Mail Archives: cygwin/2014/02/17/11:22:14
--O5XBE6gyVG5Rl6Rj
Content-Type: multipart/mixed; boundary="YZ5djTAD1cGYuMQK"
Content-Disposition: inline
--YZ5djTAD1cGYuMQK
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Feb 13 15:38, Corinna Vinschen wrote:
> Hi folks,
>=20
>=20
> this week I applied the first incarnation of the new passwd/group
> handling code to the Cygwin repository and after fixing a crash which
> manifested in Denis Excoffier's network, I think we're at a point
> which allows to push this forward.
> [...]
Ok guys, I just applied a patch implementing getpwent and getgrent,
and the way to configure the output is probably more detailed than
you ever wanted:
The default output of both functions consists of the so far cached
accounts, plus a fixed set of builtin accounts for backward
compatibility with mkpasswd/mkgroup output. For instance, getpwent
output looks like this:
corinna:*:1049577:1049701:Corinna Vinschen,U-VINSCHEN\corinna,S-1-5-21-29=
13048732-1697188782-3448811101-1001:/home/corinna:/bin/tcsh
+SYSTEM:*:18:18:U-NT AUTHORITY\SYSTEM,S-1-5-18:/home/SYSTEM:/bin/bash
+LOCAL SERVICE:*:19:19:U-NT AUTHORITY\LOCAL SERVICE,S-1-5-19:/home/LOCAL =
SERVICE:/bin/bash
+NETWORK SERVICE:*:20:20:U-NT AUTHORITY\NETWORK SERVICE,S-1-5-20:/home/NE=
TWORK SERVICE:/bin/bash
+Administrators:*:544:513:U-BUILTIN\Administrators,S-1-5-32-544:/home/Adm=
inistrators:/bin/bash
+TrustedInstaller:*:328384:328384:U-NT SERVICE\TrustedInstaller,S-1-5-80-=
956008885-3418522649-1831038044-1853292631-2271478464:/home/TrustedInstalle=
r:/bin/bash
and getgrent like this:
vinschen:S-1-5-21-2913048732-1697188782-3448811101-1125:1049701:
+Administrators:S-1-5-32-544:544:
+SYSTEM:S-1-5-18:18:
+TrustedInstaller:S-1-5-80-956008885-3418522649-1831038044-1853292631-227=
1478464:328384:
As long as we didn't decide to do it differently, the configuration
takes place in /etc/nsswitch.conf. The new keyword is "db_enum", and
the value is a list of sources:
db_enum: source...
A source can be
none No output from getpwent/getgrent at all.
all The opposite. Output accounts from all known
sources, including all trusted domains.
cache List all accounts currently cached in memory.
builtin List the predefined builtin accounts for backward
compatibility.
files List the accounts from /etc/passwd or /etc/group.
local List all accounts from the local SAM.
primary List all accounts from the primary domain.
alltrusted List all accounts from all trusted domains.
some.domain List all accounts from the trusted domain some.domain.
The trusted domain can be given as Netbios flat name
(MY_DOMAIN) or as dns domain name (my_domain.corp).
In contrast to the aforementioned fixed source keywords,
distinct domain names are caseinsensitive. Only domains
which are actually trusted domains are enumerated.
Unknown domains are simply ignored.
Please note that this functionality does *not* test if an account was
already listed from another source, so an account can easily show up
twice or three times. Such a test would be rather tricky, nor does the
Linux implementation perform such test.
Here are a few examples for /etc/nsswitch.conf, which are hopefully
self-explaining:
db_enum: none
db_enum: all
db_enum: cache files
db_enum: cache local primary
db_enum: local primary alltrusted
db_enum: primary domain1.corp sub.domain.corp domain2.net
If those examples are *not* self-explaining, don't hesitate to ask.
Please fetch the latest snapshot from http://cygwin.com/snapshots/
It contains this change. I attached two simple test applications
to this mail.
If it works nicely, I will rewrite mkpasswd and mkgroup to use the
Cygwin implementation as well, rather than implementing their own
enumerations.
Corinna
--=20
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
--YZ5djTAD1cGYuMQK
Content-Type: text/plain; charset=utf-8
Content-Disposition: attachment; filename="getpwent.c"
#include <stdio.h>
#include <pwd.h>
int
main ()
{
struct passwd *pwd;
setpwent ();
while ((pwd = getpwent ()))
printf ("%s:%s:%u:%u:%s:%s:%s\n",
pwd->pw_name,
pwd->pw_passwd,
pwd->pw_uid,
pwd->pw_gid,
pwd->pw_gecos,
pwd->pw_dir,
pwd->pw_shell);
endpwent ();
return 0;
}
--YZ5djTAD1cGYuMQK
Content-Type: text/plain; charset=utf-8
Content-Disposition: attachment; filename="getgrent.c"
#include <stdio.h>
#include <grp.h>
int
main ()
{
struct group *grp;
setgrent ();
while ((grp = getgrent ()))
printf ("%s:%s:%u:\n",
grp->gr_name,
grp->gr_passwd,
grp->gr_gid);
endgrent ();
return 0;
}
--YZ5djTAD1cGYuMQK--
--O5XBE6gyVG5Rl6Rj
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJTAjcgAAoJEPU2Bp2uRE+gQwQP/RQ5y8Qfpu11GMitFowp4SLB
LCWAy4PkQ5BirEwqMW04t0UREqIGysV4lQXaIb60E6w3BPTC/fcO8/+wdPQb0hBG
cTgWvwqZ1STfLgp/POV+dp2cJJoPnWkITABgZaOzjP5E5/6+ZXkT1wGQKnEkywYo
ZRyehPTJkUMbZ9cswWFxuCO8HQuecYA2BcB1ZQsYv2X8tzHB5H+CkC717nBLs9hJ
SQEfURB/lgjKOG3mmQx+wTRt1MloNj1jkghlS5M/grM5G4iCv7aKqImIcA6kZeSW
zwi5rg93GcM1B4uXUaQNS9GAp8lwm9o+SC4H9y8czhShiH7LW2kwGN/0V+9qOvmO
mrWU/+V2Sj0/EpOzvHaD12LG8wkoNXCFRMpyXmMkzBWRpr8ebYgoY+yBb91QkSDc
rbB5KAey89cq0hlX3cADlgvl1Gx8nSjQS/SflFChgcbvvHdYQDLjrAJLF8JK4xcG
nqTRKCeSV1zhUr92EqUDin8BRu3XN7k0iYP2PN3WmOdyBpP9nhe7jlESs6caHH1p
U4+2DS+a9tAyFBnuXb7kMEzWSos6t5vyZU2X5UNkvqmOcImLagplF6nvYSBPe7VR
yTDNEJ9LV7rd1sz6YujeJ8W/p74TiMDzQVTDQEyPRi7fTd1NVC9cWfYdRq2i3J4J
+gUGcoRlYQRDXm6DSbO/
=mNsN
-----END PGP SIGNATURE-----
--O5XBE6gyVG5Rl6Rj--
- Raw text -