On Feb 10 11:59, Rainer Blome wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> On 08.02.2016 15:29, Corinna Vinschen wrote:
> > On Jan 31 21:24, Rainer Blome wrote:
> >> On 28.01.2016 21:40, Corinna Vinschen wrote:
> >>>>> On a hunch, do you have old /etc/passwd and /etc/group
> >>>>> files
> >>>> There is no `/etc/group`, but `/etc/passwd` defines the
> >>>> group ID of my user as 513
> >> On a Cygwin 2.3.1 on a different machine, `/etc/passwd` also has 
> >> 513 in the group column of all users. Yet, when I ask for `id`,
> >> I get something like this (translated):
> >> 
> >> uid=197609(username) gid=197121(None) \ 
> >> Groups=197121(None),545(Users),...
> > 
> > These values make sense.
> 
> Please enlighten me. To me it looks as if cygwin or at least mkpasswd
> formerly used 513 as the gid for "None", and switched to 197121 at
> some point.

Keep in mind that uid and gid values are POSIX concepts, not Windows
concepts.  Windows uses a SID.  Cygwin translates SIDs into uids and
gids using either the preferred computation directly from SAM or AD, or
the uid/gid values mentioned in /etc/passwd and /etc/group.  What it
uses depends on the content of /etc/nsswitch.conf, and if the
/etc/passwd and /etc/group files exist or not.  See the User's Guide at
https://cygwin.com/cygwin-ug-net/ntsec.html for all the gory details.

513 was the gid value for "None" when fetched from /etc/group.  197121
is the computed gid value for the group "None", using the algorithm
explained in
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-how:

  "None" is a local SAM account with RID 513, therefore its computed gid
  value is 0x30000 + 513 = 197121.

> I currently do not understand this:
> 
> Before I changed gid of my user from 513 to 197121 in /etc/passwd, ls
> printed 513 as the group of files in the home directory. After the
> change, ls prints "None" as the group.

513 was probably missing from /etc/group, but it was mentioned in
/etc/passwd.  The ambiguity is the problem, but off the top of my head I
can't reproduce how Cygwin struggles to resolve it.  Not very well,
apparently.

> But 197121 is the id of None.
> At first sight, this looks like the file group ownership has changed
> from 513 to 197121,

Of course not.  The actual entry in the file's DACL contains the SID of
the group "None".  Everything else is just a mapping to the POSIX
concept of uids and gids.  Think of Cygwin's uid and gids as just a
virtual representation of the reality.  Either computed directly from
the SID, or taken from /etc/passwd and /etc/group if they exist and are
active per /etc/nsswitch.conf.

> but I do not see why that should have happened.
> >> No doubt. So what kind of maintenance do these files need? Should
> >> I have known that they do?
> > 
> > They should match.  For instance, one problem is if your passwd 
> > entry contains a gid not available in either the Windows user DB
> > or /etc/group.
> 
> Does this mean that if /etc/passwd exists, /etc/group must also exist
> (and match)? Or that, if /etc/passwd gives a currently-non-canonical
> gid such as 513, /etc/group must exist and define that gid?

The latter in the first place.  Ideally you don't use the files at all
and let Cygwin compute the uid/gid values.  If you feel more comfortable
with, say, changing your home dir using an /etc/passwd entry, rather
than one of the other methods described in
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch
you just generate a single passwd entry for your user:

  $ mkpasswd -c > /etc/passwd

Then change home dir or shell, but keep the rest of the line intact,
*especially* the uid and gid values since they will match the computed
values and not lead to ambiguity.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat