From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 59816 invoked by alias); 9 Mar 2016 16:08:24 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 59755 invoked by uid 89); 9 Mar 2016 16:08:23 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=1.8 required=5.0 tests=BAYES_50,KAM_LAZY_DOMAIN_SECURITY,RP_MATCHES_RCVD autolearn=no version=3.3.2 spammy=mars, SID, acls, ACLs X-HELO: madmax.studelec-sa.com Received: from madmax.studelec-sa.com (HELO madmax.studelec-sa.com) (195.167.234.227) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 09 Mar 2016 16:08:13 +0000 Received: from localhost (madmax.studelec-sa.com [127.0.0.1]) by madmax.studelec-sa.com (Postfix) with ESMTP id 0708C3FE0A3 for ; Wed, 9 Mar 2016 17:08:05 +0100 (CET) Received: from madmax.studelec-sa.com ([127.0.0.1]) by localhost (madmax.studelec-sa.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SkGA8DpCiqRD for ; Wed, 9 Mar 2016 17:08:04 +0100 (CET) Received: from [192.168.0.23] (unknown [192.168.0.23]) by madmax.studelec-sa.com (Postfix) with ESMTPSA id 675353FE0A0 for ; Wed, 9 Mar 2016 17:08:04 +0100 (CET) Subject: Re: RFC2307 accounts To: cygwin@cygwin.com References: <56DFCC21.8070506@studelec-sa.com> <56DFE973.2070406@maxrnd.com> <56DFFE26.9080705@studelec-sa.com> <20160309112750.GA14733@calimero.vinschen.de> <56E00DF7.7060406@studelec-sa.com> <20160309155843.GA32399@calimero.vinschen.de> From: Marc Rechte Message-ID: <56E04A64.4090302@studelec-sa.com> Date: Wed, 09 Mar 2016 16:08:00 -0000 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 In-Reply-To: <20160309155843.GA32399@calimero.vinschen.de> Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms090402030503020409050109" X-IsSubscribed: yes X-SW-Source: 2016-03/txt/msg00103.txt.bz2 --------------ms090402030503020409050109 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: quoted-printable Content-length: 2400 Le 09/03/2016 16:58, Corinna Vinschen a =C3=A9crit : > On Mar 9 12:50, Marc Rechte wrote: >> Le 09/03/2016 12:27, Corinna Vinschen a =C3=A9crit : >>> Keep in mind that we have two mappings. The main mapping is the mapping >>> between Windows SID and a computed uid/gid value used in Cygwin which >>> allows fast mapping in both directions. A computed value drops the >>> requirement to access an LDAP server for the mapping, which is >>> especially bad when not using AD as mapping server. >>> >>> Please read https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-n= fs >>> and https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-samba >>> again. The RFC 2307 mapping only comes into play when reading meta >>> information from an NFS or Samba share. The unix uid/gid values have to >>> be mapped to a Windows user (better: SID) in the first place, not to the >>> Cygwin uid/gid values. The actual uid/gid values are irrelevant. Wors= e, >>> using the RFC 2307 values might collide with other, computed uid/gid >>> values. >>> >>> >>> Corinna >>> >> OK, I noticed that. Now it brings me a problem using rsync on cygwin. >> >> On cygwin: >> $ cat /etc/rsyncd.conf >> [test] >> path =3D /cygdrive/c/tmp >> comment =3D zone de test >> fake super =3D yes >> read only =3D no >> >> On the Linux box: >> # ls -l /home/tunix/ >> ... >> drwxr-xr-x 3 tunix root 4096 9 mars 12:23 resto_w= in >> -rw-rw-r--+ 1 tunix utilisateurs_du_domaine 82882 9 mars 10:56 tmp.ps >> >> # rsync -avz --acls --delete /home rsync://192.168.0.23/test >> .. >> # rsync -avz --acls --delete rsync://192.168.0.23/test/home/tunix resto_= win/ >> ... >> # ls -l /home/tunix/resto_win/tunix/ >> ... >> drwx------ 2 1050005 1049089 4096 9 mars 12:14 resto_win >> -rw------- 1 1050005 1049089 82882 9 mars 10:56 tmp.ps > That's an ls -ln, right? The AD user and group names should have been > resolved. No "ls -l", this is on the Linux box after restoration. uid/gid are the=20 ones assigned in cygwin and become irrelevant here. > >> You will notice that owner, group and ACLs are *not* restored properly >> >> Am I demanding too much to cygwin ? > Off the top of my head, yes. The rfc2307 uid/gid mapping only works > when accessing the filesystem directly from Cygwin. By using rsync, the > info is transmitted over the net. > > > Corinna > --------------ms090402030503020409050109 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: Signature cryptographique S/MIME Content-length: 5645 MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG 9w0BBwEAAKCCDBQwggXZMIIDwaADAgECAgcWZ1TjwnBRMA0GCSqGSIb3DQEB CwUAMH0xCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSsw KQYDVQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMSkw JwYDVQQDEyBTdGFydENvbSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0w NzEwMTQyMTAxNTVaFw0yMjEwMTQyMTAxNTVaMIGMMQswCQYDVQQGEwJJTDEW MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0 YWwgQ2VydGlmaWNhdGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xh c3MgMSBQcmltYXJ5IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHCYPMzi3YGrEppC4Tq5a+ijKDjKaI QZZVR63UbxIP6uq/I0fhCu+cQhoUfE6ERKKnu8zPf1Jwuk0tsvVCk6U9b+0U jM0dLep3ZdE1gblK/1FwYT5Pipsu2yOMluLqwvsuz9/9f1+1PKHG/FaR/wpb fuIqu54qzHDYeqiUfsYzoVflR80DAC7hmJ+SmZnNTWyUGHJbBpA8Q89lGxah NvuryGaC/o2/ceD2uYDX9U8Eg5DpIpGQdcbQeGarV04WgAUjjXX5r/2dabmt xWMZwhZna//jdiSyrrSMTGKkDiXm6/3/4ebfeZuCYKzN2P8O2F/Xe2AC/Y7z eEsnR7FOp+uXAgMBAAGjggFMMIIBSDASBgNVHRMBAf8ECDAGAQH/AgEAMA4G A1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUU3Ltkpzg2ssBXHx+ljVO8tS4UYIw HwYDVR0jBBgwFoAUTgvvGqRAW6UXaYcwyjRoQ9BBrvIwaQYIKwYBBQUHAQEE XTBbMCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5zdGFydHNzbC5jb20vY2Ew MAYIKwYBBQUHMAKGJGh0dHA6Ly9haWEuc3RhcnRzc2wuY29tL2NlcnRzL2Nh LmNydDAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLnN0YXJ0c3NsLmNv bS9zZnNjYS5jcmwwQwYDVR0gBDwwOjA4BgRVHSAAMDAwLgYIKwYBBQUHAgEW Imh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwDQYJKoZIhvcN AQELBQADggIBAHQKh/oy3viYt+qvMyyQhqWiIb9kP1KRhqWHGFMID7OAbofo UgDKVUJ7UsiBnPmleGa2pUwvf2B67qPqc2e9Ge9/kBvJtV8rSES3z+/KVrx6 UwlX8VyWnkRNGV0PLvCD+34cIOqhF3Tjmt4jpfYSTjkXcOpa7F4RGZbmu0+j 1HO46XAYypOisgXD3XWecqqXzEMimZVrF3DlsMYTYMmFtzRYAeaDh2BxczJl V4HeBs8gw7d4USUoDWHckMR4QK0zLVVmQ1F66irltWWsJ9CFKVyz9ZTBspi3 FDJCT93XfR4OrOUHB+I5P18lTWHDD1p/9dX7Zh8bdwlOSKdEfsKvzaxVZbKk uXXo7FMG2v6LQ2Jmv6Gc4jJ8jSyjatpy86llJJT2R3tJFPRGlfPcZ1ge3Ad/ qXDZKPI4pN8D5so89WUPAJ7z9ZeDqSFdGTWaynTZaCRPAIC/e35VtTyNuIam +n6nuaZFgccpACw51vkgFUij6AKxByq7CNgB1Zn/FRX15qZA9bu2ZI8QTHJT /8zM3njXAgV6AsFOf682t14qsYSBz0jpef8kU0q15uV9oZSGjy1ph/0ysQD+ 342MIh3PQlKp62dj3eWWP3MBF7gtQTbERX1PmMzfTIsyMbjq+pv9P4iKROw0 +8MNp0PUNtilMG2fKLBRoczLiZ7hMLjyedCXMIIGMzCCBRugAwIBAgIDDdBx MA0GCSqGSIb3DQEBBQUAMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3Rh cnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNh dGUgU2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5 IEludGVybWVkaWF0ZSBDbGllbnQgQ0EwHhcNMTUwNDIzMjAzOTUxWhcNMTYw NDI0MDExNTM0WjBKMSAwHgYDVQQDDBdtcmVjaHRlQHN0dWRlbGVjLXNhLmNv bTEmMCQGCSqGSIb3DQEJARYXbXJlY2h0ZUBzdHVkZWxlYy1zYS5jb20wggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjPBxK6ovK8pBqnxN//2tY BYDqeSn78k1Uxbk4ecgy6rrmCHUnoS/Pdf7s5x+aNoe/60RweVYDB6kGloin ROLnePBO2ZC/qSJFQFhuXsN5FqWB7O+OCHNXxrhaqVUdhOokDnpq7w/ErdWa SBcGQEYd7hyNN9OuQ7cyu4evSEaHNB49BDp1DX3arW/sXZUwfWaFBiR6eEL4 ZggO0hrEZ1xA+c4TkIy5qQ4lPoVHATl7eOXQZYXBvJx5vRDUABBYwTorORjn AwumufXtE5LYrjvKGG8783UkKZrHYuFdbA+BHrEq8j99APw9EXhwnWXO90Wg pgVUquas2Gpdy39KEdW1AgMBAAGjggLdMIIC2TAJBgNVHRMEAjAAMAsGA1Ud DwQEAwIEsDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwHQYDVR0O BBYEFOHaNvYSvKBhzp4VNSou8V6yDDudMB8GA1UdIwQYMBaAFFNy7ZKc4NrL AVx8fpY1TvLUuFGCMCIGA1UdEQQbMBmBF21yZWNodGVAc3R1ZGVsZWMtc2Eu Y29tMIIBTAYDVR0gBIIBQzCCAT8wggE7BgsrBgEEAYG1NwECAzCCASowLgYI KwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYw gfcGCCsGAQUFBwICMIHqMCcWIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0 aG9yaXR5MAMCAQEagb5UaGlzIGNlcnRpZmljYXRlIHdhcyBpc3N1ZWQgYWNj b3JkaW5nIHRvIHRoZSBDbGFzcyAxIFZhbGlkYXRpb24gcmVxdWlyZW1lbnRz IG9mIHRoZSBTdGFydENvbSBDQSBwb2xpY3ksIHJlbGlhbmNlIG9ubHkgZm9y IHRoZSBpbnRlbmRlZCBwdXJwb3NlIGluIGNvbXBsaWFuY2Ugb2YgdGhlIHJl bHlpbmcgcGFydHkgb2JsaWdhdGlvbnMuMDYGA1UdHwQvMC0wK6ApoCeGJWh0 dHA6Ly9jcmwuc3RhcnRzc2wuY29tL2NydHUxLWNybC5jcmwwgY4GCCsGAQUF BwEBBIGBMH8wOQYIKwYBBQUHMAGGLWh0dHA6Ly9vY3NwLnN0YXJ0c3NsLmNv bS9zdWIvY2xhc3MxL2NsaWVudC9jYTBCBggrBgEFBQcwAoY2aHR0cDovL2Fp YS5zdGFydHNzbC5jb20vY2VydHMvc3ViLmNsYXNzMS5jbGllbnQuY2EuY3J0 MCMGA1UdEgQcMBqGGGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tLzANBgkqhkiG 9w0BAQUFAAOCAQEAhunLBnxICdIiA9RKtGQwcRY97JFT1zEWR3jVGI2JFpyc oo08A73T8U44c/MiUmxHxPc4wXWXmvIzxKnJXazTn4vg7WlXjGz9tUbnC5Y0 GtihRZKE4zng6N4k2PyHJ8M7fGTs02I596VoH4mNt0Do4Uh5EH/vF//D5/Ml U0oKZew/h6XWCl4MlquUJkl61SzYQSUhjEfDNXe8SGemsLofVPfd6z2QKxWT PB+98COx0KMc5pH37aXTdSlHkP3JO3tvppmsf/jD8V+pRXPxhrvR7NP0ZrLa BwEEBmY7aPnOCpg0OCN52Z4FKx3htN16x18hs6192PGEWjlp3MWoe6oZeTGC A+0wggPpAgEBMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRD b20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUg U2lnbmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IElu dGVybWVkaWF0ZSBDbGllbnQgQ0ECAw3QcTANBglghkgBZQMEAgEFAKCCAikw GAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTYw MzA5MTYwODA0WjAvBgkqhkiG9w0BCQQxIgQgOoxU5Kl4KsZA+b0MSQ1C8BIh xR2xZ8dNkYx9OV5rZ3swbAYJKoZIhvcNAQkPMV8wXTALBglghkgBZQMEASow CwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggq hkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBpQYJKwYBBAGC NxAEMYGXMIGUMIGMMQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20g THRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2ln bmluZzE4MDYGA1UEAxMvU3RhcnRDb20gQ2xhc3MgMSBQcmltYXJ5IEludGVy bWVkaWF0ZSBDbGllbnQgQ0ECAw3QcTCBpwYLKoZIhvcNAQkQAgsxgZeggZQw gYwxCzAJBgNVBAYTAklMMRYwFAYDVQQKEw1TdGFydENvbSBMdGQuMSswKQYD VQQLEyJTZWN1cmUgRGlnaXRhbCBDZXJ0aWZpY2F0ZSBTaWduaW5nMTgwNgYD VQQDEy9TdGFydENvbSBDbGFzcyAxIFByaW1hcnkgSW50ZXJtZWRpYXRlIENs aWVudCBDQQIDDdBxMA0GCSqGSIb3DQEBAQUABIIBAKdx/kk2kFUujDNanu4t D028IuvwCLkrxF9l/Z5iz9xgv6OGaiWn7guWQbD+XBjxzE4G1OJzM2WCprvb W0TvQ8QTCfA87LBNSBZESzMVZ3R0RzXFiKWq5wSLrxzVz2D83z0ZffZshgnJ Gs+dhSrpLrczeorRaj+r2aepLov1gmCmxz2EmFDGkgotairMCdiuoOqvyMAc 0bkVbVHf5v3nzAMlpRk5KG7UhDjawnkKHzrLPVASzndWpkB6V/JVXaZh/dfr CxzJtzvyYXPGnnwdcMc0jP0iH7VmONZuuxDEALEjN60+gFJiN/25X1aporCw 5weyL29SiNUu/nbHXKfoVvkAAAAAAAA= --------------ms090402030503020409050109--