From: "Houder" <houder@xs4all.nl>
To: cygwin@cygwin.com
Subject: Re: Mild amazement (questions) about the output of mkpasswd (1.7.33). Corinna?
Date: Tue, 28 Oct 2014 15:16:00 -0000 [thread overview]
Message-ID: <1325b42e63be603bb9c8b4c206f5b91b.squirrel@webmail.xs4all.nl> (raw)
In-Reply-To: <20141028144255.GM20607@calimero.vinschen.de>
> On Oct 28 13:50, Houder wrote:
>> Hi Corinna,
>>
>> As adviced by you, I replaced the "cygwin package" with the test
>> version (1.7.33) on my "Cygwin-32" ...
>>
>> Let us assume, I am NOT interested in "Windows domains" etc. and that
>> I would like to keep my "own" mapping between SIDs and uids/gids ...
>> it appears to me, that both mkpasswd and mkgroup are no longer of any
>> help to me, as both appear to apply "some fixed (automatic) mapping"
>> between SIDs and uids/gids ... Right?
>
> Not quite. Did you read the preliminary documentation? You don't have
> to use mkpasswd or mkgroup at all, and you don't need the /etc/passwd
> and /etc/group files. The new feature is NOT only for AD machines,
> it works for local machines as well, and even if your files were small,
> you might still see a performance gain.
>
> Please give https://cygwin.com/preliminary-ug/ntsec.html a try. I really
> hope it's worht to read it because it explains the feature thoroughly.
:-)) Do you _really_ believe I did not study your text? Yes, I did ... and
not for the first time.
Keep in mind, please: Windows is not exactly 'my cup of tea' :-)
> Other than that, yes, you can still create your own mappings by
> utilizing the passwd and group files.
Wonderful ... I have grown accustomed to my old mapping (RID -> uid/gid).
>> Initially I left the passwd, group and nsswitch.conf untouched ... (as
>> noted, I am NOT connected to a domain, and I have never been troubled
>> by the slowness as result of the passwd/group files - small files).
>>
>> As the output of mkpasswd (and perhaps the "whole" changover in
>> 1.7.33) left me with a question (questions?), I subsequently removed
>> the aformentioned files ...
>>
>> Questions:
>>
>> - why does 'mkpasswd -l Seven -u Henri' report differently from
>> 'mkpasswd -l -u Henri'?
>> - uid: 4244636648 vs 197608 ...
>
> The underlying algorithm treats the machine name given as parameter
> to -l or -L as a foreign machine in the network and tries to contact
> it. As a foreign machine, the created uid and gid values are different
> from the ones for the local machine. Don't use -l Seven, just use -l
> for the local machine.
Oh, dear, it does not recognize its own name ... Poor soul. Yes, I had
already gathered that much ...
>> - why does MACHINE show up as a prefix to LOCAL USER in 'mkpasswd -L
>> Seven -u Henri', but NOT
>> in 'mkpasswd -L -u Henri'?
>
> The -L option is only meant to be used for foreign machines. The
> prefixing of the local machine is bound to the underlying mechanism used
> in Cygwin per the docs. On second thought, a -L without machine name
> should have been refused by mkpasswd.
>
>> - name: Seven+Henri vs Henri ...
>> - manual says: -L, generate username WITH machine prefix ...
Understood, use mkpasswd and mkgroup with some "imagination" (until all
option processing has been thoroughly tested and repaired).
>> Just trying to make sense of it all ...
>
> Yeah, I freely admit that the usage of mkpasswd/mkgroup isn't quite as
> evident anymore. The idea is that the underlying "db" mechanism fixes
> the rules. I'm really not sure yet if and how mkpasswd/mkgroup needs
> more change, that's what this testing phase is supposed to show. Keep
> in mind that the new account handling is just as new for me as it is for
> you :)
... uhm, not quite, I believe ... you are bathing in the dazzling light of
understanding ... I am just groping for a ray of that light ;-)
Once more, thank you for clarifying!
Henri
=====
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
prev parent reply other threads:[~2014-10-28 15:16 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-28 12:50 Houder
2014-10-28 14:42 ` Corinna Vinschen
2014-10-28 15:16 ` Houder [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1325b42e63be603bb9c8b4c206f5b91b.squirrel@webmail.xs4all.nl \
--to=houder@xs4all.nl \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).