From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 13424 invoked by alias); 29 Jul 2008 09:45:49 -0000 Received: (qmail 13409 invoked by uid 22791); 29 Jul 2008 09:45:48 -0000 X-Spam-Check-By: sourceware.org Received: from aquarius.hirmke.de (HELO calimero.vinschen.de) (217.91.18.234) by sourceware.org (qpsmtpd/0.31.1) with ESMTP; Tue, 29 Jul 2008 09:45:30 +0000 Received: by calimero.vinschen.de (Postfix, from userid 500) id 48FC76D4354; Tue, 29 Jul 2008 11:46:44 +0200 (CEST) Date: Tue, 29 Jul 2008 09:45:00 -0000 From: Corinna Vinschen To: cygwin-apps@cygwin.com Subject: Re: base-[files|password] for 1.7 Message-ID: <20080729094644.GR29031@calimero.vinschen.de> Reply-To: cygwin-apps@cygwin.com Mail-Followup-To: cygwin-apps@cygwin.com References: <20080717155516.GC5675@calimero.vinschen.de> <20080719141841.GN5675@calimero.vinschen.de> <20080722174237.GA25430@calimero.vinschen.de> <5f21cb61c3a7cb7ad2d02df11907792e.squirrel@mail.morrison.mine.nu> <20080728152750.GN29031@calimero.vinschen.de> <004401c8f0e3$8cad7700$880410ac@wirelessworld.airvananet.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <004401c8f0e3$8cad7700$880410ac@wirelessworld.airvananet.com> User-Agent: Mutt/1.5.16 (2007-06-09) Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm Precedence: bulk Sender: cygwin-apps-owner@cygwin.com List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Mail-Followup-To: cygwin-apps@cygwin.com X-SW-Source: 2008-07/txt/msg00159.txt.bz2 On Jul 28 14:55, Pierre A. Humblet wrote: > Looks like without argument the new mk{passwd/group} will dump the entire > passwd/group from the domain server. Some companies have tens of thousands > of names and that's why they weren't called with -l -d by default but with -l -c > > The -c switch would only create an entry for the current user or the current primary group > WITHOUT contacting the domain server. mkpasswd could do a good job for passwd > using only local info but mkgroup could not find the group name, so it was > calling it "mkgroup-l-d" . I thought it's a good idea to have the domain by default. It's a bit strange that a machine is running in a domain but as soon as another user logs in, the passwd and possibly group information for this user is missing. Even if we drop back to using mkpasswd -l -c, I don't think it makes sense to run mkgroup in a domain environment without fetching all domain groups. > The new mkgroup also has a -c option, which gets the current primary > group name. That's great, but does it contact the server? If so, how No. The -c options only open the user token and fetch the name information from a call to LookupAccountName(NULL, ...). Since the user information for the current user is cached on the local machine, there's no server access. > does it behave when a domain user installs cygwin while not connected > to the domain server? That case generated complaints in the past. Not for -c, but in the default case it will take some time until it times out and won't print the domain groups. Since that's only an actual issue at installation time, where's the problem? > I also noticed that the new mkpasswd -c does not put a guess about the full user name > in the comment field > old -c: > p-humblet:unused_by_nt/2000/xp:11068:11031:p-humblet,U-W... > new -c > p-humblet:unused:11068:11031: U-W... <== no p-humblet > {old,new} -d > p-humblet:unused:11068:11031:Pierre Humblet,U-W... Why do you need that? I was contemplating the idea to drop this entirely. I even contemplated the idea to remove the U-domain\user entry from pw_gecos, plus the extra functionality in the extract_nt_dom_user function in sec_auth.cc. I rearranged it to use the SID from the passwd entry and to call LookupAccountSid first. In theory there's no good reason to use that U-domain\user entry at all. Extracting this information from the SID only makes much more sense, IMHO. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat