samba - Apr 2007 - Idmap back compatible issue

I ran into a problem on idmap backend.

In previous Samba releases, there are two kinds of scenarios on idmap
backend.
1) No explicit idmap backend option presented in smb.conf. But imply
using default tdb idmap backend
	idmap uid = low - high
	idmap gid = low - high
2) idmap backend option exists in smb.conf
	idmap uid = low - high
	idmap gid = low - high
	idmap backend = tdb [or ldap:ldap://ldapserver.com]

In 3.0.25pre2, 2) works to me. But 1) didn't. It looks the new idmap
only considers the second scenarios as back compatibility. It didn't
consider the first to be back compatible. Therefore, when using implied
idmap backend(without idmap backend option in smb.conf), winbind won't
work. When dom_list is empty after dom_list = lp_idmap_backend(), the
variable compat didn't assign to 1.

I believe that many users take the default setting without specific
idmap backend option, if there is no particular idmap requirement. I'd
like to recommend considering the first situation as back compatible
issue. At lease let it takes the default tdb backend when no idmap
domains presented,  no idmap backend in smb.conf.

Here is a patch for this. Could somebody look at it?

# diff -U 3 idmap.c idmap.c_my
--- idmap.c     2007-04-12 11:52:07.000000000 -0700
+++ idmap.c_my  2007-04-12 11:51:49.000000000 -0700
@@ -321,6 +321,14 @@
                        *p = '\0';
                        compat_params = p + 1;
                }
+       } else {
+               /* Back compatible: without idmap domains and explicit
idmap backend
+                * Taking default idmap backend: tdb
+                */
+               DEBUG(3, ("idmap_init: No idmap domains, No idmap
backend dom_list=%s\n", *dom_list));
+               compat = 1;
+               compat_backend = talloc_strdup( idmap_ctx, "tdb");
+               compat_params = compat_backend;
        }

        if ( ! dom_list) {

Thanks.
-Ying

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Li, Ying (ESG) wrote:
> I believe that many users take the default setting without specific
> idmap backend option, if there is no particular idmap requirement. I'd
> like to recommend considering the first situation as back compatible
> issue. At lease let it takes the default tdb backend when no idmap
> domains presented,  no idmap backend in smb.conf.
> 
> Here is a patch for this. Could somebody look at it?
Looks right to me.  I'll add this for 3.0.25rc2.



jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGKzGSIR7qMdg1EfYRArbpAKDc1Adhv3oMYv83xm4nNNQ49oqHegCeI4Id
UxqzrqxSeU8EOnM3G/y8R04=/bzx
-----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Ying,
> Here is a patch for this. Could somebody look at it?
btw...please send patches as attachments next time.  Thanks.

> 
> # diff -U 3 idmap.c idmap.c_my
> --- idmap.c     2007-04-12 11:52:07.000000000 -0700
> +++ idmap.c_my  2007-04-12 11:51:49.000000000 -0700
> @@ -321,6 +321,14 @@
>                         *p = '\0';
>                         compat_params = p + 1;
>                 }
> +       } else {
> +               /* Back compatible: without idmap domains and explicit
> idmap backend
> +                * Taking default idmap backend: tdb
> +                */
> +               DEBUG(3, ("idmap_init: No idmap domains, No idmap
> backend dom_list=%s\n", *dom_list));
> +               compat = 1;
> +               compat_backend = talloc_strdup( idmap_ctx,
"tdb");
> +               compat_params = compat_backend;
>         }
> 
>         if ( ! dom_list) {
> 
> Thanks.
> -Ying



cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGKzH5IR7qMdg1EfYRAiLkAJ9BQCgqtxZ32hLvucEjloRmgKgkwACg228F
SSjghFgT+nPlfdbh0kIktLY=R3im
-----END PGP SIGNATURE-----

Sorry, I missed a checking condition for dom_list. Attached is a new
version of the patch.

Thanks.
-Ying