Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd
diff options
context:
space:
mode:
authorArthur de Jong <arthur@arthurdejong.org>2015-04-17 20:45:51 +0200
committerArthur de Jong <arthur@arthurdejong.org>2015-04-20 21:04:12 +0200
commit96045d249eda023a0bc7b810553a5b529d2c991a (patch)
treee754b97070e2e33f36329067ebc1dc9d098ffa7b /nslcd
parent530cc24c83dd5d2d347acb40d64c3ae06a43a293 (diff)
Implement nss_getgrent_skipmembers
This option allows skipping group member list retrieval to improve performance with very large groups. This option results in inconsistent group membership information being presented that may confuse some applications.
Diffstat (limited to 'nslcd')
-rw-r--r--nslcd/cfg.c9
-rw-r--r--nslcd/cfg.h3
-rw-r--r--nslcd/group.c9
3 files changed, 16 insertions, 5 deletions
diff --git a/nslcd/cfg.c b/nslcd/cfg.c
index cec1b0c..d42fb71 100644
--- a/nslcd/cfg.c
+++ b/nslcd/cfg.c
@@ -5,7 +5,7 @@
Copyright (C) 1997-2005 Luke Howard
Copyright (C) 2007 West Consulting
- Copyright (C) 2007-2014 Arthur de Jong
+ Copyright (C) 2007-2015 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -1191,6 +1191,7 @@ static void cfg_defaults(struct ldap_config *cfg)
cfg->nss_initgroups_ignoreusers = NULL;
cfg->nss_min_uid = 0;
cfg->nss_nested_groups = 0;
+ cfg->nss_getgrent_skipmembers = 0;
cfg->validnames_str = NULL;
handle_validnames(__FILE__, __LINE__, "",
"/^[a-z0-9._@$()]([a-z0-9._@$() \\~-]*[a-z0-9._@$()~-])?$/i",
@@ -1517,6 +1518,11 @@ static void cfg_read(const char *filename, struct ldap_config *cfg)
cfg->nss_nested_groups = get_boolean(filename, lnr, keyword, &line);
get_eol(filename, lnr, keyword, &line);
}
+ else if (strcasecmp(keyword, "nss_getgrent_skipmembers") == 0)
+ {
+ cfg->nss_getgrent_skipmembers = get_boolean(filename, lnr, keyword, &line);
+ get_eol(filename, lnr, keyword, &line);
+ }
else if (strcasecmp(keyword, "validnames") == 0)
{
handle_validnames(filename, lnr, keyword, line, cfg);
@@ -1785,6 +1791,7 @@ static void cfg_dump(void)
}
log_log(LOG_DEBUG, "CFG: nss_min_uid %lu", (unsigned long int)nslcd_cfg->nss_min_uid);
log_log(LOG_DEBUG, "CFG: nss_nested_groups %s", print_boolean(nslcd_cfg->nss_nested_groups));
+ log_log(LOG_DEBUG, "CFG: nss_getgrent_skipmembers %s", print_boolean(nslcd_cfg->nss_getgrent_skipmembers));
log_log(LOG_DEBUG, "CFG: validnames %s", nslcd_cfg->validnames_str);
log_log(LOG_DEBUG, "CFG: ignorecase %s", print_boolean(nslcd_cfg->ignorecase));
for (i = 0; i < NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES; i++)
diff --git a/nslcd/cfg.h b/nslcd/cfg.h
index 2fade8b..6eef944 100644
--- a/nslcd/cfg.h
+++ b/nslcd/cfg.h
@@ -5,7 +5,7 @@
Copyright (C) 1997-2005 Luke Howard
Copyright (C) 2007 West Consulting
- Copyright (C) 2007, 2008, 2009, 2010, 2011, 2012, 2013 Arthur de Jong
+ Copyright (C) 2007-2015 Arthur de Jong
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
@@ -122,6 +122,7 @@ struct ldap_config {
SET *nss_initgroups_ignoreusers; /* the users for which no initgroups() searches should be done */
uid_t nss_min_uid; /* minimum uid for users retrieved from LDAP */
int nss_nested_groups; /* whether to expand nested groups */
+ int nss_getgrent_skipmembers; /* whether to skip member lookups */
regex_t validnames; /* the regular expression to determine valid names */
char *validnames_str; /* string version of validnames regexp */
int ignorecase; /* whether or not case should be ignored in lookups */
diff --git a/nslcd/group.c b/nslcd/group.c
index 95349ad..eab4bec 100644
--- a/nslcd/group.c
+++ b/nslcd/group.c
@@ -5,7 +5,7 @@
Copyright (C) 1997-2006 Luke Howard
Copyright (C) 2006 West Consulting
- Copyright (C) 2006-2014 Arthur de Jong
+ Copyright (C) 2006-2015 Arthur de Jong
Copyright (C) 2013 Steve Hill
This library is free software; you can redistribute it and/or
@@ -199,9 +199,12 @@ void group_init(void)
set = set_new();
attmap_add_attributes(set, attmap_group_cn);
attmap_add_attributes(set, attmap_group_userPassword);
- attmap_add_attributes(set, attmap_group_memberUid);
attmap_add_attributes(set, attmap_group_gidNumber);
- attmap_add_attributes(set, attmap_group_member);
+ if (!nslcd_cfg->nss_getgrent_skipmembers)
+ {
+ attmap_add_attributes(set, attmap_group_memberUid);
+ attmap_add_attributes(set, attmap_group_member);
+ }
group_attrs = set_tolist(set);
if (group_attrs == NULL)
{