| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=t3colF3F/pE4ccdl2TRecsFgUN8M5MkZD/Hng5OqgACjRFHC38xOd | |
| gM77DK1A+AcJthm5XUzz21asdNBuJ+PgtBsDdyY9Y7VdEa3WYdUj329E6E4mQAen | |
| se0T6QGahLoTB5T3KrR0JnB1Bw6Vq0rBkwCBp91oCnFLB5F2QMEluU= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=y4pqkRt6qkP8gph2t+xsQuzdGiI=; b=PB6hKQclbO8V53yXTdHAcTkKny2r | |
| tA9n9xu3W4m34tkb79YWIvwy5kZHV3DyHcFfDC0C56lpoWCliuyR4nAcrWGV45tl | |
| 7tqPZhSsT9/PF/K1zyzyP6Y8kE92hE14W6LHV5U7aK9qCstbD9q0CnStFNGVjzkh | |
| DZpJEhCYXfY5PiE= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-93.9 required=5.0 tests=BAYES_50,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_PBL,RDNS_DYNAMIC,USER_IN_WHITELIST autolearn=no version=3.3.2 spammy=GID, emailed, SID, Trying |
| X-HELO: | calimero.vinschen.de |
| Date: | Wed, 9 Mar 2016 12:27:50 +0100 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: RFC2307 accounts |
| Message-ID: | <20160309112750.GA14733@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <56DFCC21 DOT 8070506 AT studelec-sa DOT com> <56DFE973 DOT 2070406 AT maxrnd DOT com> <56DFFE26 DOT 9080705 AT studelec-sa DOT com> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <56DFFE26.9080705@studelec-sa.com> |
| User-Agent: | Mutt/1.5.24 (2015-08-30) |
--sdtB3X0nJg68CQEu Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mar 9 11:42, Marc Rechte wrote: > Le 09/03/2016 10:14, Mark Geisert a =C3=A9crit : > >Marc Rechte wrote: > >>Hello, > >> > >> Trying to set RFC2307 accounts, using unix schema in > >>/etc/nsswitch.conf. > >[...] > > > >Your original post of this material was answered about 30 minutes after > >your post. Kindly follow up there... > > > >https://cygwin.com/ml/cygwin/2016-03/msg00076.html > Sorry, I did not get that answer emailed to me (some confusion during the > subscription). >=20 > I am not clear with answer given by Corinna. >=20 > The idea behind RFC2307, imho is to have a consistent UID/GID between > systems which have joined a domain. This is what we achieved in our domai= n, > where a user login into whatever Linux box, gets the same uid/gid. One wo= uld > expect the same behaviour in cygwin (on a joined machine), wouldn't he ? That's not the idea behind the uid/gid mapping. You might have noticed that "unix" is not used as a keyword in the passwd and group settings in /etc/nsswitch.conf, only in the db_home, db_shell, and db_gecos settings. Keep in mind that we have two mappings. The main mapping is the mapping between Windows SID and a computed uid/gid value used in Cygwin which allows fast mapping in both directions. A computed value drops the requirement to access an LDAP server for the mapping, which is especially bad when not using AD as mapping server. Please read https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nfs and https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-samba again. The RFC 2307 mapping only comes into play when reading meta information from an NFS or Samba share. The unix uid/gid values have to be mapped to a Windows user (better: SID) in the first place, not to the Cygwin uid/gid values. The actual uid/gid values are irrelevant. Worse, using the RFC 2307 values might collide with other, computed uid/gid values. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --sdtB3X0nJg68CQEu Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJW4Ai2AAoJEPU2Bp2uRE+gD2cP/idWCKHo15X6uma7AX99j0EB vhO8k9txXZDsRuQNNImFzmQCuqyiiiOXQ1zbMhkfeT7cHULkQtM3s6jtwzzZHbp/ 5KC4PgAlRhXIBKKhqeP3j61J8R5RfopD3BMPAuaUPpsi7QzacXN1PPoSu3OPh3Gm 0XCEtrS2lIunvj2ngyE4HPeiWM/IXvRq6ZZzMEa4sobhnFTRNI6WSJPu7FORGkF0 jzRPyv6dhdzmkM1GzTBFeTgz2g8C8vwdzqkBBND6A0LTWfnCCHYayJ52EdrJQzUY /aCzSSEAalVt4mp3ob0v7yAliqaLG1s/IkMhljj1+vJt/utoB9+c/1i3hoRaC9uW gS4y4nqo6Z2ur5uYDSRFol12Ix5StHKc//cO5+t9ig2knTqWp4VswTn88wPGlYq0 GIoA4y9IVDSyQSinA/J948r4DS8EqFrZgiLHk74fJnNkruOcg41gKEphMbCiSysV MBynM/meqWMqQfP1m+DkixIvhh+FceiYGjHxEpgY5/LPWwIJCMJj6k/f/igP+7Et 2XXAhPd+cD+tzQaJGkD6Q418G9WtEqoUIIHqwNVDoygV2RDBtnPzSy5fjeTyPp5u UC7Uf3QYCvqvexkwSqMUQiBRZk3XCoJd4mWnaZeVMnXCnwOfS+RMuIb89XzYFQ4D sdpwR3TPXlD1D5lEq7iP =YsKV -----END PGP SIGNATURE----- --sdtB3X0nJg68CQEu--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |