From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin@cygwin.com
Subject: Re: Re: Windows 8 group won't respect /etc/passwd or /etc/group
Date: Wed, 08 Jan 2014 15:58:00 -0000 [thread overview]
Message-ID: <20140108155850.GG1336@calimero.vinschen.de> (raw)
In-Reply-To: <52CD6FF0.1010309@whitelancer.com>
[-- Attachment #1: Type: text/plain, Size: 5424 bytes --]
On Jan 8 10:34, John Smith wrote:
> Hi there,
>
> First, thanks for the detailed reply!!
>
> >>I've been struggling with an issue trying to figure out why Windows
> >>8.1 won't seem to respect the trick of setting your /etc/password to
> >>use a default group such as users instead of 'none'. There are a
> >>few other discussions on this board around changing the group to
> >>"Users" and modifying the /etc/passwd to have a default group.
> >
> >Not sure if the User's Guide is explaining it badly or not, but "None"
> >*is* a group. It's the primary (what you call "default") group for all
> >users on a local machine not connected to a Windows domain, and it has
> >the SID S-1-5-21-<xxx>-<yyy>-<zzz>-513. If you call mkgroup -l it shows
> >up like this:
> >
> > None:S-1-5-21-3229976424-329291882-2774727752-513:513:
> >
> >assuming you have an english system, otherwise you see a localized
> >group name.
>
> Yes, I understand this part. And I would be happy to see this group
> show up, but it does not seem to be able to identify "None" as the
> group.>
>
> >Yes, of course. Changing the primary group via /etc/passwd only
> >works for Cygwin processes and their child processes. It does not
> >change the default user token of all processes. How should that
> >work, especially since the OS itself doesn't allow to change the
> >primary group of local user accounts.
>
> Interesting -- so we can change permissions via cygwin, (unless
> we're mounted as noacl) but not groups?
The primary group membership of a file is determined by the processes
user token at the time of writing a file. Native processes not started
by Cygwin processes will have the "none" primary group, unless you're
a domain user.
> I'm not trying to change
> the default group necessarily - that would be convenient, of course,
> but the most frustrating part is that it's changing it *back*.
That's not how it works for me, even with Notepad. It only changes
the file content, not the ownership.
> In *nix, once you change a group, just editing a file won't change
> the group back to something else.
That doesn't happen on Cygwin, too.
> Optimally I would find a way to change the default created group,
> but I can survive if cygwin (the OS?) will at least remember the
> group when I change it to something else.
The OS is Windows. Cygwin does know the primary group and it won't
change it at a whim either.
> >>Well, technically
> >>it's coming back as 4294967295. (64 bit cygwin)
> >
> >This can only happen if you dropped the "None" group from your
> >/etc/group file. mkgroup -l > /etc/group will rectify it.
>
> See, this is why I'm so baffled: I *do* have this group. It's the
> last entry in my /etc/groups:
>
> None:S-1-5-21-339652832-68357117-3096367938-513:513:
And your account is a local user account, not a domain account?
If so, the None entry won't be used, and the group information
is ???? because your real primary group is missing in /etc/group.
Recreate your /etc/passwd and /etc/group files using
mkpasswd -l -d and mkgroup -l -d.
> >Except for the 4294967295, which is just a missing entry for "None" in
> >/et/cgroup, this is normal. See above. It's not a problem of the OS or
> >Cygwin, you're just misunderstanding how this works. User tokens
> >are propagated from process to child process. The parent processes
> >of any first Cygwin process is a native Windows process with an
> >unchanged user token, so it has "None" as primary group. At startup
> >of the first Cygwin process, it reads /etc/passwd and /etc/group
> >and changes the primary group in its user token if requested by your
> >settings. This changed user token will be inherited by child processes
>
> Ah, I see. So do you know if there is anyway to tell applications
> to change groups, to avoid this issue of the None/blank/missing
> group?
I'm thoroughly confused by this question. This doesn't happen. You
seem to be interpreting something you see the wrong way but I can't make
out what that is, sorry.
> >started from this process and subsequent processes, but it does not
> >affect the user tokens of unrelated processes, especially not of
> >non-CYgwin processes started from Explorer. If you want Notepad to
> >use your group setting, start it from a Cygwin process.
>
> Just tested this, and yes, that definitely works. OK, thank you for
> this. It's not the solution yet but it's on the right track.
>
> Do you have any suggestions or thoughts as to why I'm still seeing
> that group of ??????????? even though "none" exists in my
> /etc/group? I was assuming that the default group must be something
> else, not "None", maybe some virtual group that cygwin can't detect
> with mkgroup.
mkgroup doesn't print all existing groups, especially not most of
the predefined groups like "Local", "Createor Owner", etc., see
http://msdn.microsoft.com/en-us/library/windows/desktop/aa379649%28v=vs.85%29.aspx
These groups are not used for group membership usually, even if they
are part of a user token. Try the icacls command on a file to see
what it prints and compare the info with your passwd and group files.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]
next prev parent reply other threads:[~2014-01-08 15:58 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-08 15:34 John Smith
2014-01-08 15:58 ` Corinna Vinschen [this message]
2014-01-08 17:08 ` John Smith
2014-01-08 17:49 ` Corinna Vinschen
2014-01-10 12:57 ` John Smith
2014-01-10 14:48 ` Max Polk
2014-01-10 14:32 ` John Smith
2014-01-11 1:48 ` Linda Walsh
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140108155850.GG1336@calimero.vinschen.de \
--to=corinna-cygwin@cygwin.com \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).