix search filter as a fallback if neither user nor posix-group filters match? I haven't done a full review but two other comments - I think that a sysdb_attrs_get_bool function would be handy instead of handling the TRUE/FALSE strings ourselves. The SYSDB_POSIX attribute should be named differently to indicate it is a bool, "isPosix" perhaps. "posixGroup" is commonly used as objectlass.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
