[OpenAFS-devel] nss_afspag
Anders Kaseorg
andersk@MIT.EDU
Thu, 25 Oct 2007 16:56:12 -0400
On Thu, 2007-10-25 at 16:33 -0400, Jeffrey Hutzelman wrote:
> This approach will not work as well on older platforms where the PAG
> is represented in a pair of groups, and the primary way of knowing
> they are intended to represent a PAG is that they're in the first two
> slots of the group list (an approach that doesn't work on newer Linux
> kernels which insist that the supplementary group list be sorted by
> GID).
Actually, we designed the module to work in both cases. To avoid
filling more of the GID space than necessary, it looks at the current
group list to detect which groups are part of the PAG representation.
(For this reason, it's not likely to work with nscd.)
anders@numenor:~$ groups
users afspag-34552 afspag-45430 audio video fuse
anders@numenor:~$ getent group 34551 afspag-34551 34552 afspag-34552
afspag-34552:x:34552:
afspag-34552:x:34552:
Anders