nsswitch.conf: files vs. db_enum interaction

nsswitch.conf: files vs. db_enum interaction

[Andrey Repin]

Greetings, All!

I just noticed something that I think is an oddity. Or a possible improvement.
If you set your nsswitch.conf to, say;

passwd: db
db_enum: cache builtin local files

The accounts listed in /etc/passwd aren't looked up.
I understand that it's a documented behavior, but it looks... odd to me.


-- 
With best regards,
Andrey Repin
Tuesday, September 25, 2018 15:24:53

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: nsswitch.conf: files vs. db_enum interaction

[Brian Inglis]

On 2018-09-25 06:30, Andrey Repin wrote:
> I just noticed something that I think is an oddity. Or a possible improvement.
> If you set your nsswitch.conf to, say;
> passwd: db
> db_enum: cache builtin local files
> The accounts listed in /etc/passwd aren't looked up.
> I understand that it's a documented behavior, but it looks... odd to me.

From the UG they should be looked up and may appear more than once if you
specify say "files" in an entry and also a db_... entry.
Did you test with "getent passwd"? I get SYSTEM and NT SERVICE repeated.
I get a comprehensive account list with mkpasswd.
I have W10 rs4_release/6.3/10.0/17134.286/1803, Cygwin 64 2.11.1, and default
nsswitch.

-- 
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: nsswitch.conf: files vs. db_enum interaction

[Marco Atzeri]

Am 26.09.2018 um 06:13 schrieb Brian Inglis:
> On 2018-09-25 06:30, Andrey Repin wrote:
>> I just noticed something that I think is an oddity. Or a possible improvement.
>> If you set your nsswitch.conf to, say;
>> passwd: db
>> db_enum: cache builtin local files
>> The accounts listed in /etc/passwd aren't looked up.
>> I understand that it's a documented behavior, but it looks... odd to me.
>
>  From the UG they should be looked up and may appear more than once if you
> specify say "files" in an entry and also a db_... entry.
> Did you test with "getent passwd"? I get SYSTEM and NT SERVICE repeated.
> I get a comprehensive account list with mkpasswd.
> I have W10 rs4_release/6.3/10.0/17134.286/1803, Cygwin 64 2.11.1, and default
> nsswitch.

on W10 Home I see only double SYSTEM on both "getent passwd" and
"getent group"

However "getent passwd" is not reporting local user, cyg_server, sshd,
guest that instead are reported by "mkpasswd"

---
Diese E-Mail wurde von Avast Antivirus-Software auf Viren geprüft.
https://www.avast.com/antivirus


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: nsswitch.conf: files vs. db_enum interaction

[Andrey Repin]

Greetings, Brian Inglis!

> On 2018-09-25 06:30, Andrey Repin wrote:
>> I just noticed something that I think is an oddity. Or a possible improvement.
>> If you set your nsswitch.conf to, say;
>> passwd: db
>> db_enum: cache builtin local files
>> The accounts listed in /etc/passwd aren't looked up.
>> I understand that it's a documented behavior, but it looks... odd to me.

> From the UG they should be looked up and may appear more than once if you
> specify say "files" in an entry and also a db_... entry.

So do they for cached credentials, such as myself.

> Did you test with "getent passwd"? I get SYSTEM and NT SERVICE repeated.

I only get repeated entries from /etc/{passwd,group}, if I specify "db, files"
as source.
If I set it to "db" only, then I don't get entries from files at all, even if
I explicitly set db_enum to look them up.

> I get a comprehensive account list with mkpasswd.

I don't.

> I have W10 rs4_release/6.3/10.0/17134.286/1803, Cygwin 64 2.11.1, and default
> nsswitch.


-- 
With best regards,
Andrey Repin
Wednesday, September 26, 2018 16:32:33

Sorry for my terrible english...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: nsswitch.conf: files vs. db_enum interaction

[Andrey Repin]

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset=utf-8, Size: 1694 bytes --]

Greetings, Marco Atzeri!

> Am 26.09.2018 um 06:13 schrieb Brian Inglis:
>> On 2018-09-25 06:30, Andrey Repin wrote:
>>> I just noticed something that I think is an oddity. Or a possible improvement.
>>> If you set your nsswitch.conf to, say;
>>> passwd: db
>>> db_enum: cache builtin local files
>>> The accounts listed in /etc/passwd aren't looked up.
>>> I understand that it's a documented behavior, but it looks... odd to me.
>>
>>  From the UG they should be looked up and may appear more than once if you
>> specify say "files" in an entry and also a db_... entry.
>> Did you test with "getent passwd"? I get SYSTEM and NT SERVICE repeated.
>> I get a comprehensive account list with mkpasswd.
>> I have W10 rs4_release/6.3/10.0/17134.286/1803, Cygwin 64 2.11.1, and default
>> nsswitch.

> on W10 Home I see only double SYSTEM on both "getent passwd" and
> "getent group"

> However "getent passwd" is not reporting local user, cyg_server, sshd,
> guest that instead are reported by "mkpasswd"

Did you conigure db_enum in any special way?
Or, ok, did you configure db_enum at all?
I see that if I don't touch it on my local system, it only list cached and
builtin accounts.
But if I set "db_enum: all", I get all local SAM accounts as well as a
duplicated entry from cache. (No "files" on local system, so…)


-- 
With best regards,
Andrey Repin
Wednesday, September 26, 2018 16:36:14

Sorry for my terrible english...\x03B‹KCB”\x1c›Ø›\x19[H\x1c™\^[ܝ\x1cΈ\b\b\b\b\b\b\x1a\x1d\x1d\x1c\x0e‹ËØÞYÝÚ[‹˜ÛÛKÜ\x1c›Ø›\x19[\Ëš\x1d^[[\x03B‘TNˆ\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\x1a\x1d\x1d\x1c\x0e‹ËØÞYÝÚ[‹˜ÛÛKÙ˜\KÃB‘^[ØÝ[Y[\x18]\x1a[ÛŽˆ\b\b\b\b\b\b\b\b\x1a\x1d\x1d\x1c\x0e‹ËØÞYÝÚ[‹˜ÛÛKÙ^[ØÜËš\x1d^[[\x03B•[œÝXœØÜšX™H\x1a[™›Îˆ\b\b\b\b\b\x1a\x1d\x1d\x1c\x0e‹ËØÞYÝÚ[‹˜ÛÛKÛ[\vÈÝ[œÝXœØÜšX™K\Ú[\^[\x19CBƒB

nsswitch.conf: db/db_enum default excludes local

[Brian Inglis]

On 2018-09-26 01:45, Marco Atzeri wrote:
> Am 26.09.2018 um 06:13 schrieb Brian Inglis:
>> On 2018-09-25 06:30, Andrey Repin wrote:
>>> I just noticed something that I think is an oddity. Or a possible improvement.
>>> If you set your nsswitch.conf to, say;
>>> passwd: db
>>> db_enum: cache builtin local files
>>> The accounts listed in /etc/passwd aren't looked up.
>>> I understand that it's a documented behavior, but it looks... odd to me.
>>
>>  From the UG they should be looked up and may appear more than once if you
>> specify say "files" in an entry and also a db_... entry.
>> Did you test with "getent passwd"? I get SYSTEM and NT SERVICE repeated.
>> I get a comprehensive account list with mkpasswd.
>> I have W10 rs4_release/6.3/10.0/17134.286/1803, Cygwin 64 2.11.1, and default
>> nsswitch.
> 
> on W10 Home I see only double SYSTEM on both "getent passwd" and
> "getent group"
> 
> However "getent passwd" is not reporting local user, cyg_server, sshd,
> guest that instead are reported by "mkpasswd"
UG says default db/db_enum is cache builtin excluding local.
This does not seem consistent with default using SAM instead of files which
should include local.

-- 
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple