Mail Archives: cygwin/2017/05/29/17:31:04

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2017/05/29/17:31:04

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:subject:to:references:from:message-id:date

:mime-version:in-reply-to:content-type

:content-transfer-encoding; q=dns; s=default; b=ynhGWXBrhSE/rX3u

3bX769TMhrQA2oGM3H1pYU7aQTLaJ+mD9NuGPEunIURzOaMDjnAEfpKek6zei6ai

GGQdULSysNX27QBpfV2f1UPP5b0IUnenL3Pw+lNrxiZuia/6VXvUl+C2VjJS6KMc

ehPkvbvReA9UAFt1mS7D6ky0qbk=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:subject:to:references:from:message-id:date

:mime-version:in-reply-to:content-type

:content-transfer-encoding; s=default; bh=GuCSW/1/wbtiomn8E65WFa

4oK5g=; b=vsL6gh5c1cXZzEjdC58tRZTqB3wQ/PxmtYaDphA/4Bhd5G0Cibk8D+

7CuR5VjtkYTsteJh39JwJCQLQlilOHZPpaoNvnTmVycIJrYhydJsZgT4lQRX/L9g

um7eI0CSccQnDY6XVHHnz0TWGcwiM/tvDva5Mw4DRKtf/J8XhbxTI=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2 spammy=sid, expires, Password, shares

X-HELO: homiemail-a56.g.dreamhost.com

Subject: Re: Accessing SMB share as wrong user?

To: cygwin AT cygwin DOT com

References: <7f4eb950-de06-2981-c9b4-fd345c11ffb3 AT dd-b DOT net> <705418614 DOT 20170529225346 AT yandex DOT ru>

From: David Dyer-Bennet <dd-b AT dd-b DOT net>

Message-ID: <a58f719f-2ccb-bdb6-7871-f5c50416ce64@dd-b.net>

Date: Mon, 29 May 2017 16:30:41 -0500

User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1

MIME-Version: 1.0

In-Reply-To: <705418614.20170529225346@yandex.ru>

X-IsSubscribed: yes

X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id v4TLV39m021920

On 5/29/2017 14:53, Andrey Repin wrote:
> Greetings, David Dyer-Bennet!
>
>> And then of course I can't access it:
>> $ echo things >> foobar
>> -bash: foobar: Permission denied
>
> See Cygwin manual about setting up your network identity.
> Read around nsswitch.conf and implications of its different settings.

Okay, the detailed info on account mapping and nsswitch.conf looked like
it ought to address this situation, but it doesn't actually seem to
change anything.  But the documentation is *exceedingly* unclear, the
examples incomplete, and there's no info on easy ways to check if it's
working or not, so I may be wrong.

I have deleted /etc/passwd.  /etc/nsswitch is the default (all
comments), meaning it should be doing the default thing (in particular
it should behave as if "passwd: files db" and "group: files db" were
present; those are the defaults).

Using the Windows Computer Management utility I was able to add Cygwin
SAM comment entries to my Windows user account giving the proper Unix
UID for my account on the server, and the group. And I can see that data
come back from the Windows cmd.com using net user "David Dyer-Bennet":

C:\Windows\System32>net user "David Dyer-Bennet"
User name                    David Dyer-Bennet
Full Name
Comment                      <cygwin unix="1001" group="users"/>
User's comment
Country/region code          000 (System Default)
Account active               Yes
Account expires              Never

Password last set            7/11/2015 20:29:50
Password expires             Never
Password changeable          7/11/2015 20:29:50
Password required            No
User may change password     Yes

Workstations allowed         All
Logon script
User profile
Home directory
Last logon                   5/29/2017 16:06:34

Logon hours allowed          All

Local Group Memberships      *Administrators       *Ssh Users
Global Group memberships     *None
The command completed successfully.

So, I *think* I've got it set the way the documentation says (as I said,
I'm running a Samba server, but no AD or LDAP; that case is specifically
addressed in the documentation you point me to, and I think I've
followed that part of the instructions).

(The text in the doc isn't really clear on what number I put in the
unix="nnn" bit in the Cygwin comment, but the examples show a simple
small integer in the range commonly used for actual Unix UIDs, and that
makes sense, so I think I'm doing the right thing there.)

Oh, and 1001 is the correct UID for me on the SAMBA server, I
double-checked that.

What with one thing and another I even ended up rebooting the Windows
box after setting all that up (not, I believe, necessary; just starting
a new Cygwin process tree should I think be adequate for these changes,
but I *did* in fact reboot the whole box).

And, after reboot, my user id in Cygwin is still based on my Windows SID
(the last tuple), and my access to the files on the server behaves
exactly as before.

"This used to work," as they say. I've used Samba to export files from
Linux, Solaris (the built-in CIFS there actually, not SAMBA), and
FreeBSD servers, and accessed them from Windows and from Cygwin for more
than a decade.  Started being weird in the last year or two I think,
taken me this long to track it down in this much detail (I was figuring
the trouble was on the other end for a long time, but I've basically
eliminated that).  And the presence of this stuff in the documentation
indicates that there *is* something I need to do in Windows to make this
work.

Is anybody actually using this exact mode, SAMBA but no domain
controller, to a windows box, then accessing those shares via Cygwin?
How are you doing it?

Any suggestions on gathering more relevant information?
-- 
David Dyer-Bennet <dd-b AT dd-b DOT net>
http://dd-b.net/

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:subject:to:references:from:message-id:date
	:mime-version:in-reply-to:content-type
	:content-transfer-encoding; q=dns; s=default; b=ynhGWXBrhSE/rX3u
	3bX769TMhrQA2oGM3H1pYU7aQTLaJ+mD9NuGPEunIURzOaMDjnAEfpKek6zei6ai
	GGQdULSysNX27QBpfV2f1UPP5b0IUnenL3Pw+lNrxiZuia/6VXvUl+C2VjJS6KMc
	ehPkvbvReA9UAFt1mS7D6ky0qbk=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:subject:to:references:from:message-id:date
	:mime-version:in-reply-to:content-type
	:content-transfer-encoding; s=default; bh=GuCSW/1/wbtiomn8E65WFa
	4oK5g=; b=vsL6gh5c1cXZzEjdC58tRZTqB3wQ/PxmtYaDphA/4Bhd5G0Cibk8D+
	7CuR5VjtkYTsteJh39JwJCQLQlilOHZPpaoNvnTmVycIJrYhydJsZgT4lQRX/L9g
	um7eI0CSccQnDY6XVHHnz0TWGcwiM/tvDva5Mw4DRKtf/J8XhbxTI=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-2.3 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2 spammy=sid, expires, Password, shares
X-HELO:	homiemail-a56.g.dreamhost.com
Subject:	Re: Accessing SMB share as wrong user?
To:	cygwin AT cygwin DOT com
References:	<7f4eb950-de06-2981-c9b4-fd345c11ffb3 AT dd-b DOT net> <705418614 DOT 20170529225346 AT yandex DOT ru>
From:	David Dyer-Bennet <dd-b AT dd-b DOT net>
Message-ID:	<a58f719f-2ccb-bdb6-7871-f5c50416ce64@dd-b.net>
Date:	Mon, 29 May 2017 16:30:41 -0500
User-Agent:	Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1
MIME-Version:	1.0
In-Reply-To:	<705418614.20170529225346@yandex.ru>
X-IsSubscribed:	yes
X-MIME-Autoconverted:	from quoted-printable to 8bit by delorie.com id v4TLV39m021920