Mail Archives: cygwin/2014/02/15/07:51:06
--BtQ+uzrQQ7HCCYtg
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Feb 14 13:11, Warren Young wrote:
> On 2/14/2014 03:42, Corinna Vinschen wrote:
> >On Feb 13 17:30, Warren Young wrote:
> >>On 2/13/2014 07:38, Corinna Vinschen wrote:
> >
> >>> Apart from power shell scripting or inventing new CLI tools, these
> >>> attributes can be changed using the "Attribute Editor" tab in the u=
ser
> >>> properties dialog of the "Active Directory Users and Computers"
> >>> MMC snap-in.
> >>
> >>A week ago, we were talking about possible Cygwin
> >>{user,group}{add,mod} programs, modeled on Linux's. Was that simply
> >>shelved once "net user" and MMC were found to be sufficient?
> >
> >Huh? "Apart from [...] or inventing new CLI tools, [...]"
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^
>=20
> I wasn't sure how to interpret that. It could be read as an
> unfulfilled possibility or as dismissing a ridiculous idea. i.e.
> "Apart from rewriting Cygwin in Erlang..."
Nah, I'm not *always* cynical.
> >>If, magically, such programs were to appear from outside the Cygwin
> >>core dev group, would that be a good thing or a bad thing?
> >
> >It would be a really great thing!
>=20
> Okay. I thought you might feel proprietary about such tools. "I
> know how it needs to be written, so I'm going to be the one to write
> it, right after the other 59 bazillion things on my wishlist."
Actually, high on my wishlist is more active maintainers for the distro.
We have a couple of maintainers of very important packages which only
show up very sporadically lately, which is pretty frustrating.
> >>I know I'm bikeshedding, but "unix" seems like a pretty vague
> >>attribute name here.
> >
> >Really, I'm open to suggestions to have a better keyword, but it
> >should make very clear that this is not your Cygwin uid/gid.
>=20
> Okay, netfsuid, then.
Hmm.
> >>"All" processes?
> >
> >You are absolutely right, but, please, suggest a better wording.
>=20
> "If you create or change /etc/nsswitch.conf, you need to restart all
> Cygwin processes that need to see the change. If the process you
> want to see the change is a child of another process, you need to
> restart all of that process's parents, too."
> [...]
> Better?
Yes. Thanks a lot. I grabbed all of this including your followup
change shamelessly and added it to the text.
> >What entry would you find in passwd which you
> >didn't already find in SAM or via the implemented automatisms
> >for unknown SIDs?
>=20
> That makes sense.
>=20
> Is nsswitch.conf the right thing, then? Are we borrowing that
> mechanism just because it exists and looks close enough?
Perhaps.
> It seems to me that we really only need a single Boolean setting:
>=20
> ignore_db=3Dtrue
No, that's not right. We have two mechanisms implemented you can
choose three out of four possible combinations:
files only
db only
files, then db
> If this is true, it uses files only. If false, DB is the sole
> source of truth if /etc/{passwd,group} are missing, or it is a
> fallback source of truth if those files are present.
The third combination is to prevent Cygwin from reading /etc/passwd
and /etc/group at all. It drops any check for existence, too, which
is one code point less which has to run for each getpwXXX/getgrXXX
invocation.
> Does this help us get to a world where we configure this in
> nscd.conf, as cgf proposed?
I'm open to discuss this. We can switch from nssswitch.conf to
nscd.conf, but our settings will still not match the role-model,
so it's kind of a name-reuse only, either way.
Corinna
--=20
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
--BtQ+uzrQQ7HCCYtg
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJS/2KjAAoJEPU2Bp2uRE+gHbsP/Rc0MdTmK6Ov1rqQwnN3WlpY
MovqYhrCj/jdKcYpsUh816OBKv5zxfMKtxt/VdHPyW3JPc/9+16BbJP2tlpioxf9
JkM76AC7perd/DJBzA/Pj4QgqaDBqm8Jp95gKeva8Mnqvjqd4CWSe4QT8gua0zRP
8JYjAWSw4aa3iWXnd0t6Q/qAjx4Ep07l162X+y+EfS7Z3fywPk+1UHY+gZhqI9Ch
7aDivMpZYR1fACzWjOGG0GULLLbmmLMhxdpnmcTYDrM8effSg+V5gcgdHuIauZ/t
DwnUK/0bTGKzb/XT4nN9BasejTHHHsz561p6krihAAE+5LpBPc4UWcIFqsYLNnxN
9fDzpF3Gxsu7675LppcmbjeVdnwzLGijzecckodPA+Hd8mo0ubahmNG3wiDddKNu
E28CnIHz0HmtW1iykmUoWctqKEJQVybp5HRmklF65JCvLV29L05JQPbj7sxfNyuZ
CSasgr7/HAmOi2uHlTKzqVg7PsQn+dwK9fhbIakQj8yrf0V9IG910ytj0XmDg0kc
qrHkgbczIWuc1fFbSyRJ+zuT5XPmkBKkAGRQl8JPcCy+NvRDCibolEgaHMV4nbY2
cRaejod3uxC1zlWixjRh7cWfYLyG1HFw9Q1RjCzUli0pZ9fVXHOQlwLTfvuXj1ZW
a/vmsSiGi752n57Du04R
=W8w0
-----END PGP SIGNATURE-----
--BtQ+uzrQQ7HCCYtg--
- Raw text -