[Pkg-shadow-devel] Newuidmap works with usernames instead of uids

Thu Sep 4 22:45:04 UTC 2014

Quoting Bostjan Skufca (bostjan at a2o.si):
> On 1 September 2014 22:55, Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
> > Thanks, looks good overall.  Note that you are not freeing
> > buf after you malloc it.
> /me slightly rusty in c ATM. But hey, on the bright side I managed to
> scr.w up 100% of newly used and mallocated variables, nice score!
> 
> Tnx, fixed.

Sorry, ISTR you hda sent a v2 of this patch to the list, but I don't see
it in my mbox.  If you did send it, could you please resend  (I'm sorry,
I'm a beast during my morning email purge)?  If not, should i look at your
github tree?

> 
> 
> >         sprintf(owner_uid_string, "%d", owner_pwd.pw_uid
> >
> > should that be a %u ?
> 
> Yes, fixed.
> 
> 
> > It is quite a shame as this will lengthen the failure case by
> > quite a bit, especially the 'two usernames with same uid'
> > concern.  But it seems necessary.
> 
> 
> Hm, it seems we have three options:
> 1. single loop, as it is now
> 2. dual loop, as proposed by the patch: first loop is fast, without
> getpwnam syscalls, comparing literal usernames; the second is slower.
> Failure case lenghtens, as you have said.
> 3. single loop, where we convert and compare everything with UIDs and
> ignore usernames completely.
> 
> 
> What to do, which way to choose?
> 
> If we think about how actual login (or ssh login) process works, there
> are actual usernames compared/matched and you can not use username
> "uid100_user1" and then type in password from user "uid100_user2".
> Therefore: usernames are compared literaly. It does not matter that
> the uid is the same for both usernames.
> 
> But, once you are in the system, there the username used is of little
> significance. All that matters is UID (same UID, file operation
> allowed; different UID, it depends on file permissions).
> 
> I would recommend it the way the patch does it: first literal
> comparison (so users are able to create preferences for different
> usernames). If that fails, get the first UID that matches and use
> that.
> 
> 
> We may benchmark what actually uses more time: looping itself or
> cumulated syscalls to getpwnam_r().
> 
> If it turns out that getpwnam is cheaper than looping itself, we might
> as well getpwnam all entries in the first loop and save the first UID
> entry that matches. If the rest of the loop does not find the exact
> username, we would not have to run the loop again, as we already have
> the entry of interest.

I think you're right that we should stick with what you have.

thanks,
-serge