Mail Archives: cygwin/2015/02/25/15:24:19
--/04w6evG8XlLl3ft
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Feb 25 12:55, Len Giambrone wrote:
> On 02/25/2015 12:34 PM, Corinna Vinschen wrote:
> >On Feb 25 12:26, Len Giambrone wrote:
> >>$ ls -la foo
> >>-rw-rw-r-- 1 Unix_User+build Unix_Group+releng 0 Feb 25 10:52 foo
> >>
> >>Is that expected? (The Unix_User+/Unix_Group+ prefix).
> >Yes, that's expected. After all, they are users different from your
> >Windows account, see the SIDs.
>=20
> That's what I thought.
>=20
> > If you don't want the prefix, you can
> >still override this by manually dropping the prefixes, along the lines
> >of what you could already do in the former implementation. Should be a
> >last resort, of course.
>=20
> I actually tried that; I removed the Unix_User/Group+ prefix from the pas=
swd
> entry to see if it worked.
> It did, but then I couldn't ssh in as that user:
>=20
> build AT wx64lg /etc
> $ cat /etc/passwd
> lgiambro:*:4278246287:99999:,S-1-22-1-56207::
>=20
> build AT wx64lg /etc
> $ cat /etc/group
> releng:S-1-22-2-999:4278191079:
Oh, wait. That's not good. If you do that you must create *two* entries
in /etc/passwd and /etc/group with the same account names, one of them
being the Windows account, the other being the UNIX account. The order
is important, too. The Windows account must preceed the UNIX account,
kind of like this:
$ mkpasswd -b -c -l my-unix-machine -U corinna
corinna:*:1049577:1049701:U-VINSCHEN\corinna,S-1-5-21-2913048732-16971887=
82-3448811101-1001:/home/corinna:/bin/tcsh
Unix_User+corinna:*:4278190580:99999:,S-1-22-1-500::
Then remove the Unix_User prefix. It's a bit fragile, that's why
other solutions are better, imho.
> > The other, better way not restricted to Cygwin
> >is to install Samba's winbind.
>=20
> We are running winbind.
>=20
> > It just doesn't help for existing UNIX
> >accounts, afaics.
>=20
> I don't know how winbind works. If it doesn't work with existing UNIX
> accounts, then when _would_ it have an effect?
I don't know exactly how winbind works either. AFAIK it gets a range of
UNIX uid/gids, e.g 100000-200000, and then it translates any incoming
Windows SID into a Unix uid/gid in that range. These users are handled
by winbind, but not any other, already existing users like "root" or,
fwiw, any uid/gid outside the range it maintains.
Corinna
--=20
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
--/04w6evG8XlLl3ft
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBAgAGBQJU7i8RAAoJEPU2Bp2uRE+gfGAQAJqOrCDPFM5xjreFRZvldZPK
eXvGlRpEJSx56OrjJbdD2M0J3Ix8FxRJgY16AuGlWOFHbAMbnsgudgl8/5du2FZc
IZn+iEBVd6IBeIDPjLaTkNFTymcy1ypgi2pEeHd+rXucYTpzgOJXjn4r4LxZgxK7
u6ddsQRCo0uES4oIhV7TA/PPegmTPSyS1E8d8r6AVvDxRrvcahYmdUcJ5r3oEfl/
T1RTu2ERwTSA3huBz6G+hxUFWeLCl65zLZmA7xbWPi0+lCQy3X9R0dndVn3684pR
OBc9NNBd8HACr7Uc6IzwbUYSD211qHhNejkKqHG8XHkoYmJXvqblhEQh/DKGoGIt
VtUC2+tJBPFqV2GTH2lD0oIOdfNzUVOwfK2nY7W0Wk+JtNDOB+LrYiIHIDB+TIXO
HxRnDTay6kjEWWifbnFi2phg/Jcmq1dcWsHAwyFK/Tb1xOjrior/gXXueE566khc
P+Nu2YRI+Q1hLDKBWCIBHarOeR0OgGPORKQzrYKPu+bDPeVPgm8rNSnY/LwIRyJZ
Ua8oQhaz4NC1mvERAVAE1dlbCLEvLl5WUxeNptllQX7i1g59HmSjfscqDEIMNtGq
M/ymY9LpCuTZC/2GvbiSxL1RHu3DVWEvH/Hi/ur5OokhiekrKlZQcIcr5cYY1bru
TcYc3arkA4bzNcvl6hI3
=8cT3
-----END PGP SIGNATURE-----
--/04w6evG8XlLl3ft--
- Raw text -