Re: update trouble 1.7.35

[Andrey Repin <anrdaemon@yandex.ru>]

Greetings, Lemke, Michael  ST/HZA-ZSW!

> I just created new ones.  I like passwd/group much better than AD, sorry.
> Just like real unix before the invention of yellow pages and nis.  This 
> way I can easily give different shells to different users

You can give them in AD the same way. And they will persist through your
system reinstalls and hardware changes.
Having millions of separate file "databases" you have to maintain was never a
good idea, and people were always looking for ways to simplify the management
overhead.

> (not that it is really important at the moment).

> In nsswitch.conf I put 
> passwd: files db
> group: files db

> and ls listings seem to look fine.  Login is also possible again
> with correct tcsh shell.

>>The problem is the domain switch which also changed the SID of your user
>>account.  The old SID, which you also have in your passwd, is not
>>returned by the server anymore.  But it's stored in your SID history in
>>AD and when asking for it you get an answer.

> So, to sort of sum this up: the new cygwin doesn't deal well with 
> contradicting entries in passwd and AD.

It doesn't deal with them at all. It works with what it is given.

> Or something like that.  Maybe you can at least make the login process
> generate an error message.

What kind of error message?

> I just
> realize there is one (which started this whole thread) but if you start 
> cygwin from a minty shortcut (as I do and as it is the default I think) all 
> you get is a flashing window.  I added "-h always" to the mintty options
> to actually see the message.

Weird local setups, like yours, is what was the primary reason to rewrite the
user handling in Cygwin in first place. To have more transparent link to the
underlying system calls.

>>> 
>>> I noticed something else: With nsswitch.conf db:
>>> 
>>> > ls -l
>>> ...
>>> -rw-rwxr--+ 1 lemkemch OLDDOMAIN+Domain Users      10057 Oct 21  2013 testresults.xml
>>> drwxr-xr-x+ 1 lemkemch OLDDOMAIN+Domain Users          0 Nov  9  2010 tidy4aug00
>>> drwxrwxr-x+ 1 lemkemch Domain Users                   0 May 14  2014 tinymce
>>> drwxr-xr-x+ 1 lemkemch OLDDOMAIN+Domain Users          0 Jan 13  2012 tomahawk-1.1.11
>>> ...
>>> > ls -ln
>>> ...
>>> -rw-rwxr--+ 1 1051305 1073742337      10057 Oct 21  2013 testresults.xml
>>> drwxr-xr-x+ 1 1051305 1073742337          0 Nov  9  2010 tidy4aug00
>>> drwxrwxr-x+ 1 1175788    1049089          0 May 14  2014 tinymce
>>> drwxr-xr-x+ 1 1051305 1073742337          0 Jan 13  2012 tomahawk-1.1.11
>>> ...
>>> 
>>> Note the different numerical id's that translate to the same username.
>>> Don't know if it means anything.  I just find it weird.
>>
>>That's due to your SID history.  It's a bit hard to explain, but that
>>occurs when "they" switch to a new domain with different SIDs.  When
>>asking for the new and the old SID, the same username is returned since
>>both are your SIDs, one old, one new.
>>
>>I strongly recommend not to use the old SID anymore.  The reason is that
>>Cygwin will create all these files with the old SIDs.  However, your
>>actual user token has the new SID.  Uh, as I wrote, hard to explain and
>>a weird situation.

> Ok, I think I get it.

>>
>>Downside: Cygwin can't handle the old SIDs from your SID history quite
>>correctly.  

> Actually, with "files db" it seems to handle it quite well.  I get the same
> username for both kind of files.  There are still lots of files in my
> home I created before the domain switch.

That's because Cygwin ask system "who is that man with this face(SID)?" and
get the answer, that it is you, because that SID is in your history.
Nothing is changed, really. And nothing should, in this regard.

>>Trying to support them as well would slow down the user and
>>group lookups a lot.  If you can live with what we just found out and
>>the solution I suggested, I'd be rather happy :}
>>

> Yes, I am happy now.

You can get better results, if you define default shell in nsswitch.conf,
rather than hose Cygwin back into 20'st century with your files db.
I assume, you're the only one who's using this system, right?
So, the change wouldn't affect anyone else.


--
WBR,
Andrey Repin (anrdaemon@yandex.ru) 24.03.2015, <21:37>

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple