From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 35003 invoked by alias); 24 Mar 2015 18:50:20 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 34988 invoked by uid 89); 24 Mar 2015 18:50:19 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=1.7 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,KAM_BODY_URIBL_PCCC,KAM_FROM_URIBL_PCCC,KAM_THEBAT,SPF_SOFTFAIL autolearn=no version=3.3.2 X-HELO: smtp.ht-systems.ru Received: from smtp.ht-systems.ru (HELO smtp.ht-systems.ru) (78.110.50.177) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Tue, 24 Mar 2015 18:50:16 +0000 Received: from [91.78.183.206] (helo=darkdragon.lan) by smtp.ht-systems.ru with esmtpa (Exim 4.80.1) (envelope-from ) (Authenticated sender: postmaster@rootdir.org) id 1YaTtt-00056o-US ; Tue, 24 Mar 2015 21:50:06 +0300 Received: from [192.168.1.10] (HELO daemon2.darkdragon.lan) by daemon2 (Office Mail Server 0.8.12 build 08053101) with SMTP; Tue, 24 Mar 2015 18:46:08 -0000 Date: Tue, 24 Mar 2015 18:59:00 -0000 From: Andrey Repin Reply-To: cygwin@cygwin.com Message-ID: <16210010718.20150324214608@yandex.ru> To: "Lemke, Michael ST/HZA-ZSW" , cygwin@cygwin.com Subject: Re: update trouble 1.7.35 In-Reply-To: <33EC3398272FBE47B64EE3B3E98F69A76C415077@de011521.schaeffler.com> References: <33EC3398272FBE47B64EE3B3E98F69A76C40CC25@DE011520.schaeffler.com> <20150323193842.GM3017@calimero.vinschen.de> <20150324140333.GA17861@calimero.vinschen.de> <33EC3398272FBE47B64EE3B3E98F69A76C414FBD@de011521.schaeffler.com> <20150324155024.GA21272@calimero.vinschen.de> <33EC3398272FBE47B64EE3B3E98F69A76C41502F@de011521.schaeffler.com> <20150324164850.GY3017@calimero.vinschen.de> <33EC3398272FBE47B64EE3B3E98F69A76C415077@de011521.schaeffler.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2015-03/txt/msg00433.txt.bz2 Greetings, Lemke, Michael ST/HZA-ZSW! > I just created new ones. I like passwd/group much better than AD, sorry. > Just like real unix before the invention of yellow pages and nis. This > way I can easily give different shells to different users You can give them in AD the same way. And they will persist through your system reinstalls and hardware changes. Having millions of separate file "databases" you have to maintain was never a good idea, and people were always looking for ways to simplify the management overhead. > (not that it is really important at the moment). > In nsswitch.conf I put > passwd: files db > group: files db > and ls listings seem to look fine. Login is also possible again > with correct tcsh shell. >>The problem is the domain switch which also changed the SID of your user >>account. The old SID, which you also have in your passwd, is not >>returned by the server anymore. But it's stored in your SID history in >>AD and when asking for it you get an answer. > So, to sort of sum this up: the new cygwin doesn't deal well with > contradicting entries in passwd and AD. It doesn't deal with them at all. It works with what it is given. > Or something like that. Maybe you can at least make the login process > generate an error message. What kind of error message? > I just > realize there is one (which started this whole thread) but if you start > cygwin from a minty shortcut (as I do and as it is the default I think) all > you get is a flashing window. I added "-h always" to the mintty options > to actually see the message. Weird local setups, like yours, is what was the primary reason to rewrite the user handling in Cygwin in first place. To have more transparent link to the underlying system calls. >>> >>> I noticed something else: With nsswitch.conf db: >>> >>> > ls -l >>> ... >>> -rw-rwxr--+ 1 lemkemch OLDDOMAIN+Domain Users 10057 Oct 21 2013 testresults.xml >>> drwxr-xr-x+ 1 lemkemch OLDDOMAIN+Domain Users 0 Nov 9 2010 tidy4aug00 >>> drwxrwxr-x+ 1 lemkemch Domain Users 0 May 14 2014 tinymce >>> drwxr-xr-x+ 1 lemkemch OLDDOMAIN+Domain Users 0 Jan 13 2012 tomahawk-1.1.11 >>> ... >>> > ls -ln >>> ... >>> -rw-rwxr--+ 1 1051305 1073742337 10057 Oct 21 2013 testresults.xml >>> drwxr-xr-x+ 1 1051305 1073742337 0 Nov 9 2010 tidy4aug00 >>> drwxrwxr-x+ 1 1175788 1049089 0 May 14 2014 tinymce >>> drwxr-xr-x+ 1 1051305 1073742337 0 Jan 13 2012 tomahawk-1.1.11 >>> ... >>> >>> Note the different numerical id's that translate to the same username. >>> Don't know if it means anything. I just find it weird. >> >>That's due to your SID history. It's a bit hard to explain, but that >>occurs when "they" switch to a new domain with different SIDs. When >>asking for the new and the old SID, the same username is returned since >>both are your SIDs, one old, one new. >> >>I strongly recommend not to use the old SID anymore. The reason is that >>Cygwin will create all these files with the old SIDs. However, your >>actual user token has the new SID. Uh, as I wrote, hard to explain and >>a weird situation. > Ok, I think I get it. >> >>Downside: Cygwin can't handle the old SIDs from your SID history quite >>correctly. > Actually, with "files db" it seems to handle it quite well. I get the same > username for both kind of files. There are still lots of files in my > home I created before the domain switch. That's because Cygwin ask system "who is that man with this face(SID)?" and get the answer, that it is you, because that SID is in your history. Nothing is changed, really. And nothing should, in this regard. >>Trying to support them as well would slow down the user and >>group lookups a lot. If you can live with what we just found out and >>the solution I suggested, I'd be rather happy :} >> > Yes, I am happy now. You can get better results, if you define default shell in nsswitch.conf, rather than hose Cygwin back into 20'st century with your files db. I assume, you're the only one who's using this system, right? So, the change wouldn't affect anyone else. -- WBR, Andrey Repin (anrdaemon@yandex.ru) 24.03.2015, <21:37> Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple