[ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Corinna Vinschen]

Hi Cygwin friends and users,


I just released a 4th TEST version of the next upcoming Cygwin release,
1.7.33-0.4.

Changes compared to the former test version 1.7.33-0.3:

- Fix bug in -m processing introduced in setfacl command with the last
  test release.

- Make sure to use unprefixed, short installation path in $PATH when
  adding it to the environment.

- Fix -fuse-cxa-atexit handling where dlclose fails to trigger calling
  global dtors in dynamically loaded modules in C++ applications (and
  thus another potential SEGV).

- Set CYGWIN=dosfilewarning settting to OFF by default.


If you want to help testing this new release (which I seriously hope
for), you can find it in your setup-x86.exe or setup-x86_64.exe as
"test" release.


The major change in this new release is the new method to read account
(passwd and group) information from the Windows user databases directly,
without the requirement to generate /etc/passwd and /etc/group files to
generate Unix-like uid and gid.

For your convenience I wrote new documentation.  Since this is a TEST
prerelease, the new documentation is not part of the official docs yet.
Rather have a look at

  https://cygwin.com/preliminary-ntsec.html

If you read it
(which I seriously hope for) and it's all just incomprehensible
gobbledygook to you, please say so on the mailing list

  cygwin AT cygwin DOT com

so we have a chance to improve the documentation.

Please give this TEST release a try.

If you find problems in the new features or regressions compared to the
current stable release 1.7.32, please report them to the public mailing
list

  cygwin AT cygwin DOT com


Following is a list of changes in this new release:


What's new:
-----------

- Cygwin can now generate passwd/group entries directly from Windows
  user databases (local SAM or Active Directory), thus allowing to run
  Cygwin without having to create /etc/passwd and /etc/group files.
  Introduce /etc/nsswitch.conf file to configure passwd/group handling.

  For bordercase which require to use /etc/passwd and /etc/group files,
  change mkpasswd/mkgroup to generate passwd/group entries compatible
  with the entries read from SAM/AD.

- Add -b/--remove-all option to setfacl to reduce the ACL to only the
  entries representing POSIX permission bits.

- /proc/cygdrive is a new symlink pointing to the current cygdrive prefix.
  This can be utilized in scripts to access paths via cygdrive prefix, even
  if the cygdrive prefix has been changed by the user.

- /proc/partitions now prints the windows mount points the device is mounted
  on.  This allows to recognize the underlying Windows devices of the Cygwin
  raw device names.

- New API: quotactl, designed after the Linux/BSD function, but severely
  restricted:  Windows only supports user block quotas on NTFS, no group
  quotas, no inode quotas, no time constraints.

- New APIs: ffsl, ffsll (glibc extensions).

- New API: stime (SVr4).

- Provide Cygwin documentation (PDFs and HTML) for offline usage in
  /usr/share/doc/cygwin-${version}.


What changed:
-------------

- New internal exception handling based on SEH on 64 bit Cygwin.

- Revamp Solaris ACL implementation to more closely work like POSIX ACLs
  are supposed to work.  Finally implement a CLASS_OBJ emulation.  Update
  getfacl(1)/setfacl(1) accordingly.

- When exec'ing applications, check if $PATH exists and is non-empty.  If not,
  add PATH variable with Cygwin installation directory as content to Windows
  environment to allow loading of Cygwin system DLLs.

- Disable CYGWIN "dosfilewarning" option by default.
- Improve various header files for C++- and standards-compliance.

- Doug Lea malloc implementation update from 2.8.3 to the latest 2.8.6.


Bug Fixes
---------

- Per POSIX, dirfd(3) now returns EINVAL rather than EBADF on invalid
  directory stream.

- Fix a resource leak in rmdir(2).

- Fix fchmod(2)/fchown(2)/fsetxattr(2) in case the file got renamed after
  open and before calling one of the affected functions.
  Addresses: https://cygwin.com/ml/cygwin/2014-08/msg00517.html

- Handle Netapp-specific problem in statvfs(2)/fstatvfs(2).
  Addresses: https://cygwin.com/ml/cygwin/2014-06/msg00425.html

- Fix chown(2) on ptys in a corner case.

- Generate correct error when a path is inaccessible due to missing permissions.
  Addresses: https://cygwin.com/ml/cygwin-developers/2014-10/msg00010.html

- Don't hang in accept calls if socket is no listener.  Set errno to EINVAL
  instead.

- Don't allow seeking on serial lines and sockets.  Set errno to ESPIPE
  instead.
  Addresses: https://cygwin.com/ml/cygwin/2014-08/msg00319.html

- Fix output of /proc/<PID>/statm.

- Fix a SEGV in cygcheck if the environment variable COMSPEC is not, or
  incorrectly set.
  Addresses: https://cygwin.com/ml/cygwin/2014-10/msg00292.html

- Fix a SEGV in some 64 bit applications explicitely dlclosing DLLs.
  Addresses: https://cygwin.com/ml/cygwin/2014-10/msg00402.html

- Fix -fuse-cxa-atexit handling where dlclose fails to trigger calling
  global dtors in dynamically loaded modules in C++ applications (and
  thus another potential SEGV).


To install 32-bit Cygwin use http://cygwin.com/setup-x86.exe
To install 64 bit Cygwin use http://cygwin.com/setup-x86_64.exe

If you're already running a 32 bit version of Cygwin on 64 bit Windows
machines, you can continue to do so.  If you're planning a new install
of Cygwin on a 64 bit Windows machine, consider to use the new 64 bit
Cygwin version, unless you need certain packages not yet available in
the 64 bit release.


Have fun,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Denis Excoffier]

On 2014-10-29 13:08, Corinna Vinschen wrote:
> 
> I just released a 4th TEST version of the next upcoming Cygwin release,
> 1.7.33-0.4.
> 
> Changes compared to the former test version 1.7.33-0.3:
> 

> - Set CYGWIN=dosfilewarning settting to OFF by default.
> 
Well, this is OK i suppose.

But i was using this feature in order to check that no cygwin process
was left behind when i switch to a new cygwin1.dll (eg for a snapshot).
Here is how.

I use 'echo \\ /nonexistent*' in my .cshrc. This triggers the
warning. That way, if some process from the previous cygwin1.dll was left
somewhere in the background, the warning is not displayed and i get the
(visual) indication that something is wrong (say: the new cygwin1.dll is
not properly in function).

Afterwards, since the warning is displayed only once, the warning is not
displayed anymore, so the 'echo ...' is not a nuisance in .cshrc.

The fact that the default is/was ON is important because otherwise the
CYGWIN variable would have to be set somewhere (and before the 1st cygwin
process).

Currently i don't see how to replace this "feature". Any ideas?

To be precise, the exact command that i use (in .cshrc) is
echo \\ /nonexistent* |& head --lines=-6
in order to show a single line (a single line is enough for a visual indication)

Regards,

Denis Excoffier.






--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Tim Prince]

On 10/29/2014 1:37 PM, Denis Excoffier wrote:
> On 2014-10-29 13:08, Corinna Vinschen wrote:
>> I just released a 4th TEST version of the next upcoming Cygwin release,
>> 1.7.33-0.4.
>>
>> Changes compared to the former test version 1.7.33-0.3:
>>
>
-0.3 has come up on the nearby mirror.  I'm updating gcc trunk from svn,
starting a rebuild of gcc/g++/gfortran

-- 
Tim Prince


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

RE: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Habermann, Dave (DA)]

Found one interesting observation today after switching to the new AD authentication.  My ability to use password-less login via SSH suddenly went missing.  Although I haven't fully resolved it yet (which I suspect may take regeneration/proliferation of keys), it would appear that I've been the victim of case sensitivity.  In my old passwd file I had my user ID present in all lower case, but apparently in Active Directory my user ID is present as upper case.  I am still able to make it log password-less using

ssh u012356@cr

but

ssh cr

does NOT work, because my user ID is defaulting to U012345 (upper case U).  In this case, however, I can STILL log in if I enter my password.

I don't really think there is anything to correct here, but just wanted to point out the oddity in case anyone else suffers from a similar issue.

Dave

RE: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Habermann, Dave (DA)]

Using the new AD system, and trying to regenerate ssh keys using ssh-user-config I find that I'm getting an error.  I've traced the issue to a line in the /bin/ssh-user-config file:

  pwdhome=$(awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < ${SYSCONFDIR}/passwd)

where we are apparently trying to parse the old passwd file (which I've renamed off to the side for testing quality).  I can make this work for me right now with an ugly hack, but wanted to point it.

$ ssh -V
OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014

Dave
 

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Corinna Vinschen]

[-- Attachment #1: Type: text/plain, Size: 1529 bytes --]

On Oct 29 18:37, Denis Excoffier wrote:
> On 2014-10-29 13:08, Corinna Vinschen wrote:
> > 
> > I just released a 4th TEST version of the next upcoming Cygwin release,
> > 1.7.33-0.4.
> > 
> > Changes compared to the former test version 1.7.33-0.3:
> > 
> 
> > - Set CYGWIN=dosfilewarning settting to OFF by default.
> > 
> Well, this is OK i suppose.
> 
> But i was using this feature in order to check that no cygwin process
> was left behind when i switch to a new cygwin1.dll (eg for a snapshot).
> Here is how.
> 
> I use 'echo \\ /nonexistent*' in my .cshrc. This triggers the
> warning. That way, if some process from the previous cygwin1.dll was left
> somewhere in the background, the warning is not displayed and i get the
> (visual) indication that something is wrong (say: the new cygwin1.dll is
> not properly in function).

Wow, this is really wrestling some arbitrary setting into a feature
of sorts...

> Afterwards, since the warning is displayed only once, the warning is not
> displayed anymore, so the 'echo ...' is not a nuisance in .cshrc.
> 
> The fact that the default is/was ON is important because otherwise the
> CYGWIN variable would have to be set somewhere (and before the 1st cygwin
> process).
> 
> Currently i don't see how to replace this "feature". Any ideas?

I have a `uname -a' in my .login.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Corinna Vinschen]

[-- Attachment #1: Type: text/plain, Size: 1225 bytes --]

On Oct 29 19:06, Habermann, Dave (DA) wrote:
> Found one interesting observation today after switching to the new AD
> authentication.  My ability to use password-less login via SSH
> suddenly went missing.  Although I haven't fully resolved it yet
> (which I suspect may take regeneration/proliferation of keys), it
> would appear that I've been the victim of case sensitivity.  In my old
> passwd file I had my user ID present in all lower case, but apparently
> in Active Directory my user ID is present as upper case.  I am still
> able to make it log password-less using
> 
> ssh u012356@cr
> 
> but
> 
> ssh cr
> 
> does NOT work, because my user ID is defaulting to U012345 (upper case
> U).  In this case, however, I can STILL log in if I enter my password.
> 
> I don't really think there is anything to correct here, but just
> wanted to point out the oddity in case anyone else suffers from a
> similar issue.

This has been discussed a few months back, but there was no majority
for "always lower-case the Cygwin user name".


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Corinna Vinschen]

[-- Attachment #1: Type: text/plain, Size: 762 bytes --]

On Oct 29 19:27, Habermann, Dave (DA) wrote:
> Using the new AD system, and trying to regenerate ssh keys using
> ssh-user-config I find that I'm getting an error.  I've traced the
> issue to a line in the /bin/ssh-user-config file:
> 
>   pwdhome=$(awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < ${SYSCONFDIR}/passwd)

Ouch.  I missed that when scanning the ssh scripts.

Reminder to myself:  Update ssh-user-config to use getent(1) instead
of checking the passwd file.

Sorry, but I'm pretty sure this isn't the only place in the distro
still checking the passwd and group files :(


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]

RE: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Habermann, Dave (DA)]

On Oct 29 19:27, Habermann, Dave (DA) wrote:
>> issue to a line in the /bin/ssh-user-config file:
>> 
>>   pwdhome=$(awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < ${SYSCONFDIR}/passwd)
>>
> Ouch.  I missed that when scanning the ssh scripts.
>
> Sorry, but I'm pretty sure this isn't the only place in the distro
> still checking the passwd and group files :(

No worries...I've got my keys rebuilt and working.  My Dad always told me that
"beggars can't be choosers", and I'm clearly the "beggar" here.  I use your 
stuff routinely every day and am so grateful for the power it brings into my
forced-to-be-on-windows environment.  Hopefully I can be of more service some 
day.

Dave

RE: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Habermann, Dave (DA)]

On Oct 29 19:06, Habermann, Dave (DA) wrote:
>> does NOT work, because my user ID is defaulting to U012345 (upper case
>> U).  In this case, however, I can STILL log in if I enter my password.
>> 
>This has been discussed a few months back, but there was no majority
>for "always lower-case the Cygwin user name".

Must have missed that discussion, but I don't have any problem with it as
you've developed it, just was hoping to flag it to help others as they 
make the transition.

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Corinna Vinschen]

[-- Attachment #1.1: Type: text/plain, Size: 1405 bytes --]

On Oct 30 13:02, Habermann, Dave (DA) wrote:
> On Oct 29 19:27, Habermann, Dave (DA) wrote:
> >> issue to a line in the /bin/ssh-user-config file:
> >> 
> >>   pwdhome=$(awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < ${SYSCONFDIR}/passwd)
> >>
> > Ouch.  I missed that when scanning the ssh scripts.
> >
> > Sorry, but I'm pretty sure this isn't the only place in the distro
> > still checking the passwd and group files :(
> 
> No worries...I've got my keys rebuilt and working.  My Dad always told
> me that "beggars can't be choosers", and I'm clearly the "beggar"
> here.  I use your stuff routinely every day and am so grateful for the
> power it brings into my forced-to-be-on-windows environment.
> Hopefully I can be of more service some day.

Hey, you *are* helpful.  By testing the test release, by reporting
problems and bugs, by helping with the documentation and last but not
least by being a part of the community on this list discussing stuff
and helping others.

But no good deed goes unpunished, so...

... would you mind to test a new incarnation of ssh-user-config which I
plan to use in a bugfix-release of OpenSSH 6.7p1 and to push upstream. :}

The script is attached to this mail.


Thanks,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #1.2: ssh-user-config --]
[-- Type: text/plain, Size: 8418 bytes --]

#!/bin/bash
#
# ssh-user-config, Copyright 2000-2014 Red Hat Inc.
#
# This file is part of the Cygwin port of OpenSSH.
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS  
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF               
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.   
# IN NO EVENT SHALL THE ABOVE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,   
# DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR    
# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR    
# THE USE OR OTHER DEALINGS IN THE SOFTWARE.                               

# ======================================================================
# Initialization
# ======================================================================
PROGNAME=$(basename -- $0)
_tdir=$(dirname -- $0)
PROGDIR=$(cd $_tdir && pwd)

CSIH_SCRIPT=/usr/share/csih/cygwin-service-installation-helper.sh

# Subdirectory where the new package is being installed
PREFIX=/usr

# Directory where the config files are stored
SYSCONFDIR=/etc

source ${CSIH_SCRIPT}

auto_passphrase="no"
passphrase=""
pwdhome=
with_passphrase=

# ======================================================================
# Routine: create_identity
#   optionally create identity of type argument in ~/.ssh
#   optionally add result to ~/.ssh/authorized_keys
# ======================================================================
create_identity() {
  local file="$1"
  local type="$2"
  local name="$3"
  if [ ! -f "${pwdhome}/.ssh/${file}" ]
  then
    if csih_request "Shall I create a ${name} identity file for you?"
    then
      csih_inform "Generating ${pwdhome}/.ssh/${file}"
      if [ "${with_passphrase}" = "yes" ]
      then
        ssh-keygen -t "${type}" -N "${passphrase}" -f "${pwdhome}/.ssh/${file}" > /dev/null
      else
        ssh-keygen -t "${type}" -f "${pwdhome}/.ssh/${file}" > /dev/null
      fi
      if csih_request "Do you want to use this identity to login to this machine?"
      then
        csih_inform "Adding to ${pwdhome}/.ssh/authorized_keys"
        cat "${pwdhome}/.ssh/${file}.pub" >> "${pwdhome}/.ssh/authorized_keys"
      fi
    fi
  fi
} # === End of create_ssh1_identity() === #
readonly -f create_identity

# ======================================================================
# Routine: check_user_homedir
#   Perform various checks on the user's home directory
# SETS GLOBAL VARIABLE:
#   pwdhome
# ======================================================================
check_user_homedir() {
  pwdhome=$(getent passwd $UID | awk -F: '{ print $6; }')
  if [ "X${pwdhome}" = "X" ]
  then
    csih_error_multi \
      "There is no home directory set for you in the account database." \
      'Setting $HOME is not sufficient!'
  fi
  
  if [ ! -d "${pwdhome}" ]
  then
    csih_error_multi \
      "${pwdhome} is set in the account database as your home directory" \
      'but it is not a valid directory. Cannot create user identity files.'
  fi
  
  # If home is the root dir, set home to empty string to avoid error messages
  # in subsequent parts of that script.
  if [ "X${pwdhome}" = "X/" ]
  then
    # But first raise a warning!
    csih_warning "Your home directory in the account database is set to root (/). This is not recommended!"
    if csih_request "Would you like to proceed anyway?"
    then
      pwdhome=''
    else
      csih_warning "Exiting. Configuration is not complete"
      exit 1
    fi
  fi
  
  if [ -d "${pwdhome}" -a -n "`chmod -c g-w,o-w "${pwdhome}"`" ]
  then
    echo
    csih_warning 'group and other have been revoked write permission to your home'
    csih_warning "directory ${pwdhome}."
    csih_warning 'This is required by OpenSSH to allow public key authentication using'
    csih_warning 'the key files stored in your .ssh subdirectory.'
    csih_warning 'Revert this change ONLY if you know what you are doing!'
    echo
  fi
} # === End of check_user_homedir() === #
readonly -f check_user_homedir

# ======================================================================
# Routine: check_user_dot_ssh_dir
#   Perform various checks on the ~/.ssh directory
# PREREQUISITE:
#   pwdhome -- check_user_homedir()
# ======================================================================
check_user_dot_ssh_dir() {
  if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ]
  then
    csih_error "${pwdhome}/.ssh is existant but not a directory. Cannot create user identity files."
  fi
  
  if [ ! -e "${pwdhome}/.ssh" ]
  then
    mkdir "${pwdhome}/.ssh"
    if [ ! -e "${pwdhome}/.ssh" ]
    then
      csih_error "Creating users ${pwdhome}/.ssh directory failed"
    fi
  fi
} # === End of check_user_dot_ssh_dir() === #
readonly -f check_user_dot_ssh_dir

# ======================================================================
# Routine: fix_authorized_keys_perms
#   Corrects the permissions of ~/.ssh/authorized_keys
# PREREQUISITE:
#   pwdhome   -- check_user_homedir()
# ======================================================================
fix_authorized_keys_perms() {
  if [ -e "${pwdhome}/.ssh/authorized_keys" ]
  then
    setfacl -b "${pwdhome}/.ssh/authorized_keys" 2>/dev/null || echo -n
    if ! chmod u-x,g-wx,o-wx "${pwdhome}/.ssh/authorized_keys"
    then
      csih_warning "Setting correct permissions to ${pwdhome}/.ssh/authorized_keys"
      csih_warning "failed.  Please care for the correct permissions.  The minimum requirement"
      csih_warning "is, the owner needs read permissions."
      echo
    fi
  fi
} # === End of fix_authorized_keys_perms() === #
readonly -f fix_authorized_keys_perms


# ======================================================================
# Main Entry Point
# ======================================================================

# Check how the script has been started.  If
#   (1) it has been started by giving the full path and
#       that path is /etc/postinstall, OR
#   (2) Otherwise, if the environment variable
#       SSH_USER_CONFIG_AUTO_ANSWER_NO is set
# then set auto_answer to "no".  This allows automatic
# creation of the config files in /etc w/o overwriting
# them if they already exist.  In both cases, color
# escape sequences are suppressed, so as to prevent
# cluttering setup's logfiles.
if [ "$PROGDIR" = "/etc/postinstall" ]
then
  csih_auto_answer="no"
  csih_disable_color
fi
if [ -n "${SSH_USER_CONFIG_AUTO_ANSWER_NO}" ]
then
  csih_auto_answer="no"
  csih_disable_color
fi

# ======================================================================
# Parse options
# ======================================================================
while :
do
  case $# in
  0)
    break
    ;;
  esac

  option=$1
  shift

  case "$option" in
  -d | --debug )
    set -x
    csih_trace_on
    ;;

  -y | --yes )
    csih_auto_answer=yes
    ;;

  -n | --no )
    csih_auto_answer=no
    ;;

  -p | --passphrase )
    with_passphrase="yes"
    passphrase=$1
    shift
    ;;

  *)
    echo "usage: ${PROGNAME} [OPTION]..."
    echo
    echo "This script creates an OpenSSH user configuration."
    echo
    echo "Options:"
    echo "    --debug      -d        Enable shell's debug output."
    echo "    --yes        -y        Answer all questions with \"yes\" automatically."
    echo "    --no         -n        Answer all questions with \"no\" automatically."
    echo "    --passphrase -p word   Use \"word\" as passphrase automatically."
    echo
    exit 1
    ;;

  esac
done

# ======================================================================
# Action!
# ======================================================================

check_user_homedir
check_user_dot_ssh_dir
create_identity id_rsa rsa "SSH2 RSA"
create_identity id_dsa dsa "SSH2 DSA"
create_identity id_ecdsa ecdsa "SSH2 ECDSA"
create_identity identity rsa1 "(deprecated) SSH1 RSA"
fix_authorized_keys_perms

echo
csih_inform "Configuration finished. Have fun!"



[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]

RE: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Habermann, David (D)]

> ... would you mind to test a new incarnation of ssh-user-config which I
> plan to use in a bugfix-release of OpenSSH 6.7p1 and to push upstream. :}

Test completed, it worked fine in my environment (although the file did need a d2u prior to running).  I generated all three primary keys and they seemed to work properly once generated.  I confirm that I did not have a /etc/passwd file in place at all during the run.

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Corinna Vinschen]

[-- Attachment #1: Type: text/plain, Size: 667 bytes --]

On Oct 30 16:21, Habermann, David (D) wrote:
> > ... would you mind to test a new incarnation of ssh-user-config which I
> > plan to use in a bugfix-release of OpenSSH 6.7p1 and to push upstream. :}
> 
> Test completed, it worked fine in my environment (although the file
> did need a d2u prior to running).  I generated all three primary keys
> and they seemed to work properly once generated.  I confirm that I did
> not have a /etc/passwd file in place at all during the run.

Thanks a lot!


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Andrey Repin]

Greetings, Habermann, David (D)!

>> ... would you mind to test a new incarnation of ssh-user-config which I
>> plan to use in a bugfix-release of OpenSSH 6.7p1 and to push upstream. :}

> Test completed, it worked fine in my environment (although the file did
> need a d2u prior to running).  I generated all three primary keys and they
> seemed to work properly once generated.  I confirm that I did not have a
> /etc/passwd file in place at all during the run.

I've glanced quickly, and I do not see, where it is calling d2u.
Do you have anything specific about it?


--
WBR,
Andrey Repin (anrdaemon@yandex.ru) 31.10.2014, <2:34>

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

RE: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Habermann, David (D)]

>>> ... would you mind to test a new incarnation of ssh-user-config which I
>>> plan to use in a bugfix-release of OpenSSH 6.7p1 and to push upstream. :}

>> Test completed, it worked fine in my environment (although the file did
>> need a d2u prior to running).  I generated all three primary keys and they
>> seemed to work properly once generated.  I confirm that I did not have a
>> /etc/passwd file in place at all during the run.

>I've glanced quickly, and I do not see, where it is calling d2u.
>Do you have anything specific about it?

No, I'm not saying that the ssh-user-config script calls d2u.....I'm saying that the ssh-user-config file that was delivered to me would not run properly in my environment unless I first executed the command:

d2u ssh-user-config

prior to: 

./ssh-user-config




--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Andrey Repin]

Greetings, Habermann, David (D)!

>>>> ... would you mind to test a new incarnation of ssh-user-config which I
>>>> plan to use in a bugfix-release of OpenSSH 6.7p1 and to push upstream. :}

>>> Test completed, it worked fine in my environment (although the file did
>>> need a d2u prior to running).  I generated all three primary keys and they
>>> seemed to work properly once generated.  I confirm that I did not have a
>>> /etc/passwd file in place at all during the run.

>>I've glanced quickly, and I do not see, where it is calling d2u.
>>Do you have anything specific about it?

> No, I'm not saying that the ssh-user-config script calls d2u.....I'm saying
> that the ssh-user-config file that was delivered to me would not run
> properly in my environment unless I first executed the command:

> d2u ssh-user-config

> prior to: 

> ./ssh-user-config

Oh. That makes sense.
Thanks for clarification.


--
WBR,
Andrey Repin (anrdaemon@yandex.ru) 31.10.2014, <15:49>

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Christian Franke]

Corinna Vinschen wrote:
> I just released a 4th TEST version of the next upcoming Cygwin release,
> 1.7.33-0.4.

There is an older regression in mkgroup.
A separator without a preceding domain name is printed for the builtin 
groups:

$ mkgroup -L THISHOST
SYSTEM:S-1-5-18:18:
TrustedInstaller:S-1-5-80-...
+Administratoren:S-1-5-32-544:544:
+Benutzer:S-1-5-32-545:545:
...
THISHOST+HelpLibraryUpdaters:S-1-5-21-...


Introduced in mkgroup.c CVS 1.54, April 2014:

@@ -415,8 +341,8 @@ enum_local_groups (...)
...
           printf ("%ls%s%ls:%s:%" PRIu32 ":\n",
-                 with_dom && !is_builtin ? domain_name : L"",
-                 with_dom && !is_builtin ? sep : "",
+                 mach->with_dom && !is_builtin ? domain_name : L"",
+                 mach->with_dom || is_builtin ? sep : "", <==== Hmm.... :-)


BTW: mkgroup should possibly also print the extra builtin groups which 
are now reported by getgroups(), for example 4(Interactive), 
11(Authenticated Users), ...
Groups with variable SIDs like LogonSession are an exception.

Christian


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Corinna Vinschen]

[-- Attachment #1: Type: text/plain, Size: 1594 bytes --]

On Nov  1 17:58, Christian Franke wrote:
> Corinna Vinschen wrote:
> >I just released a 4th TEST version of the next upcoming Cygwin release,
> >1.7.33-0.4.
> 
> There is an older regression in mkgroup.
> A separator without a preceding domain name is printed for the builtin
> groups:
> 
> $ mkgroup -L THISHOST
> SYSTEM:S-1-5-18:18:
> TrustedInstaller:S-1-5-80-...
> +Administratoren:S-1-5-32-544:544:
> +Benutzer:S-1-5-32-545:545:
> ...
> THISHOST+HelpLibraryUpdaters:S-1-5-21-...
> 
> 
> Introduced in mkgroup.c CVS 1.54, April 2014:
> 
> @@ -415,8 +341,8 @@ enum_local_groups (...)
> ...
>           printf ("%ls%s%ls:%s:%" PRIu32 ":\n",
> -                 with_dom && !is_builtin ? domain_name : L"",
> -                 with_dom && !is_builtin ? sep : "",
> +                 mach->with_dom && !is_builtin ? domain_name : L"",
> +                 mach->with_dom || is_builtin ? sep : "", <==== Hmm.... :-)

Thanks!  It would be nice if you could send a patch to cygwin-patches.

> BTW: mkgroup should possibly also print the extra builtin groups which are
> now reported by getgroups(), for example 4(Interactive), 11(Authenticated
> Users), ...

Doesn't make much sense.  Generating them via "db" is incredibly fast.
There is also one person on the list (sorry, don't remember your name)
claiming he would rather not see the big group list in id while using
the "files"-only setting.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Corinna Vinschen]

[-- Attachment #1: Type: text/plain, Size: 1312 bytes --]

On Nov  1 18:40, Corinna Vinschen wrote:
> On Nov  1 17:58, Christian Franke wrote:
> > Corinna Vinschen wrote:
> > >I just released a 4th TEST version of the next upcoming Cygwin release,
> > >1.7.33-0.4.
> > 
> > There is an older regression in mkgroup.
> > A separator without a preceding domain name is printed for the builtin
> > groups:
> > 
> > $ mkgroup -L THISHOST
> > SYSTEM:S-1-5-18:18:
> > TrustedInstaller:S-1-5-80-...
> > +Administratoren:S-1-5-32-544:544:
> > +Benutzer:S-1-5-32-545:545:
> > ...
> > THISHOST+HelpLibraryUpdaters:S-1-5-21-...
> > 
> > 
> > Introduced in mkgroup.c CVS 1.54, April 2014:
> > 
> > @@ -415,8 +341,8 @@ enum_local_groups (...)
> > ...
> >           printf ("%ls%s%ls:%s:%" PRIu32 ":\n",
> > -                 with_dom && !is_builtin ? domain_name : L"",
> > -                 with_dom && !is_builtin ? sep : "",
> > +                 mach->with_dom && !is_builtin ? domain_name : L"",
> > +                 mach->with_dom || is_builtin ? sep : "", <==== Hmm.... :-)
> 
> Thanks!  It would be nice if you could send a patch to cygwin-patches.

Never mind, I applied a patch.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Houder]

>> > Doesn't make much sense.  Generating them via "db" is incredibly fast.
>> > There is also one person on the list (sorry, don't remember your name)
>>
>> Me, perhaps? (Henri) ... https://cygwin.com/ml/cygwin/2014-10/msg00491.html
>
> It might have been you, but it's not that thread.  I'm referring to
> some discussion a few months ago when I asked for testing the new
> stuff in the snapshots.  My memory for names is really bad, sorry.

February perhaps? I made a similar remark about the output of id then ...

    https://cygwin.com/ml/cygwin/2014-02/msg00545.htm

>> My "nsswitch.conf":
>>
>> passwd:files
>> group: files
>>
>> db_enum: files
>>
>> In short, no problem at my end: id shows the short list (as before ...)
>
> The question would be:  What's the problem with the long list from id?
> Enumerating the builtin accounts is very fast and you shouldn't have
> any downside.  On the upside, *iff* there are files owned by some
> account not listed in /etc/passwd or /etc/group, the additional "db"
> setting would still allow to show the ownership correctly...

Should? :-) I have no doubt that you did an excellent job ... and that it all
very fast ...

Perhaps, it is mere matter of perspective ?????

 - you want to be informed "about what the machine does" ...
 - I am only interested in "my files" (a specific point on the filesystem), a
   point where I have "rucksichtlos" eliminated all references to identities I
   do not care about

(as I noted before, Windows is not really 'my cup of tea')

In short, there is no problem that requires your immediate attention. And I am
happy, that I can still control Cygwin to do it in the "old-fashioned" way.

Sorry.

Regards,

Henri

=====


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Corinna Vinschen]

[-- Attachment #1: Type: text/plain, Size: 2429 bytes --]

On Nov  3 16:09, Houder wrote:
> > On Nov  1 17:58, Christian Franke wrote:
> >> Corinna Vinschen wrote:
> >> >I just released a 4th TEST version of the next upcoming Cygwin release,
> >> >1.7.33-0.4.
> >>
> >> There is an older regression in mkgroup.
> >> A separator without a preceding domain name is printed for the builtin
> >> groups:
> >>
> >> $ mkgroup -L THISHOST
> >> SYSTEM:S-1-5-18:18:
> >> TrustedInstaller:S-1-5-80-...
> >> +Administratoren:S-1-5-32-544:544:
> >> +Benutzer:S-1-5-32-545:545:
> >> ...
> >> THISHOST+HelpLibraryUpdaters:S-1-5-21-...
> >>
> >>
> >> Introduced in mkgroup.c CVS 1.54, April 2014:
> >>
> >> @@ -415,8 +341,8 @@ enum_local_groups (...)
> >> ...
> >>           printf ("%ls%s%ls:%s:%" PRIu32 ":\n",
> >> -                 with_dom && !is_builtin ? domain_name : L"",
> >> -                 with_dom && !is_builtin ? sep : "",
> >> +                 mach->with_dom && !is_builtin ? domain_name : L"",
> >> +                 mach->with_dom || is_builtin ? sep : "", <==== Hmm.... :-)
> >
> > Thanks!  It would be nice if you could send a patch to cygwin-patches.
> >
> >> BTW: mkgroup should possibly also print the extra builtin groups which are
> >> now reported by getgroups(), for example 4(Interactive), 11(Authenticated
> >> Users), ...
> >
> > Doesn't make much sense.  Generating them via "db" is incredibly fast.
> > There is also one person on the list (sorry, don't remember your name)
> 
> Me, perhaps? (Henri) ... https://cygwin.com/ml/cygwin/2014-10/msg00491.html

It might have been you, but it's not that thread.  I'm referring to
some discussion a few months ago when I asked for testing the new
stuff in the snapshots.  My memory for names is really bad, sorry.

> My "nsswitch.conf":
> 
> passwd:files
> group: files
> 
> db_enum: files
> 
> In short, no problem at my end: id shows the short list (as before ...)

The question would be:  What's the problem with the long list from id?
Enumerating the builtin accounts is very fast and you shouldn't have
any downside.  On the upside, *iff* there are files owned by some
account not listed in /etc/passwd or /etc/group, the additional "db"
setting would still allow to show the ownership correctly...


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.33-0.4

[Houder]

> On Nov  1 17:58, Christian Franke wrote:
>> Corinna Vinschen wrote:
>> >I just released a 4th TEST version of the next upcoming Cygwin release,
>> >1.7.33-0.4.
>>
>> There is an older regression in mkgroup.
>> A separator without a preceding domain name is printed for the builtin
>> groups:
>>
>> $ mkgroup -L THISHOST
>> SYSTEM:S-1-5-18:18:
>> TrustedInstaller:S-1-5-80-...
>> +Administratoren:S-1-5-32-544:544:
>> +Benutzer:S-1-5-32-545:545:
>> ...
>> THISHOST+HelpLibraryUpdaters:S-1-5-21-...
>>
>>
>> Introduced in mkgroup.c CVS 1.54, April 2014:
>>
>> @@ -415,8 +341,8 @@ enum_local_groups (...)
>> ...
>>           printf ("%ls%s%ls:%s:%" PRIu32 ":\n",
>> -                 with_dom && !is_builtin ? domain_name : L"",
>> -                 with_dom && !is_builtin ? sep : "",
>> +                 mach->with_dom && !is_builtin ? domain_name : L"",
>> +                 mach->with_dom || is_builtin ? sep : "", <==== Hmm.... :-)
>
> Thanks!  It would be nice if you could send a patch to cygwin-patches.
>
>> BTW: mkgroup should possibly also print the extra builtin groups which are
>> now reported by getgroups(), for example 4(Interactive), 11(Authenticated
>> Users), ...
>
> Doesn't make much sense.  Generating them via "db" is incredibly fast.
> There is also one person on the list (sorry, don't remember your name)

Me, perhaps? (Henri) ... https://cygwin.com/ml/cygwin/2014-10/msg00491.html

My "nsswitch.conf":

passwd:files
group: files

db_enum: files

In short, no problem at my end: id shows the short list (as before ...)

> claiming he would rather not see the big group list in id while using
> the "files"-only setting.
>
>
> Corinna

=====


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple