| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :mime-version:content-type; q=dns; s=default; b=cLE/Ef0Xgmky8Pbh | |
| MTirJfIFHTeMnQduVq8sliKE5KXcjI6jzUQY0l7yLeXr+hKpx1z2E4byAnsLlRz1 | |
| Ib138tI5JhRVT9b+Nl7hzWgS2CsC/GofGwi1z3mVmTX8Nvg4Z1Url4EFl/YG8Dnc | |
| GMl7/GmFk2rniKgw5mQ50q3UmxI= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :mime-version:content-type; s=default; bh=vZrZPwWQhoVrrtebuHA/QZ | |
| CckMo=; b=c7RI5LpIcYm25OqRq6I98DL3Hq4LuXMpgjQZ5VCLkukU4TK769SZa0 | |
| EXWTxQ9UUzIOzeK0mneyc/+aXYH/vSK7M9FelMxM/w9dq3bAa1fKgXTo8PS+mCCm | |
| YiWVbQXntL9IK7ypS72MEMQM82OZiMNhyWR++OweU8iPWxK6lZF3Q= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Mon, 10 Nov 2014 21:52:16 +0100 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | RFC: 1.7.33 problem with user's home directory |
| Message-ID: | <20141110205216.GJ2782@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| MIME-Version: | 1.0 |
| User-Agent: | Mutt/1.5.23 (2014-03-12) |
--C7PTD44AewjTsiSV
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hi,
after a long discussion in RL today, I came to the conclusion that
there's a major problem in the current handling of the user's home
directory in AD environments in the new user account code when not using
/etc/passwd files.
Here's how it works and how it's documented in the preliminary
documentation at
https://cygwin.com/preliminary-ug/ntsec.html#ntsec-mapping-passwdinfo
- If your account is an AD account, the home directory is taken from the
RFC 2307 entry unixHomeDirectory.
- Otherwise, if these values are empty or don't exist, your fallback
home directory is /home/$USER (without domain prefix).
As you may have noticed, there's nothing in there taking the Windows
home directory into account. It's indeed not used at all by the new
code.
Up to Cygwin 1.7.32, mkpasswd (but not with -u) generated the Cygwin
home directory by converting the SAM/AD home folder entry to POSIX
style, if it's non-empty. Fallback is /home/$USER.
When I implemented the new scheme I thought it a good idea to decouple
the Cygwin home dir from the Windows home dir. However, in the today's
discussion the following two arguments came up:
- If you're using the Windows home folder setting to maintain file
server based home directories, you typically want that these
directories are used for Cygwin stuff as well (central administration,
central backup).
Having to maintain the home directories twice, once in the
homeDirectory, once in the unixHomeDirectory entry is quite a hassle,
especially given that unixHomeDirectory does not support variable
substitution (e.g. "/home/%USERNAME%" won't work).
- If you're already using AD as NIS server, unixHomeDirectory is already
used for UNIX machines. Trying to align the unixHomeDirectory for
Cygwin to homeDirectory for all the rest of Windows will potentially
become impossible then.
These arguments are quite serious and it questions the "good idea" part
of this change a lot.
What do you think?
Shall the "db" entries utilize the Windows home folder if it exits(*)
and drop using the unixHomeDirectory? It seems inevitable...
Corinna
(*) This would automatically work for SAM accounts as well because SAM
provides the same Windows home folder entry.
--=20
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
--C7PTD44AewjTsiSV
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJUYSWAAAoJEPU2Bp2uRE+gaPMP/jl3U+ztPSsaSmALzf264uqx
InEYtVVvXfsQAtQqylI0bTQko8AJ6TSckA9sVRPy7cSbenk6d6dsLUEPTi8FD3n1
PGwQfcv0VRdAWD0bj78OhR9We4CE/IWMRu7aIUKg4ko8ANI1yMHvMxnQVqqYWhEJ
xGQCtG4VOEJBBjcAMXt+nVSiHyDQ3ysp+rRpUhpCQ2rxs609sMj8jT5TQqBIC4/5
ihqc1Phd4OM3QiIWn+6OWgfZL/t1GiScTbrnclA31R9sbpyTJUhaGdR/t01G+XZV
SQKL+mJqcmbLNEDyml40zC9mQSOy0aosHlHmVDaoxyCfB8IOZcqF2mzQw0Cx0tcT
wZEpyGwVzso0KOeg+7ysRWrtaBUOS0cwm/zcpTa2uOVceupBiMotdcNjJksiFqya
l1Nor5uZHmqjExnyZRqOPGzX+QPLCYqRzGvV4JrThyFNFjecuM2cjz3QOS7WV/iZ
Q++9eJtwC+xivau/zkPe2+8wWTAOIwgbjfL2DgrGB6FPJwhVHequeRFviS3EprGU
g56oUPoKkTG6DzY2E74nSAEHezU6PUMc3VZa5rJDfYNircrNN/ZXZZ4+LgpKdb/g
B9KE5rRoDVPmMdyrk/me5Jzua2P6eGclwbUFCghEbkiHvX3kMljIl/hkbMnF/a3b
qJ3XPER1DqYMd5OADzyq
=mQp0
-----END PGP SIGNATURE-----
--C7PTD44AewjTsiSV--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |