No comments yet on this case. Ping?
Jordan Brown wrote: > Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI > This information is Copyright 2010 Sun Microsystems > 1. Introduction > 1.1. Project/Component Working Name: > idmap flush > 1.2. Name of Document Author/Supplier: > Author: Jordan Brown > 1.3 Date of This Document: > 10 February, 2010 > 4. Technical Description > > idmap flush [-a] > > SUMMARY > > Add an idmap subcommand to flush idmap's mapping cache. > > BACKGROUND > > idmap and its companion daemon idmapd are used to map Windows > identities to and from UNIX identities, for use in providing > Windows file sharing client and server services. > > For performance and to retain "ephemeral" UNIX IDs assigned to > Windows identities with no matching UNIX identities, idmap > maintains a cache of Windows<->UNIX identity mappings. > > There is also an in-kernel mappings cache. > > PROBLEM > > When you change the idmap configuration - changing options > that affect its processing, changing the rules, changing directory > data that affect processing - the cache is not flushed. > As a result, it can take up to (typically) ten minutes for a > change to take effect. > > 6650858 cache flush sub-command could be useful > 6807651 rule changes do not flush cache > > PROPOSAL > > Add a new idmap subcommand > > idmap flush [-a] > > Without -a, this new subcommand will expire any existing cache > entries. This will cause them to be reevaluated the next time > they are referenced, but if the result is the same then the > same ephemeral ID will be assigned. > > With -a, the cache will be wiped clean. This allows for > "from scratch" operation, but is potentially disruptive to > file operations that are in process at the time the cache is > wiped, because any existing ephemeral ID mapping is lost and > new ephemeral IDs will be assigned.. > > Automatically invoke the equivalent of "idmap flush" whenever > an idmap rule is added or removed. > > DETAILS > > Add the subcommand. > > Add a project private libidmap entry point. > > Add a project private doors-RPC protocol request to implement flush. > > Add a project private option to the sidsys system call to flush > the kernel cache. Failure of this system call (if, for instance, > the updated kernel module has not yet been loaded) is ignored. > > ISSUES > > idmap flush -a is potentially disruptive to active file operations > and SMB sessions. > > DELIVERY VEHICLE > > Solaris > > RELEASE > > Patch > > COMMITMENT LEVEL > > Uncommitted (like the rest of the idmap command) > > REFERENCE DOCUMENTS > > PSARC/2007/064 Unified POSIX and Windows Credentials for Solaris > PSARC/2006/315 Winchester: Schema Mapping and ID Mapping for AD > Interoperability > > 6. Resources and Schedule > 6.4. Steering Committee requested information > 6.4.1. Consolidation C-team Name: > ON > 6.5. ARC review type: FastTrack > 6.6. ARC Exposure: open >
