From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin@cygwin.com
Subject: RFC: 1.7.33 problem with user's home directory
Date: Mon, 10 Nov 2014 20:52:00 -0000 [thread overview]
Message-ID: <20141110205216.GJ2782@calimero.vinschen.de> (raw)
[-- Attachment #1: Type: text/plain, Size: 2453 bytes --]
Hi,
after a long discussion in RL today, I came to the conclusion that
there's a major problem in the current handling of the user's home
directory in AD environments in the new user account code when not using
/etc/passwd files.
Here's how it works and how it's documented in the preliminary
documentation at
https://cygwin.com/preliminary-ug/ntsec.html#ntsec-mapping-passwdinfo
- If your account is an AD account, the home directory is taken from the
RFC 2307 entry unixHomeDirectory.
- Otherwise, if these values are empty or don't exist, your fallback
home directory is /home/$USER (without domain prefix).
As you may have noticed, there's nothing in there taking the Windows
home directory into account. It's indeed not used at all by the new
code.
Up to Cygwin 1.7.32, mkpasswd (but not with -u) generated the Cygwin
home directory by converting the SAM/AD home folder entry to POSIX
style, if it's non-empty. Fallback is /home/$USER.
When I implemented the new scheme I thought it a good idea to decouple
the Cygwin home dir from the Windows home dir. However, in the today's
discussion the following two arguments came up:
- If you're using the Windows home folder setting to maintain file
server based home directories, you typically want that these
directories are used for Cygwin stuff as well (central administration,
central backup).
Having to maintain the home directories twice, once in the
homeDirectory, once in the unixHomeDirectory entry is quite a hassle,
especially given that unixHomeDirectory does not support variable
substitution (e.g. "/home/%USERNAME%" won't work).
- If you're already using AD as NIS server, unixHomeDirectory is already
used for UNIX machines. Trying to align the unixHomeDirectory for
Cygwin to homeDirectory for all the rest of Windows will potentially
become impossible then.
These arguments are quite serious and it questions the "good idea" part
of this change a lot.
What do you think?
Shall the "db" entries utilize the Windows home folder if it exits(*)
and drop using the unixHomeDirectory? It seems inevitable...
Corinna
(*) This would automatically work for SAM accounts as well because SAM
provides the same Windows home folder entry.
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]
next reply other threads:[~2014-11-10 20:52 UTC|newest]
Thread overview: 91+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-10 20:52 Corinna Vinschen [this message]
2014-11-10 21:18 ` Achim Gratz
2014-11-10 21:39 ` Corinna Vinschen
2014-11-11 7:30 ` Achim Gratz
2014-11-11 0:50 ` Andrey Repin
2014-11-11 2:42 ` Andrew DeFaria
2014-11-11 6:35 ` Andrey Repin
2014-11-11 9:15 ` Frank Fesevur
2014-11-11 15:20 ` Andrey Repin
2014-11-11 1:39 ` Jeffrey Altman
2014-11-11 6:19 ` Warren Young
2014-11-11 9:33 ` Corinna Vinschen
2014-11-11 10:00 ` Corinna Vinschen
2014-11-11 13:52 ` Jeffrey Altman
2014-11-11 16:19 ` Corinna Vinschen
2014-11-11 4:26 ` Yaakov Selkowitz
2014-11-11 6:05 ` Warren Young
2014-11-11 6:50 ` Andrey Repin
2014-11-11 9:00 ` Marco Atzeri
2014-11-11 6:09 ` Warren Young
2014-11-11 10:18 ` Corinna Vinschen
2014-11-11 11:06 ` Achim Gratz
2014-11-11 11:14 ` Corinna Vinschen
2014-11-11 12:48 ` Habermann, David (D)
2014-11-12 16:27 ` Warren Young
2014-11-12 16:31 ` Warren Young
2014-11-12 17:55 ` Habermann, David (D)
2014-11-12 21:28 ` cyg Simple
2014-11-12 21:51 ` Habermann, David (D)
2014-11-13 9:06 ` Corinna Vinschen
2014-11-12 22:35 ` Andrey Repin
2014-11-11 16:45 ` Achim Gratz
2014-11-11 16:55 ` Corinna Vinschen
2014-11-26 21:16 ` Corinna Vinschen
2014-11-26 21:29 ` Cygwin AD schema and configuration extensions (was Re: RFC: 1.7.33 problem with user's home directory) Corinna Vinschen
2014-11-26 21:56 ` Achim Gratz
2014-11-27 9:36 ` Corinna Vinschen
2014-11-27 14:52 ` Corinna Vinschen
2014-11-27 19:23 ` Achim Gratz
2014-11-27 20:12 ` Corinna Vinschen
2014-11-28 2:21 ` Achim Gratz
2014-11-26 21:58 ` Habermann, David (D)
2014-11-26 23:15 ` Corinna Vinschen
2014-11-27 16:12 ` RFC: 1.7.33 problem with user's home directory Corinna Vinschen
2014-11-27 17:41 ` Corinna Vinschen
2014-11-28 12:48 ` Andrey Repin
2014-11-28 16:20 ` Corinna Vinschen
2014-11-28 17:04 ` Andrey Repin
2014-11-28 18:34 ` Corinna Vinschen
2014-11-29 9:36 ` Andrey Repin
2014-12-01 17:50 ` cyg Simple
2014-12-02 5:35 ` Andrey Repin
2014-12-03 14:05 ` cyg Simple
2014-12-03 20:20 ` Andrey Repin
2014-12-04 12:21 ` Linda Walsh
2014-12-04 13:47 ` Corinna Vinschen
2014-12-02 16:03 ` Corinna Vinschen
2014-11-28 16:17 ` Andrey Repin
2014-12-03 7:35 ` Cygwin AD integration home/shell changes Andrey Repin
2014-12-03 9:16 ` Corinna Vinschen
2014-12-03 13:50 ` Andrey Repin
2014-12-04 9:40 ` Corinna Vinschen
2014-12-05 5:20 ` Andrey Repin
2014-12-05 10:13 ` Corinna Vinschen
2014-12-05 20:20 ` Andrey Repin
2014-12-06 10:08 ` Corinna Vinschen
2014-12-04 15:49 ` RFC: 1.7.33 problem with user's home directory Corinna Vinschen
2014-12-05 5:35 ` Andrey Repin
2014-12-05 10:15 ` Corinna Vinschen
2014-12-05 21:20 ` Andrey Repin
2014-12-06 11:08 ` Corinna Vinschen
2014-12-10 20:52 ` cyg Simple
2014-12-10 22:50 ` Andrey Repin
2014-12-10 23:29 ` David Stacey
2014-11-11 11:09 ` Corinna Vinschen
2014-11-11 12:11 ` Bryan Berns
2014-11-11 12:31 ` Corinna Vinschen
2014-11-11 15:35 ` Andrey Repin
2014-11-11 16:57 ` Corinna Vinschen
2014-11-11 20:20 ` Andrey Repin
2014-11-12 10:30 ` Corinna Vinschen
2014-11-12 20:35 ` Andrey Repin
2014-11-13 9:07 ` Corinna Vinschen
2014-11-13 21:50 ` Andrey Repin
2014-11-14 10:32 ` Corinna Vinschen
2014-11-17 4:05 ` Andrey Repin
2014-11-12 16:45 ` Warren Young
2014-11-13 9:27 ` Corinna Vinschen
2014-11-13 22:05 ` Andrey Repin
2014-11-14 10:35 ` Corinna Vinschen
2014-11-11 10:01 Houder
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141110205216.GJ2782@calimero.vinschen.de \
--to=corinna-cygwin@cygwin.com \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).