| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=AMsbyB6BhFZu6JLgRIWdKGHIznA9orsQwgq8p7W0fqW59lBAVc7PW | |
| 77zj6RptQXeCi5ieSRyVCocN9/QTKEJAGkqvRU36R9vZqNuHhkklgBItxMQqe1po | |
| yxbgs5OH3eqCyrm5seQepVHrkO09FVVj9oU8rFEkC9Re++4GRfUCn8= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=vv13PdY5wFIJev7FkUryloF0klU=; b=LL6DYLv4VPg3feZSSnhufFu77ZFA | |
| yIiYHsamB31jyV+H/HUzFAPzPszl622Zs3Q+/Exl4rXem9WBXDnhpqWKM7Vn8RYJ | |
| NlJGJxkwYd95WPPoJv4gCDXSMvBNbmvUot1SeP3vjYPAckmEmgfauXAsogR9/vM/ | |
| jbZ2Vt8j65VLWkg= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-4.0 required=5.0 tests=AWL,BAYES_40,UNSUBSCRIBE_BODY autolearn=no version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Tue, 11 Nov 2014 12:09:43 +0100 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: RFC: 1.7.33 problem with user's home directory |
| Message-ID: | <20141111110943.GA28012@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <20141110205216 DOT GJ2782 AT calimero DOT vinschen DOT de> <0B8D23F7-0258-472D-BF38-860402FD3CDC AT etr-usa DOT com> <20141111101821 DOT GO2782 AT calimero DOT vinschen DOT de> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <20141111101821.GO2782@calimero.vinschen.de> |
| User-Agent: | Mutt/1.5.23 (2014-03-12) |
--jRHKVT23PllUwdXP
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Nov 11 11:18, Corinna Vinschen wrote:
> On Nov 10 23:09, Warren Young wrote:
> > On Nov 10, 2014, at 1:52 PM, Corinna Vinschen <corinna-cygwin AT cygwin DOT co=
m> wrote:
> >=20
> > > Shall the "db" entries utilize the Windows home folder if it exits(*)
> > > and drop using the unixHomeDirectory? It seems inevitable=E2=80=A6
> >=20
> > Use of AD implies some level of security consciousness. The ability to=
write to c:\cygwin =E2=80=94 not just during installation, but during all =
use thereafter! =E2=80=94 comes out of a world where every user is a local =
Administrator.
> >=20
> > This answer I wrote on Stack Overflow is one way to solve the problem t=
oday:
> >=20
> > http://stackoverflow.com/questions/26666180/
> >=20
> > It might not be a bad idea if Cygwin started doing this sort of thing b=
y default in the future. (Obviously for new installs only.)
>=20
> What I gather from the replies so far is this:
>=20
> - Nobody really cares for unixHomeDirectory.
>=20
> - Some want to use the Windows home folder.
>=20
> - Some want Cygwin to utilize the HOMEPATH dir.
>=20
> - Some want Cygwin to use always it's own /home and do everything else
> via symlinks or mount points.
>=20
> The problem so far is that I'm not sure it's clear to everybody what
> I mean. I'm *not* talking about a default value which can easily be
> overridden by tweaking /etc/passwd. I'm talking about what the passwd
> entry contains if there's no passwd file, and the admins want to keep
> the administration strictly inside AD. The passwd entry gets generated
> from what AD provides. And here we need a sensible default behaviour.
>=20
> One possible, but not naturally useful default behaviour is what
> the current code does:
>=20
> 1. Utilize the unixHomeDirectory AD attribute.
> 2. If unixHomeDirectory is empty, fall back to /home/$USER.
>=20
> Another possible behaviour:
>=20
> 1. Utilize the homeDirectory AD attribute (aka %HOMEDRIVE%%HOMEPATH%).
> 2. If homeDirectory is empty, fall back to /home/$USER.
>=20
> Another:
>=20
> 1. Always use /home/$USER and let the admins come up with a matching
> mount point scheme.
>=20
> Another:
>=20
> 1. Add a setting to /etc/nsswitch.conf which allows to specify one of
> the above:
>=20
> home: [unix|win|home]...
>=20
> - "unix" means, set pw_dir to unixHomeDirectory
> - "win" means, set pw_dir to homeDirectory
> - "home" means, set pw_dir to /home/$USER
> - Multiple entries are possible.
> - Default in the absence of this setting is: always set pw_dir to
> /home/$USER.
Another way to handle Cygwin-specific settings would be to utilize the
description(*) field in the user's entry, just as implemented for SAM
accounts. See the SAM part of
https://cygwin.com/preliminary-ug/ntsec.html#ntsec-mapping-passwdinfo
for how to use XML-alike entries in the description field to add user
data, for instance
<cygwin home=3D"/foo/bar"\ shell=3D"/bin/tcsh"/>
This could be added to some standard scheme:
1. Utilize the description attribute.
2. If description is empty, utilize homeDirectory.
3. If homeDirectory is empty, use /home/$USER.
Or this could be added as a setting in nsswitch.conf:
home: [unix|win|desc|home]
I could think of arbitrarily complex ways to extend this nsswitch.conf
setting, as in:
home: /foo/bar/%U
With %U being the Windows username, %D the domain name, %u the Cygwin
user name. But all this also takes time to implement, of course :(
Corinna
(*) Note the naming confusion:
The `net user /comment:...' command sets the AD attribute "description".
The `net user /usercomment:...' command sets the AD attribute "comment".
--=20
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
--jRHKVT23PllUwdXP
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJUYe53AAoJEPU2Bp2uRE+gvuUP/1gcB+aGLgbRZJKlrJoXx9Yr
Rwku1jGSETzwUth5438BgWAY8PSnhNPE/DTJNnnM4wMFiY8yTOba26Jdcj3is+W8
b2u1RJrsDgT/I6iKAaajboo9gEv0efLOf03Tb4nnT0O6lvIfxTNVpfrxRxfwYFTr
58dP48cDvUrGk6f9gMmSRFk/D8W4dtqGFyFvgycejC5zFWJ5ZrYp8fS2FoNMH1O3
7L/GaOJ0MdIixSoFypOmApR/4oeboXwBCOOpIo3ZCNYQMY8lPhA7yLNc+SNqDrBF
HaiioqrmVvXTZDHDyXoa3HEAuIbloApQ5s0+mi2E3gxcIxJTR6FyCmshFBIZAzTh
OmVnqGrqW+ldM+tQhVF2VW+HXK+GxYSLnDq4Ha/hhYBEGDQo0v+07jv2VNQMzx7n
X49QNPpgmg3L03Ntnyr6QZAQXmKyUwq5bM+eG2OlsShWVYkag4bxWVYBtP56LJMw
slIvSreixbtYkrQHpprJu4PHLyVURUveJcyFBdnqgWL0gssMPaH5AdlQTn20RG2b
VXWfIXcVOpDyBD2SdRgMsaA9Z+qi+UlmSA+rOOIrivMsVdKLZX2k9FDR9PBxBarw
EAnYCwwTns0IHkHlkSTUzmbXEUOQfVNJUeVhaU0OyXgjTjbuLmumi/qDUCnWzJyP
SWbV6mMFjXiRZMltA/yh
=u/nH
-----END PGP SIGNATURE-----
--jRHKVT23PllUwdXP--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |