From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 16766 invoked by alias); 21 Feb 2014 21:10:24 -0000 Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm Precedence: bulk Sender: cygwin-apps-owner@cygwin.com List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Mail-Followup-To: cygwin-apps@cygwin.com Received: (qmail 16754 invoked by uid 89); 21 Feb 2014 21:10:24 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 X-HELO: calimero.vinschen.de Received: from aquarius.hirmke.de (HELO calimero.vinschen.de) (217.91.18.234) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 21 Feb 2014 21:10:23 +0000 Received: by calimero.vinschen.de (Postfix, from userid 500) id 8A08452041B; Fri, 21 Feb 2014 22:10:20 +0100 (CET) Date: Fri, 21 Feb 2014 21:10:00 -0000 From: Corinna Vinschen To: cygwin-apps@cygwin.com Subject: Re: HEADSUP: New getent tool to read passwd and group data Message-ID: <20140221211020.GF2246@calimero.vinschen.de> Reply-To: cygwin-apps@cygwin.com Mail-Followup-To: cygwin-apps@cygwin.com References: <20140220193814.GU2246@calimero.vinschen.de> <025d01cf2f2d$014b0040$03e100c0$@ieee.org> <20140221202745.GE2246@calimero.vinschen.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="kHzaMwHKMzpKYIjS" Content-Disposition: inline In-Reply-To: <20140221202745.GE2246@calimero.vinschen.de> User-Agent: Mutt/1.5.21 (2010-09-15) X-SW-Source: 2014-02/txt/msg00045.txt.bz2 --kHzaMwHKMzpKYIjS Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 3158 On Feb 21 21:27, Corinna Vinschen wrote: > For some reason the original mail didn't make it to the list. >=20 > I assume this is because the mail body contains raw email addresses. > Can you please filter them out before sending? Thanks! >=20 > On Feb 21 12:47, Pierre A. Humblet wrote: > > > -----Original Message----- > > > From: cygwin-apps-owner[...] > > > On Behalf Of Corinna Vinschen > > > Sent: Thursday, February 20, 2014 14:38 > > > To: cygwin-apps[...] > > >=20 > > > Hi guys, > > >=20 > > >=20 > > > I just uploaded the new getent package and sent the announcement, > > >=20 > > > I'm repeating myself here because this is really important and I'm no= t sure > > > everybody on this list reads the cygwin and cygwin-announce lists. > > >=20 > > > In short, we want to get rid of the requirement to maintain /etc/pass= wd and > > > /etc/group files, per http://cygwin.com/ml/cygwin/2014-02/msg00306.ht= ml > > >=20 > > > In future, tools and scripts, especially service installation helper = scripts like > > > my ssh-host-config, must not rely on being able to grep user and group > > > information from /etc/passwd and /etc/group. > > >=20 > > > Rather, the scripts should be changed to use the getent tool as soon = as > > > possible. Usage for checking passwd: > > >=20 > > > $ getent passwd > > >=20 > > > I'd like to ask all maintainers providing such scripts, including mys= elf, to look > > > into their packages and fix them to use the getent tool. > > >=20 > >=20 > > Corinna, > >=20 > > For packages such as exim we need to find the uid of System and of Admi= nistrator, which the user can set any which way in passwd. > > So we lookup the SID (not the username) to get the uid (or gid). >=20 > The SID of the administrator or the SID of the administrors group? > The SID of the local administrator makes only marginal sense to me. > What do you need it for? >=20 > > Is there an equivalent mechanism using getent ? > > Else, could Cygwin disregard the passwd entries for these 2 users and u= se only the fixed values determined by the mapping from Windows?=20 >=20 > You should not have to expect a name change for the SYSTEM and the > Administrators account. It should be entirely sufficient to check for > the user Administrator and the user SYSTEM or +SYSTEM. If you really > want to check by SID, feel free to enumerate all accounts by just > omitting the username and scan for the SID you're looking for: >=20 > $ getent passwd | grep ',S-1-5-32-544:' >=20 > $ getent group | grep ':S-1-5-18:' Btw., the uids and gids are fixed values in the new model and they are probably never changed by most users of /etc/passwd and /etc/group either. I think it's perfectly sensible to check for uid 18 when looking for system, for instance: $ getent passwd 18 +SYSTEM:*:18:18:U-NT AUTHORITY\SYSTEM,S-1-5-18:/home/SYSTEM:/bin/bash $ getent passwd 544 +Administrators:*:544:513:U-BUILTIN\Administrators,S-1-5-32-544:/home/Adm= inistrators:/bin/bash Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --kHzaMwHKMzpKYIjS Content-Type: application/pgp-signature Content-length: 819 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJTB8C8AAoJEPU2Bp2uRE+gDCcQAITxYd/LyqUKiebC1GK8nvzf A5gV2YDV9iN50q2OgjnsCQLav+teaeUIyfz2aH1nJ+80fw4rKO2ulsqlmpTvyuLu Q+D7VWfAr/ojJBrnqJOcYYh2mPmewrNI2SZub4CgB0pde8kiY55ffe42/t2GmWcA hAiEdn6V2a3vCJsCHuuuICP6vyZ09oMU4yZ+gAcO0yuk1t5xe2FkKLQLkC6kYLK3 wjYO0JhaBMTb4ek0gyVo2shC0ktN6MITWYH0o9STAaM5QCm0bv8/8ydZhBAoIjdJ XlrPPTH/sLW+5oEGE1Rv2TUPav3k4MZleilEp1ruuhqe5aEiWrY8bYLz+Qou0Aup tw1iPCGb1GqurvGUWTxOrpEIOQ6PdIzGTpO7ORdHftFJXnO2ufHJ49LWfeVnep2T 8ztjz9OP1F1xR7TG4EdXSII6l4tWKZhPY+M6M5Jq6txsR4VmcI49Y+YRNVWo1+UL XkaMSSa9DYLZxZjMBH6W+lec7WidBHX2QVhXf5cetryh/HqEB6pKGXrJIRC1PC2h 486zC0iA2BXzdmw9VSnztiI0LmRaI4qzmDJlhDDEk/6DgvwNP1EEA/ttkXf045wF r4H9boVeBdRUrWAl6Tv1Ta0Id3Ct8n2CvTj/DEZqvuNIjZjx6RUnxS82J3DiQla/ PlZNZuBQkG5xOTDEWF9z =RJb9 -----END PGP SIGNATURE----- --kHzaMwHKMzpKYIjS--