X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:in-reply-to:references:date:subject
	:from:to:mime-version:content-type:content-transfer-encoding; q=
	dns; s=default; b=Egi/I9QosqBhgRUjjC4vN0iHi2QlpLm8xsArMw9o2q8NNh
	pMF4ANwDXvIxHwKb9p1KSEHIkWbBUaA0radNSEeAHZp6ukpQ4Mw2UM4CBaTN8+wZ
	3MmW6xVD2303iT7sgKJnpIpkkV/aMdew3G8Y/hmlV7xsZhbx7SHaSr90eK6Rg=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:in-reply-to:references:date:subject
	:from:to:mime-version:content-type:content-transfer-encoding; s=
	default; bh=OVZAjWDcqR3A+XGJFj8FjEB8X2A=; b=Kkv5nuNrdyT+hzFVep2h
	/42zrBmwOiywIkAilMmabcMzMPjDFZbiSebgEybLsbTFuuH0fRReO6Aekqg5fJBl
	ZgkIT+ObqXmdK/QGkUylt0QZ2EaQMUXbQQ5en8VOVpPb6972fVua9/oNxq91yRDH
	KiNMZBnhsJ/HFYWnnLj8zkU=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=3.0 required=5.0 tests=AWL,BAYES_50,RCVD_IN_DNSWL_NONE,RP_MATCHES_RCVD,SPAM_BODY autolearn=no version=3.3.2
X-HELO:	smtp-vbr5.xs4all.nl
Message-ID:	<1325b42e63be603bb9c8b4c206f5b91b.squirrel@webmail.xs4all.nl>
In-Reply-To:	<20141028144255.GM20607@calimero.vinschen.de>
References:	<56f1e6ae0c5e30cb5745eed0af9efe39 DOT squirrel AT webmail DOT xs4all DOT nl> <20141028144255 DOT GM20607 AT calimero DOT vinschen DOT de>
Date:	Tue, 28 Oct 2014 16:16:51 +0100
Subject:	Re: Mild amazement (questions) about the output of mkpasswd (1.7.33). Corinna?
From:	"Houder" <houder AT xs4all DOT nl>
To:	cygwin AT cygwin DOT com
User-Agent:	SquirrelMail/1.4.18
MIME-Version:	1.0
X-IsSubscribed:	yes

> On Oct 28 13:50, Houder wrote:
>> Hi Corinna,
>>
>> As adviced by you, I replaced the "cygwin package" with the test
>> version (1.7.33) on my "Cygwin-32" ...
>>
>> Let us assume, I am NOT interested in "Windows domains" etc. and that
>> I would like to keep my "own" mapping between SIDs and uids/gids ...
>> it appears to me, that both mkpasswd and mkgroup are no longer of any
>> help to me, as both appear to apply "some fixed (automatic) mapping"
>> between SIDs and uids/gids ... Right?
>
> Not quite.  Did you read the preliminary documentation?  You don't have
> to use mkpasswd or mkgroup at all, and you don't need the /etc/passwd
> and /etc/group files.  The new feature is NOT only for AD machines,
> it works for local machines as well, and even if your files were small,
> you might still see a performance gain.
>
> Please give https://cygwin.com/preliminary-ug/ntsec.html a try.  I really
> hope it's worht to read it because it explains the feature thoroughly.

:-)) Do you _really_ believe I did not study your text? Yes, I did ... and
not for the first time.

Keep in mind, please: Windows is not exactly 'my cup of tea' :-)

> Other than that, yes, you can still create your own mappings by
> utilizing the passwd and group files.

Wonderful ... I have grown accustomed to my old mapping (RID -> uid/gid).

>> Initially I left the passwd, group and nsswitch.conf untouched ... (as
>> noted, I am NOT connected to a domain, and I have never been troubled
>> by the slowness as result of the passwd/group files - small files).
>>
>> As the output of mkpasswd (and perhaps the "whole" changover in
>> 1.7.33) left me with a question (questions?), I subsequently removed
>> the aformentioned files ...
>>
>> Questions:
>>
>>  - why does 'mkpasswd -l Seven -u Henri' report differently from
>>  'mkpasswd -l -u Henri'?
>>     - uid: 4244636648 vs 197608 ...
>
> The underlying algorithm treats the machine name given as parameter
> to -l or -L as a foreign machine in the network and tries to contact
> it.  As a foreign machine, the created uid and gid values are different
> from the ones for the local machine.  Don't use -l Seven, just use -l
> for the local machine.

Oh, dear, it does not recognize its own name ... Poor soul. Yes, I had
already gathered that much ...

>>  - why does MACHINE show up as a prefix to LOCAL USER in 'mkpasswd -L
>>  Seven -u Henri', but NOT
>>    in 'mkpasswd -L -u Henri'?
>
> The -L option is only meant to be used for foreign machines.  The
> prefixing of the local machine is bound to the underlying mechanism used
> in Cygwin per the docs.  On second thought, a -L without machine name
> should have been refused by mkpasswd.
>
>>     - name: Seven+Henri vs Henri ...
>>     - manual says: -L, generate username WITH machine prefix ...

Understood, use mkpasswd and mkgroup with some "imagination" (until all
option processing has been thoroughly tested and repaired).

>> Just trying to make sense of it all ...
>
> Yeah, I freely admit that the usage of mkpasswd/mkgroup isn't quite as
> evident anymore.  The idea is that the underlying "db" mechanism fixes
> the rules.  I'm really not sure yet if and how mkpasswd/mkgroup needs
> more change, that's what this testing phase is supposed to show.  Keep
> in mind that the new account handling is just as new for me as it is for
> you :)

... uhm, not quite, I believe ... you are bathing in the dazzling light of
understanding ... I am just groping for a ray of that light ;-)

Once more, thank you for clarifying!

Henri

=====


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -