[OpenAFS-devel] nss_afspag

[Jeffrey Hutzelman]

On Thursday, October 25, 2007 04:56:12 PM -0400 Anders Kaseorg 
<andersk@MIT.EDU> wrote:

> On Thu, 2007-10-25 at 16:33 -0400, Jeffrey Hutzelman wrote:
>> This approach will not work as well on older platforms where the PAG
>> is represented in a pair of groups, and the primary way of knowing
>> they are intended to represent a PAG is that they're in the first two
>> slots of the group list (an approach that doesn't work on newer Linux
>> kernels which insist that the supplementary group list be sorted by
>> GID).
>
> Actually, we designed the module to work in both cases.  To avoid
> filling more of the GID space than necessary, it looks at the current
> group list to detect which groups are part of the PAG representation.
> (For this reason, it's not likely to work with nscd.)
>
> anders@numenor:~$ groups
> users afspag-34552 afspag-45430 audio video fuse
> anders@numenor:~$ getent group 34551 afspag-34551 34552 afspag-34552
> afspag-34552:x:34552:
> afspag-34552:x:34552:

Oh, I hadn't thought of that.  I'm trying now to decide where this lies on 
the spectrum between "kludge" and "elegant hack".  A bit toward the latter, 
I think.

-- Jeff