From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 27183 invoked by alias); 26 Nov 2014 20:57:04 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 27173 invoked by uid 89); 26 Nov 2014 20:57:04 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 X-HELO: calimero.vinschen.de Received: from aquarius.hirmke.de (HELO calimero.vinschen.de) (217.91.18.234) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 26 Nov 2014 20:57:01 +0000 Received: by calimero.vinschen.de (Postfix, from userid 500) id ACA1D8E146C; Wed, 26 Nov 2014 21:56:58 +0100 (CET) Date: Wed, 26 Nov 2014 21:16:00 -0000 From: Corinna Vinschen To: cygwin@cygwin.com Subject: Re: RFC: 1.7.33 problem with user's home directory Message-ID: <20141126205658.GA9157@calimero.vinschen.de> Reply-To: cygwin@cygwin.com Mail-Followup-To: cygwin@cygwin.com References: <20141110205216.GJ2782@calimero.vinschen.de> <0B8D23F7-0258-472D-BF38-860402FD3CDC@etr-usa.com> <20141111101821.GO2782@calimero.vinschen.de> <20141111111437.GB28012@calimero.vinschen.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="oyUTqETQ0mS9luUI" Content-Disposition: inline In-Reply-To: <20141111111437.GB28012@calimero.vinschen.de> User-Agent: Mutt/1.5.23 (2014-03-12) X-SW-Source: 2014-11/txt/msg00582.txt.bz2 --oyUTqETQ0mS9luUI Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 6080 On Nov 11 12:14, Corinna Vinschen wrote: > On Nov 11 11:05, Achim Gratz wrote: > > Corinna Vinschen cygwin.com> writes: > > > 1. Add a setting to /etc/nsswitch.conf which allows to specify one of > > > the above: > > >=20 > > > home: [unix|win|home]... > > >=20 > > > - "unix" means, set pw_dir to unixHomeDirectory > > > - "win" means, set pw_dir to homeDirectory > > > - "home" means, set pw_dir to /home/$USER > > > - Multiple entries are possible. > > > - Default in the absence of this setting is: always set pw_dir to > > > /home/$USER. > >=20 > > Looks good, but maybe allow the AD attribute to be explicitly named (e.= g. > > cygwinHomeDirectory). >=20 > Cygwin schema extension? :) I just created a patch and a matching snapshot on https://cygwin.com/snapshots/ The new stuff is still missing documentation, so I'm explaining it here for now. For the attentive, there are two questions in the text... Here's what you get: /etc/nsswitch.conf now supports specifying three new settings which allow to configure the pw_dir, pw_shell, and pw_gecos content: db_home: schema... db_shell: schema... db_gecos: schema... "schema..." is a list of up to four space-separated schemata: db_home: schema1 schema2 ... If the first schema returns an empty string, skip to the second, and so on. Schemata only supported on AD are silently skipped for SAM accounts and on non-AD machines. The default for all three settings is: db_foo: cygwin desc Four predefined schemata are supported: windows Utilizes typical Windows settings. Supported for AD and SAM accounts. cygwin Utilizes predefined cygwinUser/cygwinGroup AD schema extensions. These are available via a schema extension file /usr/share/cygwin/cygwin.ldif. unix Utilizes the RFC2307 posixAccount/posixGroup schema extensions. These are available when installing the Server for NIS AD feature. desc Utilizes XML-style attributes in the description attribute. Supported for AD and SAM accounts. This way to fetch extended user and group info from the description field is already documented (albeit only for SAM accounts) in https://cygwin.com/preliminary-ug/ntsec.html#ntsec-mapping-passwdinfo: Two variable schemata are supported: @ad_attribute ad_attribute is any arbitrary AD attribute name which should be available in the User class or in any attached auxiliary class. /path An arbitrary string, typically a path. The leading sla= sh is required. The /path schema supports a few wildcards: %u Cygwin username %U Windows username %D Windows domain in NetBIOS style %_ A space %% A percent sign. The meaning of the schemata depend on the setting: db_home: windows AD and SAM: Utilizes the setting of the homeDrive or homeDirectory attributes, or their SAM "Home folder" counterparts. The Windows path is converted to a POSIX path. cygwin AD only: Shortcut for the cygwinHome attribute from the predefined cygwinUser auxiliary class. POSIX path expected. unix AD only: Shortcut for the unixHomeDirectory attribute from the posixAccount auxiliary class. POSIX path expected. desc AD and SAM: Fetch the home=3D"..." setting from the user's description attribute. POSIX path expected. @ad_attribute AD-only: Read AD attribute "ad_attribute" as POSIX path. =09=09=20=20=20=20 However, I'm contemplating to allow a Windows path here, too. Does this make sense to you? /path POSIX path. Remember the wildcards. fallback If nothing works, the fallback is /home/$USERNAME (Windows username). db_shell: windows Ignored. Do you want CMD instead? cygwin AD-only: Shortcut for the cygwinShell attribute from the cygwinUser class. POSIX path. unix AD-only: Shortcut for the loginShell attribute from the posixAccount class. POSIX path. desc AD and SAM: Fetch the shell=3D"" setting from the user's description attribute. POSIX path. @ad_attribute See above. /path See above. fallback If nothing works, the fallback is /bin/bash. db_gecos: windows AD and SAM: displayName attribute, or "Full Name" setting in SAM.=20 cygwin AD-only: cygwinGecos attribute from cygwinUser class. unix AD-only: gecos attribute from posixAccount class. @ad_attribute Read AD attribute "ad_attribute" and prepend to pw_gecos. /path Skip the slash, prepend the reminder of the string to pw_gecos. Note that the wildcards are still evaluated. fallback If nothing works, the fallback is no fallback. Examples: db_home: cygwin desc The default. Try the cygwinHome attribute first. If it's empty, evalaute the description field and see if the home dir is set via the cygwin XML-style text. If that fails, fallback is /home/$USERNAME (Windows username). db_home: unix @msTSHomeDirectory /home/%u Try the unixHomeDirectory attribute first. Empty? Try the (otherwise unused) msTSHomeDirectory attribute. Empty? Fall back to /home/$USER (Cygwin username). db_gecos: @comment /Hallo%_%U Try the comment attribute. Empty? Fall back to the string "Hallo ". Example passwd entry: corinna:*:1049577:1049701:Hallo corinna,U-MY_DOM\corinna,S-1-5-21-yad= a-yada:/home/corinna:/bin/bash Is this new stuff basically clear? Questions? Please give it a try. Thanks, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --oyUTqETQ0mS9luUI Content-Type: application/pgp-signature Content-length: 819 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUdj6aAAoJEPU2Bp2uRE+gEj0P/0Vz1r9vlNh0y9BWxy7ug42r hJ9soCIawx9nbmaNXhdmTlovE7PeEO19XP4SUhUxgS8WY/nriHD5diHOxUEossaL S0FrTt7hUS8h1YeHUL0vtRRpRWrUHpwZANEgV4VtFL7JdfOcO5Nh3klH5Z5cK9UP EC1weVrn3SIFsMpGguSnOfD9d1V0JTBnUVg5Nhd1QukPY40Gi1VsdHWly96mKXIo xThIB6NL6/avW440oUs2s6KXPPvHr8n4uCuR+PGs0UBbHeoP09OvkAAdf4n9qBsB GI59xEOV2oSqwXnlIQO2bBWoV4JXbTDGw5fIRSV5jBZBeWsGdYIh+BK0NHJa9sxk 4dWfkvvoxcGJCkNep6g73FAm6qEAfjiZSqP8SgUqOD+w3rN687kI2RyUl+bafzwS 1ERjVnCPO/+ZSeY+wMjvxGmSZ3pt4XAVlHBOJO9F+9EKfqU9rc0ey7cXGSwoXdRL Y4u3+zQ3rrptC+cqYS6d8Po75T6Oa2Z6O7fPFjamz9xbC+9KyCk0FJf4RYMPbQm5 JG0X9YnTwpVaAqPxsEH8dvJqYNJK5CqRGElcaLBC4vkunTyxc25R1kvEu1UQxTO1 O+BIBQFllVOFvmTSKw+txC/qF/PXraIP86tI1NH1KXtfAa4El7bktf6X5Qw1ikqP wlYf6F4mKiXRvJzIl9YF =rUmn -----END PGP SIGNATURE----- --oyUTqETQ0mS9luUI--