From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 75688 invoked by alias); 29 May 2017 21:30:42 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 75621 invoked by uid 89); 29 May 2017 21:30:36 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2 spammy=sid, expires, Password, shares X-HELO: homiemail-a56.g.dreamhost.com Received: from sub5.mail.dreamhost.com (HELO homiemail-a56.g.dreamhost.com) (208.113.200.129) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 29 May 2017 21:30:34 +0000 Received: from homiemail-a56.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a56.g.dreamhost.com (Postfix) with ESMTP id 7AF366000F33 for ; Mon, 29 May 2017 14:30:34 -0700 (PDT) Received: from [192.168.1.42] (68-168-161-249.fttp.usinternet.com [68.168.161.249]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: dd-b@dd-b.net) by homiemail-a56.g.dreamhost.com (Postfix) with ESMTPSA id 5A88D6000F31 for ; Mon, 29 May 2017 14:30:34 -0700 (PDT) Subject: Re: Accessing SMB share as wrong user? To: cygwin@cygwin.com References: <7f4eb950-de06-2981-c9b4-fd345c11ffb3@dd-b.net> <705418614.20170529225346@yandex.ru> From: David Dyer-Bennet Message-ID: Date: Tue, 30 May 2017 04:14:00 -0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: <705418614.20170529225346@yandex.ru> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-IsSubscribed: yes X-SW-Source: 2017-05/txt/msg00489.txt.bz2 On 5/29/2017 14:53, Andrey Repin wrote: > Greetings, David Dyer-Bennet! > >> And then of course I can't access it: >> $ echo things >> foobar >> -bash: foobar: Permission denied > > See Cygwin manual about setting up your network identity. > Read around nsswitch.conf and implications of its different settings. Okay, the detailed info on account mapping and nsswitch.conf looked like it ought to address this situation, but it doesn't actually seem to change anything. But the documentation is *exceedingly* unclear, the examples incomplete, and there's no info on easy ways to check if it's working or not, so I may be wrong. I have deleted /etc/passwd. /etc/nsswitch is the default (all comments), meaning it should be doing the default thing (in particular it should behave as if "passwd: files db" and "group: files db" were present; those are the defaults). Using the Windows Computer Management utility I was able to add Cygwin SAM comment entries to my Windows user account giving the proper Unix UID for my account on the server, and the group. And I can see that data come back from the Windows cmd.com using net user "David Dyer-Bennet": C:\Windows\System32>net user "David Dyer-Bennet" User name David Dyer-Bennet Full Name Comment User's comment Country/region code 000 (System Default) Account active Yes Account expires Never Password last set 7/11/2015 20:29:50 Password expires Never Password changeable 7/11/2015 20:29:50 Password required No User may change password Yes Workstations allowed All Logon script User profile Home directory Last logon 5/29/2017 16:06:34 Logon hours allowed All Local Group Memberships *Administrators *Ssh Users Global Group memberships *None The command completed successfully. So, I *think* I've got it set the way the documentation says (as I said, I'm running a Samba server, but no AD or LDAP; that case is specifically addressed in the documentation you point me to, and I think I've followed that part of the instructions). (The text in the doc isn't really clear on what number I put in the unix=3D"nnn" bit in the Cygwin comment, but the examples show a simple small integer in the range commonly used for actual Unix UIDs, and that makes sense, so I think I'm doing the right thing there.) Oh, and 1001 is the correct UID for me on the SAMBA server, I double-checked that. What with one thing and another I even ended up rebooting the Windows box after setting all that up (not, I believe, necessary; just starting a new Cygwin process tree should I think be adequate for these changes, but I *did* in fact reboot the whole box). And, after reboot, my user id in Cygwin is still based on my Windows SID (the last tuple), and my access to the files on the server behaves exactly as before. "This used to work," as they say. I've used Samba to export files from Linux, Solaris (the built-in CIFS there actually, not SAMBA), and FreeBSD servers, and accessed them from Windows and from Cygwin for more than a decade. Started being weird in the last year or two I think, taken me this long to track it down in this much detail (I was figuring the trouble was on the other end for a long time, but I've basically eliminated that). And the presence of this stuff in the documentation indicates that there *is* something I need to do in Windows to make this work. Is anybody actually using this exact mode, SAMBA but no domain controller, to a windows box, then accessing those shares via Cygwin? How are you doing it? Any suggestions on gathering more relevant information? --=20 David Dyer-Bennet http://dd-b.net/ -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple