verifyString(h.Uname, len(ustar.userName()), "Uname", paxUname)
	verifyString(h.Gname, len(ustar.groupName()), "Gname", paxGname)
	verifyNumeric(h.Mode, len(v7.mode()), "Mode", paxNone)
	verifyNumeric(int64(h.Uid), len(v7.uid()), "Uid", paxUid)
	verifyNumeric(int64(h.Gid), len(v7.gid()), "Gid", paxGid)
	verifyNumeric(h.Size, len(v7.size()), "Size", paxSize)
	verifyNumeric(h.Devmajor, len(ustar.devMajor()), "Devmajor", paxNone)

			t.Errorf("i=%d: Name: got %v, want %v", i, got, want)
		}
		if got, want := h2.Size, v.h.Size; got != want {
			t.Errorf("i=%d: Size: got %v, want %v", i, got, want)
		}
		if got, want := h2.Uid, v.h.Uid; got != want {
			t.Errorf("i=%d: Uid: got %d, want %d", i, got, want)
		}
		if got, want := h2.Gid, v.h.Gid; got != want {
			t.Errorf("i=%d: Gid: got %d, want %d", i, got, want)
		}

## Verifying Artifacts

We sign our artifacts using this [key][signing_key]:

```
pub rsa4096/dbd744ace7ade6aa50dd591f66b50994442d2d40 2021-07-09T14:50:19Z
	 Hash=a79b48fd6a1f31699c788b50c97d0b98

uid Square Clippy <******@****.***>
sig  sig  66b50994442d2d40 2021-07-09T14:50:19Z 2041-07-04T14:50:19Z ____________________ [selfsig]
```

The best way to verify artifacts is [automatically with Gradle][gradle_verification].

            ",flags2=0x"    + Hexdump.toHexString( flags2, 4 ) +
            ",signSeq="     + signSeq +
            ",tid="         + tid +
            ",pid="         + pid +
            ",uid="         + uid +
            ",mid="         + mid +
            ",wordCount="   + wordCount +
            ",byteCount="   + byteCount );
    }

						},
						ldapUserPolicyMappings: map[string][]string{
							"uid=dillon,ou=people,ou=swengg,dc=min,dc=io": {"mypolicy"},
							"uid=liza,ou=people,ou=swengg,dc=min,dc=io":   {"consoleAdmin"},
						},
						ldapGroupPolicyMappings: map[string][]string{
							"cn=projectb,ou=groups,ou=swengg,dc=min,dc=io": {"mypolicy"},

```sh
mc idp ldap policy attach myminio mypolicy --user='uid=james,cn=accounts,dc=myldapserver,dc=com'
```

```sh
mc idp ldap policy attach myminio mypolicy ----group='cn=projectx,ou=groups,ou=hwengg,dc=min,dc=io'
```

To remove a policy association, use the similar `detach` command:

```sh
mc idp ldap policy detach myminio mypolicy --user='uid=james,cn=accounts,dc=myldapserver,dc=com'
```

```sh

	if d := atomic.LoadInt64(&l.responseDelay); d != 0 {
		time.Sleep(time.Duration(d))
	}

	l.mutex.Lock()
	defer l.mutex.Unlock()
	if len(args.UID) != 0 {
		return false, fmt.Errorf("ForceUnlock called with non-empty UID: %s", args.UID)
	}
	delete(l.lockMap, args.Resources[0]) // Remove the lock (irrespective of write or read lock)
	reply = true
	return reply, nil

func (s *meshDataplane) addPodToHostNSIpset(pod *corev1.Pod, podIPs []netip.Addr) ([]netip.Addr, error) {
	// Add the pod UID as an ipset entry comment, so we can (more) easily find and delete
	// all relevant entries for a pod later.
	podUID := string(pod.ObjectMeta.UID)
	ipProto := uint8(unix.IPPROTO_TCP)

	var ipsetAddrErrs []error
	var addedIps []netip.Addr

	// For each pod IP

  && update-alternatives --set iptables /usr/sbin/iptables-legacy \
  && update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy

# Sudoers used to allow tcpdump and other debug utilities.
RUN useradd -m --uid 1337 istio-proxy && \

func (c *ConfigWriter) PrintServiceSummary(filter ServiceFilter) error {
	w := c.tabwriter()
	zDump := c.ztunnelDump

	workloadsByUID := slices.GroupUnique(zDump.Workloads, func(t *ZtunnelWorkload) string {
		return t.UID
	})
	svcs := slices.Filter(zDump.Services, filter.Verify)
	slices.SortFunc(svcs, func(a, b *ZtunnelService) int {
		if r := cmp.Compare(a.Namespace, b.Namespace); r != 0 {
			return r
		}