-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
--mirror does not work with non-local users & groups #62
Comments
Thanks for reporting, I'll try to look into this in a week or two. |
Alright, could you see if #63 works for you? |
Thanks. Now It still doesn't work if I try to specify one of the users' additional groups (although they're shown by |
(It seems I didn't need to use |
Ok, good to hear. I'll need to take another look at my code. Without the new flag, it should still read through the entire user database at startup, and additional groups should of course work. |
Well, that's only the local accounts – as I mentioned, the system itself does not expose LDAP/AD users to enumeration by default, and neither does it expose the member list when calling getgrnam/getgruid... As far as I know, the only way to reliably retrieve those additional groups for a user is |
Whoops, you're right.
That explains why the supplementary groups don't work. Did you mean |
Or if you'd like to try it sooner, see |
Ah yes, I completely forgot about |
I am trying to use the
--mirror
option with LDAP (Active Directory) users and groups. However, this doesn't work at all with the way bindfs currently builds its gid cache:getpwent()
.getgrent()
enumeration, and their member list cannot be obtained usinggetgr{nam,uid}()
.To cope with such environments, bindfs needs to query user information on demand via
getpwuid()
andinitgroups()
. (Or even better: if FUSE allows it, it should just use the current credentials of the process accessing it...)The text was updated successfully, but these errors were encountered: