permissions problems with files on samba share

public inbox for cygwin@cygwin.com
 help / color / mirror / Atom feed

* permissions problems with files on samba share
@ 2022-01-18 20:22 Roland Schwingel
  0 siblings, 0 replies; only message in thread
From: Roland Schwingel @ 2022-01-18 20:22 UTC (permalink / raw)
  To: cygwin

Hi ...

It is 2022 and there are still people out in the wild running 1.7. They 
don't want to but had to and are now on the way to cygwin 3.3.3. It was 
a hard long way, but we are nearly there now. But only nearly. There are 
some problems left. One of it is user mapping between samba/linux users 
to windows/cygwin users. All our homeaccounts reside on a linux server 
running samba. The samba is not running in AD mode, but in traditional 
domain mode and is backed by a quite big LDAP. We are always logged in 
with our domain accounts.

Now I try to seek help here as I already have spent hell a lot of time 
on this.

Up to now we still run cygwin 1.7.35 and are going now to 3.3.3 (64bit).
The new cygwin runs on windows 10/11 together with the old cygwin 1.7 
(seperated from each other - not running the same time) on the same 
machine for testing.

We can read files from the homeaccounts without problem, but 
writting/deleting files is not that easy from the new cygwin. With the 
old cygwin 1.7 everything is still fine - in this regard.

With cygwin 1.7 we had /etc/passwd and /etc/groups in place. With 3.3.3 
we use /etc/nsswitch.conf. Creating /etc/passwd on the new 3.3.3 did not 
change a thing. The CYGWIN envvar is empty on both installs.

View of a sample folder in my homeaccount (~/test):
native linux:
# ls -al ~/test
total 36
drwxrwxr-x+  2 roland develop  4096 Jan 18 20:16 .
drwxr-xr-x  84 roland develop 20480 Jan 18 20:17 ..
-rw-rwxr--+  1 roland develop     5 Jan 14 12:27 some_file

cygwin 1.7.35
$ls -al ~/test
total 1024
drwxr-xr-x 1 roland develop 0 Jan 18 20:16 .
drwxr-xr-x 1 roland develop 0 Jan 18 20:17 ..
-rwxr-xr-x 1 roland develop 5 Jan 14 12:27 some_file

slightly different permissions for some_file but ok so far.

cygwin 3.3.3
$ls -al ~/test
total 1024
drwxr-xr-x+ 1 Unix_User+1000 Unix_Group+1001 0 Jan 18 20:16 .
drwxr-xr-x+ 1 Unix_User+1000 Unix_Group+1001 0 Jan 18 20:17 ..
-rw-r--r--  1 Unix_User+1000 Unix_Group+1001 5 Jan 14 12:27 some_file

permissions are different again and owners/groups are different at all!
This also has effects on fileprocessing in cygwin. I know this behaviour 
from old cygwin with no /etc/passwd in place.

Here is the /etc/nsswitch.conf from 3.3.3:
# /etc/nsswitch.conf
#
#    This file is read once by the first process in a Cygwin process tree.
#    To pick up changes, restart all Cygwin processes.  For a description
#    see https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch
#
# Defaults:
passwd:   files db
group:    files db

#db_enum: cache builtin
db_enum:  cache builtin local primary
db_home:  /%H
db_shell: /bin/bash
db_gecos: windows

getent passwd on 3.3.3:
$getent passwd
roland:*:1049576:1049577:Roland 
Schwingel,U-ONEVISION\roland,S-1-5-21-123-456-789-1000://subnet-homes/User/roland:/bin/bash
SYSTEM:*:18:18:U-NT AUTHORITY\SYSTEM,S-1-5-18:/home/SYSTEM:/bin/bash
SYSTEM:*:18:18:U-NT AUTHORITY\SYSTEM,S-1-5-18:/home/SYSTEM:/bin/bash
LOCAL SERVICE:*:19:19:U-NT AUTHORITY\LOCAL SERVICE,S-1-5-19:/:/sbin/nologin
NETWORK SERVICE:*:20:20:U-NT AUTHORITY\NETWORK 
SERVICE,S-1-5-20:/:/sbin/nologin
Administrators:*:544:544:U-BUILTIN\Administrators,S-1-5-32-544:/:/sbin/nologin
NT SERVICE+TrustedInstaller:*:328384:328384:U-NT 
SERVICE\TrustedInstaller,S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464:/:/sbin/nologin
DEVRYZEN-02+Administrator:*:197108:197121:U-DEVRYZEN-02\Administrator,S-1-5-21-3089862167-1060948595-489759208-500:/vol/c/Users/Administrator:/bin/bash
DEVRYZEN-02+DefaultAccount:*:197111:197121:U-DEVRYZEN-02\DefaultAccount,S-1-5-21-3089862167-1060948595-489759208-503:/:/bin/bash
DEVRYZEN-02+Guest:*:197109:197121:U-DEVRYZEN-02\Guest,S-1-5-21-3089862167-1060948595-489759208-501:/:/bin/bash
DEVRYZEN-02+IT:*:197609:197121:IT 
department,U-DEVRYZEN-02\IT,S-1-5-21-3089862167-1060948595-489759208-1001:/vol/c/Users/IT:/bin/bash
DEVRYZEN-02+me:*:197610:197121:Test 
user,U-DEVRYZEN-02\me,S-1-5-21-3089862167-1060948595-489759208-1002:/vol/c/Users/me:/bin/bash
DEVRYZEN-02+WDAGUtilityAccount:*:197112:197121:U-DEVRYZEN-02\WDAGUtilityAccount,S-1-5-21-3089862167-1060948595-489759208-504:/:/bin/bash

My account on 1.7.35 in /etc/passwd:
roland:unused:11000:11001:Roland 
Schwingel,U-ONEVISION\roland,S-1-5-21-123-456-789-1000://subnet-homes/User/roland:/bin/bash

cygwin 3.3.3:
mkpasswd -b -l my-pdc | grep roland:
roland:*:4244636648:4244636649:Roland 
Schwingel,U-ONEVISION\roland,S-1-5-21-123-456-789-1000://subnet-homes/User/roland:/bin/bash

Putting the /etc/passwd from 1.7.35 in 3.3.3 did not help at all.
As you can see the uid/gids are different for the 2 versions for the 
same user.

What am I doing wrong here? I need to access the files on the 
sambashares like in 1.7.

I also observed that listing files on the samba shares is notably slower 
on 3.3.3 compared to 1.7.35. I tested this a couple of times:

time ls -al ~/ >/dev/null
is about 0.2 seconds in 1.7 and about 1 second in 3.3. Maybe this is 
related to the permission problems. Anyhow I fear 3.3.3 is a lot slower 
than 1.7 on the same machine. Benchmarks are pending.

Hope someone can help! Thanks.

Roland

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2022-01-18 20:21 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-18 20:22 permissions problems with files on samba share Roland Schwingel

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).