From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 14011 invoked by alias); 17 Apr 2015 16:29:45 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 13997 invoked by uid 89); 17 Apr 2015 16:29:45 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-4.1 required=5.0 tests=AWL,BAYES_50,KAM_LAZY_DOMAIN_SECURITY autolearn=no version=3.3.2 X-HELO: calimero.vinschen.de Received: from aquarius.hirmke.de (HELO calimero.vinschen.de) (217.91.18.234) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 17 Apr 2015 16:29:44 +0000 Received: by calimero.vinschen.de (Postfix, from userid 500) id 0EA6EA8057B; Fri, 17 Apr 2015 18:29:42 +0200 (CEST) Date: Fri, 17 Apr 2015 16:29:00 -0000 From: Corinna Vinschen To: cygwin@cygwin.com Subject: Re: NTSEC db_home Message-ID: <20150417162942.GG3657@calimero.vinschen.de> Reply-To: cygwin@cygwin.com Mail-Followup-To: cygwin@cygwin.com References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="3WLtXmtPTeS+BWmV" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-SW-Source: 2015-04/txt/msg00414.txt.bz2 --3WLtXmtPTeS+BWmV Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 2094 On Apr 17 10:07, Jim Reisert AD1C wrote: > I'm having a little trouble with the db_home: setting at work > (corporate network, not using /etc/passwd or /etc/group). Regarding: >=20 > https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch-home >=20 > I tried "db_home: /%H" and although my MINTTY session started in the > correct directory, ssh-keygen wanted to use the directory defined by > HOMESHARE instead, which points somewhere else (a local Unix server). > Note that both HOMEDRIVE (+HOMEPATH) and HOMESHARE ultimately point to > the same place: >=20 > DOS view of the world: >=20 > c:\>set | grep HOME > HOME=3DC:\Home Bzzz. You seem to misinterpret what %H means. It's the same thing as setting db_home to the windows scheme. Here's the relevant part from the docs: windows The user's home directory is set to the same directory which is used as Windows home directory. This is the homeDirectory AD attribute. For SAM accounts, this is equivalent to the "Home folder" setting in SAM. If both attributes are unset, Cygwin falls back to the user's local profile directory, typically something along the lines of C:\Users\$USERNAME. Of course, the Windows directory is converted to POSIX-style by Cygwin.=20 Check with `getent passwd $USER'. Your home dir from the Cygwin POV=20 is what *Windows* sets, not your personal $HOME setting from the environment. I bet you'll see "//corp.ad.broadcom.com/DENA/home/reisert" in the getent output. By setting $HOME to a directory different from your home dir in the passwd entry, you're confusing your tools. Some of them will happily use $HOME, others will use the entry from the account DB (what getent returns). The bottom line is, don't do that. You have enough configuration methods in /etc/nsswitch.conf, AD, or SAM to set your home dir correctly. Setting $HOME manually to a differnet value is just asking for trouble. HTH, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --3WLtXmtPTeS+BWmV Content-Type: application/pgp-signature Content-length: 819 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJVMTT1AAoJEPU2Bp2uRE+gb7EP/0gHs3M5koGpDd3TPjEjK/HF IYxWgGx6AHmSJpt1H8Out2XFUf+n07Fz+0AszZ6664pFHH9upoVDmcIixc1mMzee yT7vKXHBMDqsqpgEXuqA02NqF4mALW7WuhHFMqVB0f/80VK8UNfyLSf6jm9u+Pmd Q8CVaKG8tk72ETJgntJrrIMATxLXD0wZ4EQ/K/g5FwEaUPlsOzTTRdUyCsXndWk0 p9d65OyOMKFXsWJ8goWH07z9+D/uDyR2HXKkyhVxQ1tvFh+2nXOoQ+mgV6AUodS3 5JdvcfDLsOyEpYtr6B3vUowgCFsyACnFF5z6q2HlfyPLSkGx3FNLRp5ke8XPB19k e1mCrC+j0qFVyTAoickFHPnnD4SIXsCXIn1aZdaMa2oy7Xxb0fO5cgEX1mlAsRWM 6eoL/XCOwtvgztFWzkVR4gVtRSJUTMY7PwO2UFN54EM0/Y1trxdHLp7g8MHF7dpE In5xzeh8iMWkTIVMM+9ZOoiWiIPXLleBOUT11HGJGbMuJYzhdn8c9zdhHRdtgWmX FRQg/5/eTVTuYRiioQVYqVKNnHmaKQfz1yGpZ2ozM3+eeZWbscHC9XifRPL7hfvE LFr6YggLv+Ys8NZcrFDRo9o2XbYdvBVk4ci5wmZJexoFfbHpPJIuw6yEYe4kDGFg PTDQieN6oO6YUZbjHq2U =yq0P -----END PGP SIGNATURE----- --3WLtXmtPTeS+BWmV--