[Freeipa-devel] Initial patch for next id calls
Simo Sorce
ssorce at redhat.com
Thu Mar 5 15:01:40 UTC 2009
On Thu, 2009-03-05 at 00:12 -0500, Simo Sorce wrote:
>
> This patch should work but is currently untested, I am going to grab
> Jakubs initial implementation of sysdb_store_user() tomorrow and make
> it
> use sysdb_get_next_available_id() to get new ids.
>
> I just wanted to share it here so that people know what is the
> direction
> I think we should take.
> Especially with the next id thing. On IRC yesterday we discussed to
> just
> scan the DB and always pick the highest free ID, but when I started to
> implement the function 2 things came up:
> 1. searching the whole db could be expensive
> 2. if you delete the last added user you will reuse its ID for the
> next
> new user, which may lead to access to files you should not have access
> to.
>
> So given these 2 considerations I actually decided to store an
> attribute
> called nextID on the domain object. And use that as the source of IDs,
> incrementing it each time a new ID is requested (of course the code
> also
> checks for duplicates in case admins set arbitrary IDs in the DB).
Steve acked on IRC as he's having trouble with the mailing list.
Pushed.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-devel
mailing list