From: Mark A. Ziesemer <mark_z@charter.net>
To: cygwin@cygwin.com
Subject: Re:
Date: Mon, 22 Jan 2007 15:23:00 -0000 [thread overview]
Message-ID: <loom.20070122T160919-481@post.gmane.org> (raw)
In-Reply-To: <20070122132934.GU27843@calimero.vinschen.de>
Corinna Vinschen <corinna-cygwin <at> cygwin.com> writes:
> > >> When "id" is called without a username, it calls the getgroups(...)
> > >> function
> > >> which appears to work as expected. However, when a specific username is
> > >> passed, even the username of the current user, getugroups(...) is called,
> > >> and does _not_ appear to work as expected.
> > >
> > > That's by design. getgroups() has access to the user token of the
> > > current process and returns every group which is in this token.
> > > getgrent() is a function which enumerates /etc/groups.
> >
> > So my translation of this would be that the bug is not in id, but in the
> > fact that your /etc/groups is out-of-date. Use mkgroups to remedy the
> > situation.
>
> A little bit more specific: Use the mkgroup -u flag. By default,
> mkgroup does not add the users to the gr_mem field since that's not
> necessary for correct operation of setuid(2). By adding the users
> to the gr_mem field (the -u option), you probably get what you want.
Better, but could still use improvement, IMO...
The documentation isn't very strong here, so I'm sorry I didn't find this
earlier. From http://cygwin.com/cygwin-ug-net/using-utils.html#mkgroup:
"The -u option causes mkgroup to enumerate the users for each group, placing
the group members in the gr_mem (last) field. Note that this can greatly
increase the time for mkgroup to run in a large domain. Having gr_mem fields
is helpful when a domain user logs in remotely while the local machine is
disconnected from the Domain Controller"
This implies that "-u" is not required for proper groups functionality, but
is maybe just used as a backup when the DC is unavailable. (And in my case,
there is no domain.)
Also, this means that "mkgroup -ul >/etc/group" will have to be re-run every
time there is a change in group membership - not the best option.
Since Cygwin already lets the underlying OS take care of much of the
security (handling passwords, etc.), can't Cygwin just ask Windows for the
user's groups when needed, to?
--
Mark A. Ziesemer
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
next prev parent reply other threads:[~2007-01-22 15:23 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-01-21 22:50 "id -Gn" w/ username doesn't return all associated groups. Issue with getgrent()? Mark A. Ziesemer
2007-01-22 9:34 ` Corinna Vinschen
2007-01-22 13:03 ` Eric Blake
2007-01-22 13:29 ` Corinna Vinschen
2007-01-22 15:23 ` Mark A. Ziesemer [this message]
2007-01-22 15:40 ` Corinna Vinschen
2007-01-23 1:15 ` Mark A. Ziesemer
2007-01-23 3:21 ` Eric Blake
2007-01-23 23:35 ` Mark A. Ziesemer
2007-01-24 1:24 ` dmccunney
-- strict thread matches above, loose matches on Subject: below --
2024-01-10 14:51 hancy donald
2024-01-10 14:52 ` hancy donald
2023-10-08 10:06 Ben Sim
2023-10-09 7:39 ` cygwinautoreply
2023-09-01 11:21 Sanjitha. p
2023-09-01 11:23 ` cygwinautoreply
2023-09-01 10:43 Sanjitha. p
2023-09-01 10:47 ` cygwinautoreply
2023-08-04 21:10 mazyona
2023-03-02 13:38 Kidane Kenenisa
2023-03-02 13:41 ` cygwinautoreply
2023-01-03 19:42 abolfazl fazli
2023-01-03 19:45 ` cygwinautoreply
2021-11-13 13:01 Kossi Jules KETIKA
2021-11-13 13:01 ` Kossi Jules KETIKA
2021-11-13 13:03 ` Re: cygwinautoreply
2021-11-13 11:32 MUSHIMIYIMANA VIATEUR
2021-11-13 11:35 ` cygwinautoreply
2021-06-26 8:43 Re; Atencion al Asegurado
[not found] <278275920.6108613.1607516124022.ref@mail.yahoo.com>
2020-12-09 12:15 ` chaparay01
2020-12-09 18:00 ` Ben Kamen
2020-08-22 17:03 C Goh
2020-08-22 17:13 ` Andrey Repin
2020-08-23 3:05 ` Re: C Goh
2013-08-08 5:56 Re: jrassoc
2013-07-06 16:56 Re: rus369
2013-02-27 5:44 Re: s_hulge
2012-03-11 19:19 "Inappropriate ioctl for device" problem using latest cygwin as a shell within native (non-cygwin) GnuEmac Jack Profit
2012-03-11 19:42 ` Ken Brown
2012-03-11 19:47 ` Ken Brown
2012-03-12 1:44 ` Jack
2012-05-06 2:40 ` Re: Trey Greer
2011-05-06 14:56 Re: Arvind Raman
2008-11-25 8:15 Re: pm@kiu.ru
2008-10-02 16:13 Re: Brenda Hatch
2006-02-08 17:33 "rxvt -e bash" From Batch File Hassel, Scott
2006-02-08 17:49 ` Bubba Jones
2006-02-08 17:10 "rxvt -e bash" From Batch File Bubba Jones
2006-02-08 17:36 ` Chris Taylor
2006-02-08 17:58 ` Bubba Jones
2006-01-18 15:05 "replaced while being copied" - was ... RE: Solved partially by findutils 4.3 - RE: "inode changed", Jan Schormann
2006-01-18 16:18 ` Corinna Vinschen
2006-01-23 12:28 ` Jonas Mölsä
2006-01-23 15:23 ` Corinna Vinschen
2006-01-24 10:14 ` Jonas Mölsä
2006-01-24 12:09 ` Re: Corinna Vinschen
2005-11-28 22:45 , [Fwd: xsltproc from libxstl-1.1.15-1] Thomas Berger
2005-12-22 8:02 ` Gerrit P. Haase
2005-07-14 6:02 Civis
2005-02-23 18:47 real-story
2004-02-19 15:15 [Fwd: Bug: Perl:IsWinNT undefined & RFE, only use "/" in reg values, not names..?] Brian.Kelly
2004-02-19 22:24 ` linda w
2004-02-22 16:01 ` Gerrit P. Haase
2004-02-07 15:33 Peter Schoen
[not found] <6810515835.20040117131240@familiehaase.de>
2004-01-17 22:34 ` Inge Haase
2003-10-15 21:18 Re: caj
[not found] <1003339534031140@firemail.de>
2001-10-17 13:19 ` Re: Charles Wilson
2000-12-16 9:23 Re: Earnie Boyd
2000-12-05 8:54 Re: henry junior
[not found] <Pine.LNX.4.10.9910111854020.4347-100000@atlas.ujavcali.edu.co>
1999-10-11 17:19 ` Suhaib M. Siddiqi
1999-10-31 19:54 ` RE: Suhaib M. Siddiqi
1999-03-28 16:14 No Subject Dave Braze
1999-03-28 17:03 ` Rick Rankin
1999-03-31 19:45 ` RE: Rick Rankin
[not found] <01d601be61ac$ceadd300$29acdfd0@InspirePharm.Com>
1999-02-26 11:59 ` Corinna Vinschen
1999-02-28 23:02 ` Re: Corinna Vinschen
1998-11-23 12:41 No Subject Ugo Matrangolo
[not found] ` <matra@dedalus.com>
1998-11-24 12:54 ` John F. Kolen
1998-11-24 16:45 ` Re: Benjamin Riefenstahl
1998-11-04 22:40 No Subject Keith Carscadden
1998-11-06 3:00 ` Benjamin Riefenstahl
1998-08-15 2:26 No Subject anangsa
1998-08-17 12:35 ` Michael Weiser
1998-07-01 8:02 Re: Earnie Boyd
1998-05-17 21:40 No Subject Abdul razak
1998-05-19 7:38 ` Michael Weiser
1998-02-09 13:06 lib-www on Win95/cygwin32 - (some) success! James G. Stallings II
1998-02-10 6:06 ` No Subject Jerome Gay
1998-02-14 8:26 ` Fernandes
1998-02-15 5:57 ` Re: Bug Hunter
1997-11-19 1:25 Re: Scott Warner
1997-11-17 9:50 No Subject Capron, Craig W
1997-11-20 2:01 ` Bernd Schilpp
1997-06-08 0:47 Sergey Okhapkin
1997-06-09 9:02 ` RE: John Cerney
1997-06-05 18:47 No Subject John Cerney
1997-06-06 23:41 ` jman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=loom.20070122T160919-481@post.gmane.org \
--to=mark_z@charter.net \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).