delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2015/03/24/12:49:12

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:date:from:to:subject:message-id:reply-to
:references:mime-version:content-type:in-reply-to; q=dns; s=
default; b=g+hkc2CgePIn/8I+fftSFk6/WUo0jCr2T336w4mlSlCU7QLsb9Js2
2b1hy+U+QDFHoCRX/ZWVtKXXVx6oQkTx4VN0DoWRHr9z78pH4jtz0F+Fbwe3XMnB
xkY9ExAs+TIuYcK+q85HgVGHhGDPr80MWLQUxPuXnUozQCbKPOlBF0=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:date:from:to:subject:message-id:reply-to
:references:mime-version:content-type:in-reply-to; s=default;
bh=7hj+X1o/3wa3Z0hkhAUjc2Oz9j8=; b=Wr9LcujKm0bnoVcwOp4mYvhuzRD2
mUfXJiDBLKFX0yyqRveziXv9tl5gPJ9CGoGHnxtdQEM+vPcbsCTnVP5pm2GXAhvP
keN81GjjUv7zVYeCbCzMnk4Cqtneke+t6iUwCd0NgFO5jdKdyojRiwOMsIY5JJ1p
/1+scXDoRaCCTq4=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2
X-HELO: calimero.vinschen.de
Date: Tue, 24 Mar 2015 17:48:50 +0100
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: update trouble 1.7.35
Message-ID: <20150324164850.GY3017@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <33EC3398272FBE47B64EE3B3E98F69A76C40CC25 AT DE011520 DOT schaeffler DOT com> <20150323193842 DOT GM3017 AT calimero DOT vinschen DOT de> <loom DOT 20150324T142454-956 AT post DOT gmane DOT org> <20150324140333 DOT GA17861 AT calimero DOT vinschen DOT de> <33EC3398272FBE47B64EE3B3E98F69A76C414FBD AT de011521 DOT schaeffler DOT com> <20150324155024 DOT GA21272 AT calimero DOT vinschen DOT de> <33EC3398272FBE47B64EE3B3E98F69A76C41502F AT de011521 DOT schaeffler DOT com>
MIME-Version: 1.0
In-Reply-To: <33EC3398272FBE47B64EE3B3E98F69A76C41502F@de011521.schaeffler.com>
User-Agent: Mutt/1.5.23 (2014-03-12) 

--a6Ri6/t33sscKOaw
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mar 24 16:25, Lemke, Michael  ST/HZA-ZSW wrote:
> On March 24, 2015 4:50 PM Corinna Vinschen wrote:
> >On Mar 24 15:19, Lemke, Michael  ST/HZA-ZSW wrote:
> >> C:\NCygwin\bin>cat ..\etc\nsswitch.conf
> >> passwd: files
> >> group: files
> >>=20
> >> C:\NCygwin\bin>getent passwd %USERNAME%
> >> lemkemch:unused:12729:10513:U-INA-DE01\lemkemch,S-1-5-21-1373454394-16=
54746546-1
> >> 846952604-2729:/home/lemkemch:/bin/tcsh
> >
> >Is that what you have in /etc/passwd?
>=20
> Oops, thought I also showed passwd:
>=20
> C:\NCygwin\bin>cat ..\etc\passwd
> lemkemch:unused:12729:10513:U-INA-DE01\lemkemch,S-1-5-21-1373454394-16547=
46546-1846952604-2729:/home/lemkemch:/bin/tcsh
>=20
> >
> >> C:\NCygwin\bin>id
> >> uid=3D4294967295(Unknown+User) gid=3D4294967295(Unknown+Group) groups=
=3D545(Users),555
> >> (Remote Desktop Users)
> >
> >what does `mkpasswd -d | grep -i lemkemch' print?
>=20
> C:\NCygwin\bin>mkpasswd -d | grep -i lemkemch
> lemkemch:*:1175788:1049089:XXXXXXXX\lemkemch,S-1-5-21-435809281-806517502=
-2525237208-127212:/home/lemkemch:/bin/bash

Ouch.  Your user SID from AD is different to the one in /etc/passwd.

> Note that "they" did a domain switch here at some point.  My installation=
=20
> is really old and the passwd certainly is from before that domain change.

That explains it.  Please recreate your /etc/passwd and /etc/group
files with mkpasswd and mkgroup, or, even better, just discard them.

The problem is the domain switch which also changed the SID of your user
account.  The old SID, which you also have in your passwd, is not
returned by the server anymore.  But it's stored in your SID history in
AD and when asking for it you get an answer.

> >> Anything else you'd like me try?
> >
> >Can you change /etc/nsswitch.conf to "db" only, stop all cygwin
> >processes and restart a shell?  What does `getent passwd %USERNAME%'
> >and `id' print now?  How does an strace of this getent call look like?
>=20
> C:\NCygwin\bin>vi ..\etc\nsswitch.conf
>=20
> C:\NCygwin\bin>cat ..\etc\nsswitch.conf
> passwd: db
> group: db
>=20
> C:\NCygwin\bin>getent passwd %USERNAME%
> lemkemch:*:1175788:1049089:XXXXXXX\lemkemch,S-1-5-21-435809281-806517502-=
25
> 25237208-127212:/home/lemkemch:/bin/bash
>=20
> C:\NCygwin\bin>id
> uid=3D1175788(lemkemch) gid=3D1049089(Domain Users) groups=3D1049089(Doma=
in Users),...
> many many groups I don't like to post here.

So it works.  That's cool.  I'd suggest to throw away your passwd and
group files and live happily ever after.

> > I'm grabbing for straws...
>=20
> I noticed something else: With nsswitch.conf db:
>=20
> > ls -l
> ...
> -rw-rwxr--+ 1 lemkemch OLDDOMAIN+Domain Users      10057 Oct 21  2013 tes=
tresults.xml
> drwxr-xr-x+ 1 lemkemch OLDDOMAIN+Domain Users          0 Nov  9  2010 tid=
y4aug00
> drwxrwxr-x+ 1 lemkemch Domain Users                   0 May 14  2014 tiny=
mce
> drwxr-xr-x+ 1 lemkemch OLDDOMAIN+Domain Users          0 Jan 13  2012 tom=
ahawk-1.1.11
> ...
> > ls -ln
> ...
> -rw-rwxr--+ 1 1051305 1073742337      10057 Oct 21  2013 testresults.xml
> drwxr-xr-x+ 1 1051305 1073742337          0 Nov  9  2010 tidy4aug00
> drwxrwxr-x+ 1 1175788    1049089          0 May 14  2014 tinymce
> drwxr-xr-x+ 1 1051305 1073742337          0 Jan 13  2012 tomahawk-1.1.11
> ...
>=20
> Note the different numerical id's that translate to the same username.
> Don't know if it means anything.  I just find it weird.

That's due to your SID history.  It's a bit hard to explain, but that
occurs when "they" switch to a new domain with different SIDs.  When
asking for the new and the old SID, the same username is returned since
both are your SIDs, one old, one new.

I strongly recommend not to use the old SID anymore.  The reason is that
Cygwin will create all these files with the old SIDs.  However, your
actual user token has the new SID.  Uh, as I wrote, hard to explain and
a weird situation.

Downside: Cygwin can't handle the old SIDs from your SID history quite
correctly.  Trying to support them as well would slow down the user and
group lookups a lot.  If you can live with what we just found out and
the solution I suggested, I'd be rather happy :}


Thanks,
Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--a6Ri6/t33sscKOaw
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJVEZVyAAoJEPU2Bp2uRE+g5oAP/3EbwLWhJYrCYP7ATjKYiU4D
hfir0BSvJwR7cAP1nBBIaBgo7fgWZN3IAzCfGiVZXjA6NSoanOmAu2evH/y2TQxd
TBvJtJDhAWLEIUCgLprB1Qk0SH1HQIl46cijJT+I2aj7GBhA74zzmpEDPCP1uG0T
j/pYjJeq39pZ0weoZZISc+oZbAmJJOnZ0gFGDBvnnriVoUBZN5y4Ot8k/nj7LOS+
Rjayg1CZEWlwbGQr4ojqRH1pjnWyKsfMn3EdBbIu9w0OOde/GjjHCm4XONbQox0B
MCy4d8FFECWh72NDOElhSwUxIs5TAFNbQ1IGqNRePz8ze/PQ16t776e3x+UFTtpU
HOjlL0VBcZkAzL1/aN4CmnGZsC2OH6Zq+gpfXHNGBNfmRXy4+FjQdCfjmy7vaRag
PSTExmy4F+V7R4Cd9tmymMtwNVsHaTbepowt8ixWqNzohWAKn8H3TgAKwRdERaig
KsLixxAfq20PJv5lu492nsk7tasIEI32vOETNqmkm+B06bIf0WftbPQDe0rIgmwy
PrDhmjHGh6DkkpFMrj26kGtukZ1LQdSMs5Yb5T4S1PHoou3txmTo7i8oMktll3Xl
5XkYtCN06+b0LE1B2HvY0BxAWib1SwaAfMRzH1wo6lDZ2kg2m7hEHC2NgvobPvSH
vehGZGLUE4ty6Y2Ifdno
=NkI9
-----END PGP SIGNATURE-----

--a6Ri6/t33sscKOaw--

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019