From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 94952 invoked by alias); 9 Mar 2016 11:50:33 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 94940 invoked by uid 89); 9 Mar 2016 11:50:32 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=1.8 required=5.0 tests=BAYES_50,KAM_LAZY_DOMAIN_SECURITY,RP_MATCHES_RCVD autolearn=no version=3.3.2 spammy=GID, emailed, mars, SID X-HELO: madmax.studelec-sa.com Received: from madmax.studelec-sa.com (HELO madmax.studelec-sa.com) (195.167.234.227) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 09 Mar 2016 11:50:22 +0000 Received: from localhost (madmax.studelec-sa.com [127.0.0.1]) by madmax.studelec-sa.com (Postfix) with ESMTP id 571E23FE093 for ; Wed, 9 Mar 2016 12:50:19 +0100 (CET) Received: from madmax.studelec-sa.com ([127.0.0.1]) by localhost (madmax.studelec-sa.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BH-lXufXN-Ra for ; Wed, 9 Mar 2016 12:50:19 +0100 (CET) Received: from [192.168.0.23] (unknown [192.168.0.23]) by madmax.studelec-sa.com (Postfix) with ESMTPSA id 163EB3FE08F for ; Wed, 9 Mar 2016 12:50:19 +0100 (CET) Subject: Re: RFC2307 accounts To: cygwin@cygwin.com References: <56DFCC21.8070506@studelec-sa.com> <56DFE973.2070406@maxrnd.com> <56DFFE26.9080705@studelec-sa.com> <20160309112750.GA14733@calimero.vinschen.de> From: Marc Rechte Message-ID: <56E00DF7.7060406@studelec-sa.com> Date: Wed, 09 Mar 2016 11:50:00 -0000 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 In-Reply-To: <20160309112750.GA14733@calimero.vinschen.de> Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms030400040102080503050807" X-IsSubscribed: yes X-SW-Source: 2016-03/txt/msg00094.txt.bz2 --------------ms030400040102080503050807 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Content-length: 2898 Le 09/03/2016 12:27, Corinna Vinschen a =C3=A9crit : > On Mar 9 11:42, Marc Rechte wrote: >> Le 09/03/2016 10:14, Mark Geisert a =C3=A9crit : >>> Marc Rechte wrote: >>>> Hello, >>>> >>>> Trying to set RFC2307 accounts, using unix schema in >>>> /etc/nsswitch.conf. >>> [...] >>> >>> Your original post of this material was answered about 30 minutes after >>> your post. Kindly follow up there... >>> >>> https://cygwin.com/ml/cygwin/2016-03/msg00076.html >> Sorry, I did not get that answer emailed to me (some confusion during the >> subscription). >> >> I am not clear with answer given by Corinna. >> >> The idea behind RFC2307, imho is to have a consistent UID/GID between >> systems which have joined a domain. This is what we achieved in our doma= in, >> where a user login into whatever Linux box, gets the same uid/gid. One w= ould >> expect the same behaviour in cygwin (on a joined machine), wouldn't he ? > That's not the idea behind the uid/gid mapping. You might have noticed > that "unix" is not used as a keyword in the passwd and group settings > in /etc/nsswitch.conf, only in the db_home, db_shell, and db_gecos settin= gs. > > Keep in mind that we have two mappings. The main mapping is the mapping > between Windows SID and a computed uid/gid value used in Cygwin which > allows fast mapping in both directions. A computed value drops the > requirement to access an LDAP server for the mapping, which is > especially bad when not using AD as mapping server. > > Please read https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nfs > and https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-samba > again. The RFC 2307 mapping only comes into play when reading meta > information from an NFS or Samba share. The unix uid/gid values have to > be mapped to a Windows user (better: SID) in the first place, not to the > Cygwin uid/gid values. The actual uid/gid values are irrelevant. Worse, > using the RFC 2307 values might collide with other, computed uid/gid > values. > > > Corinna > OK, I noticed that. Now it brings me a problem using rsync on cygwin. On cygwin: $ cat /etc/rsyncd.conf [test] path =3D /cygdrive/c/tmp comment =3D zone de test fake super =3D yes read only =3D no On the Linux box: # ls -l /home/tunix/ ... drwxr-xr-x 3 tunix root 4096 9 mars 12:23 resto_win -rw-rw-r--+ 1 tunix utilisateurs_du_domaine 82882 9 mars 10:56 tmp.ps # rsync -avz --acls --delete /home rsync://192.168.0.23/test .. # rsync -avz --acls --delete rsync://192.168.0.23/test/home/tunix resto_win/ ... # ls -l /home/tunix/resto_win/tunix/ ... drwx------ 2 1050005 1049089 4096 9 mars 12:14 resto_win -rw------- 1 1050005 1049089 82882 9 mars 10:56 tmp.ps You will notice that owner, group and ACLs are *not* restored properly Am I demanding too much to cygwin ? Thanks for your time. Marc --------------ms030400040102080503050807 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: Signature cryptographique S/MIME Content-length: 5645 MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG 9w0BBwEAAKCCDBQwggXZMIIDwaADAgECAgcWZ1TjwnBRMA0GCSqGSIb3DQEB CwUAMH0xCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMSkw JwYDVQQDEyBTdGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0w NzEwMTQyMTAxNTVaFw0yMjEwMTQyMTAxNTVaMIGMMQswCQYDVQQGEwJJTDEW MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xh c3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHCYPMzi3YGrEppC4Tq5a+ijKDjKaI QZZVR63UbxIP6uq/I0fhCu+cQhoUfE6ERKKnu8zPf1Jwuk0tsvVCk6U9b+0U jM0dLep3ZdE1gblK/1FwYT5Pipsu2yOMluLqwvsuz9/9f1+1PKHG/FaR/wpb fuIqu54qzHDYeqiUfsYzoVflR80DAC7hmJ+SmZnNTWyUGHJbBpA8Q89lGxah NvuryGaC/o2/ceD2uYDX9U8Eg5DpIpGQdcbQeGarV04WgAUjjXX5r/2dabmt xWMZwhZna//jdiSyrrSMTGKkDiXm6/3/4ebfeZuCYKzN2P8O2F/Xe2AC/Y7z eEsnR7FOp+uXAgMBAAGjggFMMIIBSDASBgNVHRMBAf8ECDAGAQH/AgEAMA4G A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUU3Ltkpzg2ssBXHx+ljVO8tS4UYIw HwYDVR0jBBgwFoAUTgvvGqRAW6UXaYcwyjRoQ9BBrvIwaQYIKwYBBQUHAQEE XTBbMCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5zdGFydHNzbC5jb20vY2Ew MAYIKwYBBQUHMAKGJGh0dHA6Ly9haWEuc3RhcnRzc2wuY29tL2NlcnRzL2Nh LmNydDAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnN0YXJ0c3NsLmNv bS9zZnNjYS5jcmwwQwYDVR0gBDwwOjA4BgRVHSAAMDAwLgYIKwYBBQUHAgEW Imh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwDQYJKoZIhvcN AQELBQADggIBAHQKh/oy3viYt+qvMyyQhqWiIb9kP1KRhqWHGFMID7OAbofo UgDKVUJ7UsiBnPmleGa2pUwvf2B67qPqc2e9Ge9/kBvJtV8rSES3z+/KVrx6 UwlX8VyWnkRNGV0PLvCD+34cIOqhF3Tjmt4jpfYSTjkXcOpa7F4RGZbmu0+j 1HO46XAYypOisgXD3XWecqqXzEMimZVrF3DlsMYTYMmFtzRYAeaDh2BxczJl V4HeBs8gw7d4USUoDWHckMR4QK0zLVVmQ1F66irltWWsJ9CFKVyz9ZTBspi3 FDJCT93XfR4OrOUHB+I5P18lTWHDD1p/9dX7Zh8bdwlOSKdEfsKvzaxVZbKk uXXo7FMG2v6LQ2Jmv6Gc4jJ8jSyjatpy86llJJT2R3tJFPRGlfPcZ1ge3Ad/ qXDZKPI4pN8D5so89WUPAJ7z9ZeDqSFdGTWaynTZaCRPAIC/e35VtTyNuIam +n6nuaZFgccpACw51vkgFUij6AKxByq7CNgB1Zn/FRX15qZA9bu2ZI8QTHJT /8zM3njXAgV6AsFOf682t14qsYSBz0jpef8kU0q15uV9oZSGjy1ph/0ysQD+ 342MIh3PQlKp62dj3eWWP3MBF7gtQTbERX1PmMzfTIsyMbjq+pv9P4iKROw0 +8MNp0PUNtilMG2fKLBRoczLiZ7hMLjyedCXMIIGMzCCBRugAwIBAgIDDdBx MA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3Rh cnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNh dGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5 IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcNMTUwNDIzMjAzOTUxWhcNMTYw NDI0MDExNTM0WjBKMSAwHgYDVQQDDBdtcmVjaHRlQHN0dWRlbGVjLXNhLmNv bTEmMCQGCSqGSIb3DQEJARYXbXJlY2h0ZUBzdHVkZWxlYy1zYS5jb20wggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjPBxK6ovK8pBqnxN//2tY BYDqeSn78k1Uxbk4ecgy6rrmCHUnoS/Pdf7s5x+aNoe/60RweVYDB6kGloin ROLnePBO2ZC/qSJFQFhuXsN5FqWB7O+OCHNXxrhaqVUdhOokDnpq7w/ErdWa SBcGQEYd7hyNN9OuQ7cyu4evSEaHNB49BDp1DX3arW/sXZUwfWaFBiR6eEL4 ZggO0hrEZ1xA+c4TkIy5qQ4lPoVHATl7eOXQZYXBvJx5vRDUABBYwTorORjn AwumufXtE5LYrjvKGG8783UkKZrHYuFdbA+BHrEq8j99APw9EXhwnWXO90Wg pgVUquas2Gpdy39KEdW1AgMBAAGjggLdMIIC2TAJBgNVHRMEAjAAMAsGA1Ud DwQEAwIEsDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwHQYDVR0O BBYEFOHaNvYSvKBhzp4VNSou8V6yDDudMB8GA1UdIwQYMBaAFFNy7ZKc4NrL AVx8fpY1TvLUuFGCMCIGA1UdEQQbMBmBF21yZWNodGVAc3R1ZGVsZWMtc2Eu Y29tMIIBTAYDVR0gBIIBQzCCAT8wggE7BgsrBgEEAYG1NwECAzCCASowLgYI KwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYw gfcGCCsGAQUFBwICMIHqMCcWIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0 aG9yaXR5MAMCAQEagb5UaGlzIGNlcnRpZmljYXRlIHdhcyBpc3N1ZWQgYWNj b3JkaW5nIHRvIHRoZSBDbGFzcyAxIFZhbGlkYXRpb24gcmVxdWlyZW1lbnRz IG9mIHRoZSBTdGFydENvbSBDQSBwb2xpY3ksIHJlbGlhbmNlIG9ubHkgZm9y IHRoZSBpbnRlbmRlZCBwdXJwb3NlIGluIGNvbXBsaWFuY2Ugb2YgdGhlIHJl bHlpbmcgcGFydHkgb2JsaWdhdGlvbnMuMDYGA1UdHwQvMC0wK6ApoCeGJWh0 dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNybC5jcmwwgY4GCCsGAQUF BwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNv bS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2Fp YS5zdGFydHNzbC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0 MCMGA1UdEgQcMBqGGGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG 9w0BAQUFAAOCAQEAhunLBnxICdIiA9RKtGQwcRY97JFT1zEWR3jVGI2JFpyc oo08A73T8U44c/MiUmxHxPc4wXWXmvIzxKnJXazTn4vg7WlXjGz9tUbnC5Y0 GtihRZKE4zng6N4k2PyHJ8M7fGTs02I596VoH4mNt0Do4Uh5EH/vF//D5/Ml U0oKZew/h6XWCl4MlquUJkl61SzYQSUhjEfDNXe8SGemsLofVPfd6z2QKxWT PB+98COx0KMc5pH37aXTdSlHkP3JO3tvppmsf/jD8V+pRXPxhrvR7NP0ZrLa BwEEBmY7aPnOCpg0OCN52Z4FKx3htN16x18hs6192PGEWjlp3MWoe6oZeTGC A+0wggPpAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUg U2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IElu dGVybWVkaWF0ZSBDbGllbnQgQ0ECAw3QcTANBglghkgBZQMEAgEFAKCCAikw GAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTYw MzA5MTE1MDE1WjAvBgkqhkiG9w0BCQQxIgQgLkhWpsxAD03mGVjEu2t+mSN2 AVYp72fS9QTQkYfvAywwbAYJKoZIhvcNAQkPMV8wXTALBglghkgBZQMEASow CwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggq hkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBpQYJKwYBBAGC NxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2ln bmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVy bWVkaWF0ZSBDbGllbnQgQ0ECAw3QcTCBpwYLKoZIhvcNAQkQAgsxgZeggZQw gYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYD VQQDEy9TdGFydENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENs aWVudCBDQQIDDdBxMA0GCSqGSIb3DQEBAQUABIIBAEhXUVYZFifv7KR7+xNa UTxgWdtnCNuS6k771f9vV5FBmmvo2fauKKpVNGq7ZShyWOfL+qbGHIL0vQAP XaQjkcIpgZAjR/j0nyUAbvaTyd5SAGdiiXmhzwG5GNmEZKfYNOYN3O5u/3Dl PiyV8nKSKEYeYm0x20nkQ+NwVnMrnl3k0mM0bZuSydvFxzRmdJxp3EvpXXTs 67JqNzdYS6qIdDnsAw1visauZoLjSq0E0ELPZI3VKE8iWNL62LaBGDHYJ+aP rO4lNt7C+Hq89IL337wXXIQ/vvSMg0Y7xOcsPYYHVTSb4r+kJIGqrNzFL7D8 HgmX3LEKtOWqQib8eLAcoE8AAAAAAAA= --------------ms030400040102080503050807--