| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DKIM-Filter: | OpenDKIM Filter v2.11.0 sourceware.org 3F2083861009 |
| DKIM-Signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; |
| s=default; t=1710129011; | |
| bh=AwjPJuBAUNtO2qSU68o+x1t1MUN9pQq4VGUMkTgAyFE=; | |
| h=Date:Subject:To:References:In-Reply-To:List-Id:List-Unsubscribe: | |
| List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: | |
| From; | |
| b=g6PDBMI0Az29pxrrsALoo9F+9TBm2mxtil0EyrTVIiwWnfSVSM93aILaSvf7LhCEA | |
| hs/8BNjOP7hhzt656hCqZed9xbLxfGTPpJ7hD673JsB239H/j+/UATyZmyITtOm8bY | |
| TU8XlYG6fvl6TUmcMkIOnkpruWqTg9Mno/R4XhHw= | |
| X-Original-To: | cygwin AT cygwin DOT com |
| Delivered-To: | cygwin AT cygwin DOT com |
| DMARC-Filter: | OpenDMARC Filter v1.4.2 sourceware.org 35F3C3858422 |
| ARC-Filter: | OpenARC Filter v1.0.0 sourceware.org 35F3C3858422 |
| ARC-Seal: | i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1710128959; cv=none; |
| b=T7FC073maSAxgpG018SAQx+OrbaZaWsxmyoLLHV+Rypk1y4s/3xMjM9Tvg5YgXZA7HbmaU6TWh/P5Oxan/5gtTRXbi55ApRaRbhh0dCpIouIFzxuosQKIaqLNPI7BvVfxdizgCwC7InrMUQv6sPnhwwT8Nn5JHdWZqTjB5DYE7U= | |
| ARC-Message-Signature: | i=1; a=rsa-sha256; d=sourceware.org; s=key; |
| t=1710128959; c=relaxed/simple; | |
| bh=/1IAic0FsKBzflsd2N3RRaDXr5qxq8UajCpjcQkd6xA=; | |
| h=Message-ID:Date:MIME-Version:Subject:To:From; | |
| b=F/tX0AsL5JOlBgRZ+5Q0+0WxfV7illfn5GQW9SULhMnV/rL0Nqwz7j+4PGq6D1aJzqhnZuDr1+Wp3o6Q/JoB2k677v5atAZnEtNBLxx5Ct8hTzGmoEDmEif8tfWRuyc5j7nUmoV4yJOfT7sw2kvtdNGt8L6O2xGztaGuI+Jvk9o= | |
| ARC-Authentication-Results: | i=1; server2.sourceware.org |
| Message-ID: | <8073a531-0e17-43e3-9620-b485edf16d69@SystematicSW.ab.ca> |
| Date: | Sun, 10 Mar 2024 21:49:13 -0600 |
| MIME-Version: | 1.0 |
| User-Agent: | Mozilla Thunderbird |
| Subject: | Re: Switching groups with newgrp - how to get the new group with |
| |GetTokenInformation()| ? | |
| To: | cygwin AT cygwin DOT com |
| References: | <CAKAoaQnFxij4Np-jg+bOLEpiSziCfamFrJ2FR_JeO+Sv_Td2Kg AT mail DOT gmail DOT com> |
| <ZdecXZNUgQ3i0hYN AT calimero DOT vinschen DOT de> | |
| <CAKAoaQ=rCwVHnHAqfd5C3kC45GPE4ZHbbgCWrdM64sojLMuMyA AT mail DOT gmail DOT com> | |
| <Zdi-CnGX3CwWA0nl AT calimero DOT vinschen DOT de> | |
| <CAKAoaQ=kLW3houqanjcN9Qk1++BtgW-dNRiXjLYwCRTYEzoN=w AT mail DOT gmail DOT com> | |
| <CAAvCNcCHAVooYX2_tUHHnUYvWRKHWhBwxmKws7AcqjOo-sQd+g AT mail DOT gmail DOT com> | |
| <Zdnq5yJha75NTpgd AT calimero DOT vinschen DOT de> | |
| <CAAvCNcAEAr0gFdR_excafHq8+cYjDvf_APb1So-AAWGSu2+zTQ AT mail DOT gmail DOT com> | |
| <ZehpEr18QUP6C3Ge AT calimero DOT vinschen DOT de> <ZezUG1aiwd3t28U7 AT xps13> | |
| <CAAvCNcC=RpUgEia3vcZXqRD4CgyYnFRWXA3O+Kwfi3kQTNjD8A AT mail DOT gmail DOT com> | |
| Organization: | Systematic Software |
| In-Reply-To: | <CAAvCNcC=RpUgEia3vcZXqRD4CgyYnFRWXA3O+Kwfi3kQTNjD8A@mail.gmail.com> |
| X-Rspamd-Queue-Id: | 28FC62D |
| X-Spam-Status: | No, score=-2.7 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS, |
| KAM_SHORT, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H5, RCVD_IN_MSPIKE_WL, | |
| SPF_HELO_PASS, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE, | |
| UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 | |
| X-Stat-Signature: | 34nuxehtqh9u3x4y9eeaik4rqop43qp1 |
| X-Rspamd-Server: | rspamout04 |
| X-Session-Marker: | 427269616E2E496E676C69734053797374656D6174696353572E61622E6361 |
| X-Session-ID: | U2FsdGVkX1/OmIzgS9YXdYLECdg7jgj7HwX9eGbLn70= |
| X-HE-Tag: | 1710128954-48413 |
| X-HE-Meta: | U2FsdGVkX19LxubblX4LMw0isnFMVlm3HEz3HsdVaz2slegIHXhTzsvQea3972ug2/RsSEOLyJ79mnTQA7EhKQWbQfIod/pfqq2sNGYBqCz/iIHq1UHldccVSFBfGJy5c09RvrViKd9z+I+AHDDNCdLd1b+AFGCZQt4NKbqpkV/oSyroIV7PIowTx4sx86C6+pnEce7s7R5IKQxHyZ3Z1jmlZpTigqXUu4b0F5qf8vcbS0Xe75+sgpPyIBsSgvsrJsIJ1/VC/1Psl5nYCD9zPEcCqQx2pYr/h6DSQDm6Q9BzU6ZOJVQsjNtl2ujzDc+Y2KV9j3oUVpHIoUCA+IdOCubt+1xqGkqLpvhsISZ82pEQFAwIx4odaKpvv0n7Xq3UsC807b4gNtIq3kuYr9hLq3h+vo0lxifxRjhdTQAZDdIX8zoV4qC3jHZG9gganehWgWG5P2jGBeg1h1NzXvj8Iqvnk7Rn/AWpgu37Y4EMgi2Wlq/RKG91Mk2lbGxxleX9Ho+IbZLVuyFJm7GXEEBJvdDz4DZNhOOicA0wobwzTo6jRmez2eXoaSz5++/dKjFL |
| X-Spam-Checker-Version: | SpamAssassin 3.4.6 (2021-04-09) on |
| server2.sourceware.org | |
| X-BeenThere: | cygwin AT cygwin DOT com |
| X-Mailman-Version: | 2.1.30 |
| List-Id: | General Cygwin discussions and problem reports <cygwin.cygwin.com> |
| List-Unsubscribe: | <https://cygwin.com/mailman/options/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe> | |
| List-Archive: | <https://cygwin.com/pipermail/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-request AT cygwin DOT com?subject=help> |
| List-Subscribe: | <https://cygwin.com/mailman/listinfo/cygwin>, |
| <mailto:cygwin-request AT cygwin DOT com?subject=subscribe> | |
| From: | Brian Inglis via Cygwin <cygwin AT cygwin DOT com> |
| Reply-To: | cygwin AT cygwin DOT com |
| Cc: | Brian Inglis <Brian DOT Inglis AT SystematicSW DOT ab DOT ca> |
| Errors-To: | cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com |
| Sender: | "Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com> |
| X-MIME-Autoconverted: | from base64 to 8bit by delorie.com id 42B3oDPv1466784 |
On 2024-03-10 19:30, Dan Shelton via Cygwin wrote:
> On Sat, 9 Mar 2024 at 22:27, Glenn Strauss via Cygwin <cygwin AT cygwin DOT com> wrote:
>> On Wed, Mar 06, 2024 at 02:01:06PM +0100, Corinna Vinschen via Cygwin wrote:
>>> On Mar 5 23:38, Dan Shelton via Cygwin wrote:
>>>> On Sat, 24 Feb 2024 at 14:11, Corinna Vinschen via Cygwin wrote:
>>>>> On Feb 23 22:15, Dan Shelton via Cygwin wrote:
>>>>>> HOWEVER, there is another Cygwin bug:
>>>>>> "getent group mywingrp1" does not list any group members, even after
>>>>>> "net localgroup mywingrp1 mywinuser44 /add", which is a POSIX
>>>>>> violation.
>>>>>
>>>>> Not a bug. Two problems:
>>>>>
>>>>> - Getting members of a group can be an extremly costly operation
>>>>> in a domain or, worse, a domain forest, or even worse, if the
>>>>> domain or domain forest is remote.
>>>>>
>>>>> - Alonmg the same lines, getting members of a group can be extremly
>>>>> costly in big orgs with thousands of users. Nobody want's to clutter
>>>>> up space with the list of members in the "Domain Users" group.
>>>>>
>>>>> - Permissions to enumerate members of a group are restricted.
>>>>> By default only admins and group members are allow to enumerate
>>>>> members and this can be restricted further by domain admins.
>>>>>
>>>>> Therefore we dropped even trying to populate gr_mem, considering
>>>>> that even in its original form on Unix systems, it's used only
>>>>> to add supplementary groups. To do this right on Windows is even
>>>>> more costly than blindly enumerating.
>>>>>
>>>>> It's not a bug, it's a feature :)
>>>>
>>>> Could you add an option to getent so that the full lookup can be
>>>> requested via command line, pls?
>>>
>>> That's not possible. getent just calls getpwent/getgrent.
>>>
>>>> Always editing /etc/nsswitch.conf
>>>> forth and back is not a elegant solution, aside from race conditions
>>>> with other users on a system
>>>
>>> So, here we go again.
>>>
>>> - What exactly are you trying to accomplish by enumerating the accounts?
>>> Maybe you won't actually need it for your task at hand.
>>>
>>> - Why do you have to change nsswitch.conf "back and forth"?
>>> Just change it once and you're done.
>>>> Always editing /etc/nsswitch.conf
>>>> forth and back is not a elegant solution, aside from race conditions
>>>> with other users on a system
Plus you need to terminate all processes in a tree and/or restart cygserver to
pick up any changed information.
>> Please check the man page for getent.
>>
>> man getent
>> getent --help
>>
>> You can use -s or --service to override the service used without
>> editing nsswitch.conf. The man page on Linux provides an example
>> with a bit more details than the man page for getent under cygwin.
>> https://www.man7.org/linux/man-pages/man1/getent.1.html
That web page does not even define services (and it is not the same as the
services database), better info is available on the linked page:
https://man7.org/linux/man-pages/man5/nsswitch.conf.5.html
but none of those Linux services/sources apply on Cygwin.
The Cygwin getent man page does not document the current implementation; and
getent --help does not explain what a service configuration is: possibly the
same as the line you specify after db_enum, or maybe just one source?
Rely on /etc/nsswitch.conf; a bit better explanation is available if you install
Cygwin man-pages-linux then run:
$ man -m linux getent
and, as above, none of those Linux services/sources apply on Cygwin.
> Is this feature supported under Cygwin /usr/bin/getent?
>
> I tried it, but did not see any change. Even putting garbage into it,
> e.g. /usr/bin/getent -s "$(man man)" group foo does not yield an
> error.
This facility is a generic lookup using certain sets of functions accessing
information from various sources defined in comments in Cygwin's
/etc/nsswitch.conf, so if you pass in nonsense, you just will not get a match,
and nothing will be output.
You will only get an error if information required to perform a lookup is
unrecognized, for example option, database, or missing, for example key, where
enumeration is not supported.
Perhaps using meaningful commands on existing but elusive groups above like:
$ getent -s local group mywingrp1
$ getent -s primary group mywingrp1
may produce results that match what you should expect, and possibly even
$ getent -s 'local primary' group mywingrp1
may produce output.
--
Take care. Thanks, Brian Inglis Calgary, Alberta, Canada
La perfection est atteinte Perfection is achieved
non pas lorsqu'il n'y a plus rien à ajouter not when there is no more to add
mais lorsqu'il n'y a plus rien à retirer but when there is no more to cut
-- Antoine de Saint-Exupéry
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |