[OpenAFS] Re: unix owner/group of files in AFS

Jeffrey Hutzelman jhutz@cmu.edu
Wed, 28 Mar 2007 16:54:51 -0400

On Tuesday, March 20, 2007 08:58:41 PM +0100 FB <fbo2@gmx.net> wrote:

> No. The nss-plugin actually returns this:
> ('frank','x',1000,65534,'frank','/afs/alpha/user/frank','/bin/bash')
> Nobody here uses a shell different from Bash which is why i didn't really
> cared about make the login shell non-static.
>> How hard would it be to fake shell info as well, say by creating
>> shell.zsh, shell.bash, etc PTS groups and putting a pts user in one?
> Shouldn't be complicated. But maybe it's a better idea to evaluate a file
> or a symlink in the user's home-volume.

Something like this intended for heavy use should

(1) cache results
(2) not touch users' home directories

Bear in mind that when you do something like 'ls', your NSS module will be 
called to do an id-to-name lookup for _every file_.  That can get real slow 
if you don't cacne results or have to go out and look at a user's home 
directory, open files, etc for every lookup.  It makes nss_ldap pretty much 
unbearable without nscd.  Bear in mind that you cannot tell the difference 
between something like ls that just wants a name, and something that needs 
some other field or the whole entry.

-- Jeffrey T. Hutzelman (N3NHS) <jhutz+@cmu.edu>
   Sr. Research Systems Programmer
   School of Computer Science - Research Computing Facility
   Carnegie Mellon University - Pittsburgh, PA