On Thu, 2011-05-19 at 13:53 +0200, Jan Zelený wrote: > > On 05/14/2011 01:29 AM, Jan Zeleny wrote: > > > Hi, > > > I'm sending the first version of the patch solving issues with nested > > > groups without GID. The patch is definitely not final, let's say it's > > > the first draft of final patch. It depends on Jakub's recent series of > > > rfc2307bis patches and it won't be final until they are pushed. > > > > > > At this moment I'd like to hear your opinion on the concept of the patch. > > > > > > Thanks in advance > > > Jan > > > > Instead of modifying the global search filter to not include GID and > > using the generic sdap_nested_group_lookup_group(), why not create a > > separate function with a special non-posix search filter as a fallback > > if neither user nor posix-group filters match? > > Frankly I don't like the idea of creating new functions with almost the same > code. The file has 5.5k lines as it is and I don't want to add more just to > separate couple lines of code.
I agree to this sentiment, that said I don't get why you change the filter at all based on whteher gid is 0 or not. The filter is an OR filter it will always match regardless you can post filter stuf just as easily checking whether the returned entry has the gidNumber attribute or not ? Or am I missing something ? Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
