Mail Archives: cygwin/2015/03/24/13:57:17

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2015/03/24/13:57:17

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:from:to:subject:date:message-id:references

:in-reply-to:content-type:content-transfer-encoding

:mime-version; q=dns; s=default; b=qJHHp6Cp0z1ms5aDZ95ou5dfGl38+

DWIG4iqAp4SznnWijAR2nm6HuMqV/qLLgawD2VU7fg1nMRt5a8Z4m3SOcfFBIieR

q7MoNV+c+AMspVt/pbodgrfV6+Feft+ftweqlzDsFCpF2yKRe1G2b4sZAsabk4dH

TmjOnte9RfvRB8=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:from:to:subject:date:message-id:references

:in-reply-to:content-type:content-transfer-encoding

:mime-version; s=default; bh=GXeqFIEhp3UlBdSDLCzbh1JxvjY=; b=TYD

+7+4OFCfi/RTmr2Bfya+xtVrmhIPEG8puDDNuGG+4+zhn3tRPpR2PLv6cNKiYyVD

VHVvZ40wcMK9njl95K7Dz4Nxd6N3G9eXl0mXp4kXoWxaic1YtCXIXntrSZFDACBj

R+GuiKYf+j+2XJ0mo856AWgeUVtcIzafFqcFRje8=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-1.0 required=5.0 tests=AWL,BAYES_00,MIME_BASE64_BLANKS,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.3.2

X-HELO: cluster-j.mailcontrol.com

From: "Lemke, Michael ST/HZA-ZSW" <lemkemch AT schaeffler DOT com>

To: "cygwin AT cygwin DOT com" <cygwin AT cygwin DOT com>

Subject: RE: update trouble 1.7.35

Date: Tue, 24 Mar 2015 17:56:53 +0000

Message-ID: <33EC3398272FBE47B64EE3B3E98F69A76C415077@de011521.schaeffler.com>

References: <33EC3398272FBE47B64EE3B3E98F69A76C40CC25 AT DE011520 DOT schaeffler DOT com> <20150323193842 DOT GM3017 AT calimero DOT vinschen DOT de> <loom DOT 20150324T142454-956 AT post DOT gmane DOT org> <20150324140333 DOT GA17861 AT calimero DOT vinschen DOT de> <33EC3398272FBE47B64EE3B3E98F69A76C414FBD AT de011521 DOT schaeffler DOT com> <20150324155024 DOT GA21272 AT calimero DOT vinschen DOT de> <33EC3398272FBE47B64EE3B3E98F69A76C41502F AT de011521 DOT schaeffler DOT com> <20150324164850 DOT GY3017 AT calimero DOT vinschen DOT de>

In-Reply-To: <20150324164850.GY3017@calimero.vinschen.de>

MIME-Version: 1.0

X-IsSubscribed: yes

X-MIME-Autoconverted: from base64 to 8bit by delorie.com id t2OHvC9A011038

On Tuesday, March 24, 2015 5:49 PM Corinna Vinschen wrote:
>On Mar 24 16:25, Lemke, Michael  ST/HZA-ZSW wrote:
>> On March 24, 2015 4:50 PM Corinna Vinschen wrote:
>> >On Mar 24 15:19, Lemke, Michael  ST/HZA-ZSW wrote:
>> >> C:\NCygwin\bin>cat ..\etc\nsswitch.conf
>> >> passwd: files
>> >> group: files
>> >> 
>> >> C:\NCygwin\bin>getent passwd %USERNAME%
>> >> lemkemch:unused:12729:10513:U-INA-DE01\lemkemch,S-1-5-21-1373454394-1654746546-1
>> >> 846952604-2729:/home/lemkemch:/bin/tcsh
>> >
>> >Is that what you have in /etc/passwd?
>> 
>> Oops, thought I also showed passwd:
>> 
>> C:\NCygwin\bin>cat ..\etc\passwd
>> lemkemch:unused:12729:10513:U-INA-DE01\lemkemch,S-1-5-21-1373454394-1654746546-1846952604-2729:/home/lemkemch:/bin/tcsh
>> 
>> >
>> >> C:\NCygwin\bin>id
>> >> uid=4294967295(Unknown+User) gid=4294967295(Unknown+Group) groups=545(Users),555
>> >> (Remote Desktop Users)
>> >
>> >what does `mkpasswd -d | grep -i lemkemch' print?
>> 
>> C:\NCygwin\bin>mkpasswd -d | grep -i lemkemch
>> lemkemch:*:1175788:1049089:XXXXXXXX\lemkemch,S-1-5-21-435809281-806517502-2525237208-127212:/home/lemkemch:/bin/bash
>
>Ouch.  Your user SID from AD is different to the one in /etc/passwd.
>
>> Note that "they" did a domain switch here at some point.  My installation 
>> is really old and the passwd certainly is from before that domain change.
>
>That explains it.  Please recreate your /etc/passwd and /etc/group
>files with mkpasswd and mkgroup, or, even better, just discard them.
>

I just created new ones.  I like passwd/group much better than AD, sorry.  
Just like real unix before the invention of yellow pages and nis.  This 
way I can easily give different shells to different users (not that it is
really important at the moment).

In nsswitch.conf I put 
passwd: files db
group: files db

and ls listings seem to look fine.  Login is also possible again
with correct tcsh shell.

>The problem is the domain switch which also changed the SID of your user
>account.  The old SID, which you also have in your passwd, is not
>returned by the server anymore.  But it's stored in your SID history in
>AD and when asking for it you get an answer.

So, to sort of sum this up: the new cygwin doesn't deal well with 
contradicting entries in passwd and AD.  Or something like that.  Maybe 
you can at least make the login process generate an error message.  I just
realize there is one (which started this whole thread) but if you start 
cygwin from a minty shortcut (as I do and as it is the default I think) all 
you get is a flashing window.  I added "-h always" to the mintty options
to actually see the message.

>> 
>> I noticed something else: With nsswitch.conf db:
>> 
>> > ls -l
>> ...
>> -rw-rwxr--+ 1 lemkemch OLDDOMAIN+Domain Users      10057 Oct 21  2013 testresults.xml
>> drwxr-xr-x+ 1 lemkemch OLDDOMAIN+Domain Users          0 Nov  9  2010 tidy4aug00
>> drwxrwxr-x+ 1 lemkemch Domain Users                   0 May 14  2014 tinymce
>> drwxr-xr-x+ 1 lemkemch OLDDOMAIN+Domain Users          0 Jan 13  2012 tomahawk-1.1.11
>> ...
>> > ls -ln
>> ...
>> -rw-rwxr--+ 1 1051305 1073742337      10057 Oct 21  2013 testresults.xml
>> drwxr-xr-x+ 1 1051305 1073742337          0 Nov  9  2010 tidy4aug00
>> drwxrwxr-x+ 1 1175788    1049089          0 May 14  2014 tinymce
>> drwxr-xr-x+ 1 1051305 1073742337          0 Jan 13  2012 tomahawk-1.1.11
>> ...
>> 
>> Note the different numerical id's that translate to the same username.
>> Don't know if it means anything.  I just find it weird.
>
>That's due to your SID history.  It's a bit hard to explain, but that
>occurs when "they" switch to a new domain with different SIDs.  When
>asking for the new and the old SID, the same username is returned since
>both are your SIDs, one old, one new.
>
>I strongly recommend not to use the old SID anymore.  The reason is that
>Cygwin will create all these files with the old SIDs.  However, your
>actual user token has the new SID.  Uh, as I wrote, hard to explain and
>a weird situation.

Ok, I think I get it.

>
>Downside: Cygwin can't handle the old SIDs from your SID history quite
>correctly.  

Actually, with "files db" it seems to handle it quite well.  I get the same
username for both kind of files.  There are still lots of files in my
home I created before the domain switch.

>Trying to support them as well would slow down the user and
>group lookups a lot.  If you can live with what we just found out and
>the solution I suggested, I'd be rather happy :}
>

Yes, I am happy now.


Thanks,
Michael

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:subject:date:message-id:references
	:in-reply-to:content-type:content-transfer-encoding
	:mime-version; q=dns; s=default; b=qJHHp6Cp0z1ms5aDZ95ou5dfGl38+
	DWIG4iqAp4SznnWijAR2nm6HuMqV/qLLgawD2VU7fg1nMRt5a8Z4m3SOcfFBIieR
	q7MoNV+c+AMspVt/pbodgrfV6+Feft+ftweqlzDsFCpF2yKRe1G2b4sZAsabk4dH
	TmjOnte9RfvRB8=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:subject:date:message-id:references
	:in-reply-to:content-type:content-transfer-encoding
	:mime-version; s=default; bh=GXeqFIEhp3UlBdSDLCzbh1JxvjY=; b=TYD
	+7+4OFCfi/RTmr2Bfya+xtVrmhIPEG8puDDNuGG+4+zhn3tRPpR2PLv6cNKiYyVD
	VHVvZ40wcMK9njl95K7Dz4Nxd6N3G9eXl0mXp4kXoWxaic1YtCXIXntrSZFDACBj
	R+GuiKYf+j+2XJ0mo856AWgeUVtcIzafFqcFRje8=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-1.0 required=5.0 tests=AWL,BAYES_00,MIME_BASE64_BLANKS,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.3.2
X-HELO:	cluster-j.mailcontrol.com
From:	"Lemke, Michael ST/HZA-ZSW" <lemkemch AT schaeffler DOT com>
To:	"cygwin AT cygwin DOT com" <cygwin AT cygwin DOT com>
Subject:	RE: update trouble 1.7.35
Date:	Tue, 24 Mar 2015 17:56:53 +0000
Message-ID:	<33EC3398272FBE47B64EE3B3E98F69A76C415077@de011521.schaeffler.com>
References:	<33EC3398272FBE47B64EE3B3E98F69A76C40CC25 AT DE011520 DOT schaeffler DOT com> <20150323193842 DOT GM3017 AT calimero DOT vinschen DOT de> <loom DOT 20150324T142454-956 AT post DOT gmane DOT org> <20150324140333 DOT GA17861 AT calimero DOT vinschen DOT de> <33EC3398272FBE47B64EE3B3E98F69A76C414FBD AT de011521 DOT schaeffler DOT com> <20150324155024 DOT GA21272 AT calimero DOT vinschen DOT de> <33EC3398272FBE47B64EE3B3E98F69A76C41502F AT de011521 DOT schaeffler DOT com> <20150324164850 DOT GY3017 AT calimero DOT vinschen DOT de>
In-Reply-To:	<20150324164850.GY3017@calimero.vinschen.de>
MIME-Version:	1.0
X-IsSubscribed:	yes
X-MIME-Autoconverted:	from base64 to 8bit by delorie.com id t2OHvC9A011038