gss_pname_to_uid: is that the right interface

Nico Williams nico at
Tue Sep 20 17:11:26 EDT 2011

I think this one's really just for compatibility with Solaris.  I
agree that putting UIDs in any of these APIs is a bad idea, but I'm
not sure that the SSSD problem wouldn't exist for your proposed
variant.  If the problem for SSSD is one of timing, why couldn't that
problem exist for *any* GSS version of krb5_aname_to_lname()?

Any timing issues w.r.t. SSSD should be documented by RedHat and/or
the mechanism implementor/vendor.


More information about the krbdev mailing list