public inbox for cygwin@cygwin.com
 help / color / mirror / Atom feed
From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin@cygwin.com
Subject: Re: chmod failed: Invalid argument
Date: Wed, 10 Feb 2016 11:37:00 -0000	[thread overview]
Message-ID: <20160210113705.GA15391@calimero.vinschen.de> (raw)
In-Reply-To: <56BB1813.9050102@gmx.de>

[-- Attachment #1: Type: text/plain, Size: 3990 bytes --]

On Feb 10 11:59, Rainer Blome wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> On 08.02.2016 15:29, Corinna Vinschen wrote:
> > On Jan 31 21:24, Rainer Blome wrote:
> >> On 28.01.2016 21:40, Corinna Vinschen wrote:
> >>>>> On a hunch, do you have old /etc/passwd and /etc/group
> >>>>> files
> >>>> There is no `/etc/group`, but `/etc/passwd` defines the
> >>>> group ID of my user as 513
> >> On a Cygwin 2.3.1 on a different machine, `/etc/passwd` also has 
> >> 513 in the group column of all users. Yet, when I ask for `id`,
> >> I get something like this (translated):
> >> 
> >> uid=197609(username) gid=197121(None) \ 
> >> Groups=197121(None),545(Users),...
> > 
> > These values make sense.
> 
> Please enlighten me. To me it looks as if cygwin or at least mkpasswd
> formerly used 513 as the gid for "None", and switched to 197121 at
> some point.

Keep in mind that uid and gid values are POSIX concepts, not Windows
concepts.  Windows uses a SID.  Cygwin translates SIDs into uids and
gids using either the preferred computation directly from SAM or AD, or
the uid/gid values mentioned in /etc/passwd and /etc/group.  What it
uses depends on the content of /etc/nsswitch.conf, and if the
/etc/passwd and /etc/group files exist or not.  See the User's Guide at
https://cygwin.com/cygwin-ug-net/ntsec.html for all the gory details.

513 was the gid value for "None" when fetched from /etc/group.  197121
is the computed gid value for the group "None", using the algorithm
explained in
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-how:

  "None" is a local SAM account with RID 513, therefore its computed gid
  value is 0x30000 + 513 = 197121.

> I currently do not understand this:
> 
> Before I changed gid of my user from 513 to 197121 in /etc/passwd, ls
> printed 513 as the group of files in the home directory. After the
> change, ls prints "None" as the group.

513 was probably missing from /etc/group, but it was mentioned in
/etc/passwd.  The ambiguity is the problem, but off the top of my head I
can't reproduce how Cygwin struggles to resolve it.  Not very well,
apparently.

> But 197121 is the id of None.
> At first sight, this looks like the file group ownership has changed
> from 513 to 197121,

Of course not.  The actual entry in the file's DACL contains the SID of
the group "None".  Everything else is just a mapping to the POSIX
concept of uids and gids.  Think of Cygwin's uid and gids as just a
virtual representation of the reality.  Either computed directly from
the SID, or taken from /etc/passwd and /etc/group if they exist and are
active per /etc/nsswitch.conf.

> but I do not see why that should have happened.
> >> No doubt. So what kind of maintenance do these files need? Should
> >> I have known that they do?
> > 
> > They should match.  For instance, one problem is if your passwd 
> > entry contains a gid not available in either the Windows user DB
> > or /etc/group.
> 
> Does this mean that if /etc/passwd exists, /etc/group must also exist
> (and match)? Or that, if /etc/passwd gives a currently-non-canonical
> gid such as 513, /etc/group must exist and define that gid?

The latter in the first place.  Ideally you don't use the files at all
and let Cygwin compute the uid/gid values.  If you feel more comfortable
with, say, changing your home dir using an /etc/passwd entry, rather
than one of the other methods described in
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch
you just generate a single passwd entry for your user:

  $ mkpasswd -c > /etc/passwd

Then change home dir or shell, but keep the rest of the line intact,
*especially* the uid and gid values since they will match the computed
values and not lead to ambiguity.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

      reply	other threads:[~2016-02-10 11:37 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-01-28 15:43 Rainer Blome
2016-01-28 16:11 ` Corinna Vinschen
2016-01-28 17:23   ` Aw: " Rainer Blome
2016-01-28 18:43     ` Corinna Vinschen
2016-01-28 20:18       ` Rainer Blome
2016-01-28 21:47         ` Corinna Vinschen
2016-01-31 22:45           ` Rainer Blome
2016-02-08 14:29             ` Corinna Vinschen
2016-02-10 10:59               ` Rainer Blome
2016-02-10 11:37                 ` Corinna Vinschen [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160210113705.GA15391@calimero.vinschen.de \
    --to=corinna-cygwin@cygwin.com \
    --cc=cygwin@cygwin.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).