X-Recipient: archive-cygwin@delorie.com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=sa2UNedAzv8yEL2JxqF1TN3lgAhgTtT53OoEplTPm6lDuSLh9fTUk KWqAvUCXHtT0sFl/JoY/ATrH0EAFFQracUQazooRFaYCEeALJjL07lVTZkXF+GNF QNSz7kZOoNy6RoRziOyMO01wVEjAEO/Hhv1esPIXjM+ceDLxeEB7tw= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=o/l0NStaj2onHVK9muNjyEuhKSc=; b=VKqbbKkE0uanzYnthkoZKGWcoTOC WCz+A/gM81pK9+IMVVMgQhkJCfOZ8L5RVniBrh8tfMH4L6oeus1b9SXipyDKFH9d yKVLEPgSr4wehuUJaGEOdBCjJo99OaWuUlz0o12rXVGpXrAZx9ScRxrBmLKLEXU+ eG6s4E8UE7YRhOE= Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Delivered-To: mailing list cygwin@cygwin.com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.9 required=5.0 tests=AWL,BAYES_00,SPAM_BODY autolearn=no version=3.3.2 X-HELO: calimero.vinschen.de Date: Tue, 28 Oct 2014 15:42:55 +0100 From: Corinna Vinschen To: cygwin@cygwin.com Subject: Re: Mild amazement (questions) about the output of mkpasswd (1.7.33). Corinna? Message-ID: <20141028144255.GM20607@calimero.vinschen.de> Reply-To: cygwin@cygwin.com Mail-Followup-To: cygwin@cygwin.com References: <56f1e6ae0c5e30cb5745eed0af9efe39.squirrel@webmail.xs4all.nl> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="gHypzss5dW8YUwgb" Content-Disposition: inline In-Reply-To: <56f1e6ae0c5e30cb5745eed0af9efe39.squirrel@webmail.xs4all.nl> User-Agent: Mutt/1.5.23 (2014-03-12) --gHypzss5dW8YUwgb Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Oct 28 13:50, Houder wrote: > Hi Corinna, >=20 > As adviced by you, I replaced the "cygwin package" with the test > version (1.7.33) on my "Cygwin-32" ... >=20 > Let us assume, I am NOT interested in "Windows domains" etc. and that > I would like to keep my "own" mapping between SIDs and uids/gids ... > it appears to me, that both mkpasswd and mkgroup are no longer of any > help to me, as both appear to apply "some fixed (automatic) mapping" > between SIDs and uids/gids ... Right? Not quite. Did you read the preliminary documentation? You don't have to use mkpasswd or mkgroup at all, and you don't need the /etc/passwd and /etc/group files. The new feature is NOT only for AD machines, it works for local machines as well, and even if your files were small, you might still see a performance gain. Please give https://cygwin.com/preliminary-ug/ntsec.html a try. I really hope it's worht to read it because it explains the feature thoroughly. Other than that, yes, you can still create your own mappings by utilizing the passwd and group files. > Initially I left the passwd, group and nsswitch.conf untouched ... (as > noted, I am NOT connected to a domain, and I have never been troubled > by the slowness as result of the passwd/group files - small files). >=20 > As the output of mkpasswd (and perhaps the "whole" changover in > 1.7.33) left me with a question (questions?), I subsequently removed > the aformentioned files ... >=20 > Questions: >=20 > - why does 'mkpasswd -l Seven -u Henri' report differently from > 'mkpasswd -l -u Henri'? > - uid: 4244636648 vs 197608 ... The underlying algorithm treats the machine name given as parameter to -l or -L as a foreign machine in the network and tries to contact it. As a foreign machine, the created uid and gid values are different from the ones for the local machine. Don't use -l Seven, just use -l for the local machine. > - why does MACHINE show up as a prefix to LOCAL USER in 'mkpasswd -L > Seven -u Henri', but NOT > in 'mkpasswd -L -u Henri'? The -L option is only meant to be used for foreign machines. The prefixing of the local machine is bound to the underlying mechanism used in Cygwin per the docs. On second thought, a -L without machine name should have been refused by mkpasswd. > - name: Seven+Henri vs Henri ... > - manual says: -L, generate username WITH machine prefix ... >=20 > Just trying to make sense of it all ... Yeah, I freely admit that the usage of mkpasswd/mkgroup isn't quite as evident anymore. The idea is that the underlying "db" mechanism fixes the rules. I'm really not sure yet if and how mkpasswd/mkgroup needs more change, that's what this testing phase is supposed to show. Keep in mind that the new account handling is just as new for me as it is for you :) Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --gHypzss5dW8YUwgb Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUT6tvAAoJEPU2Bp2uRE+gyMEP/050lEkLujWf2eq6o8vAeQUP Apf6oiLhADTTlLFPWZieF2UaFkJiOhzlj0GOOg8GKk0fjvYTo+xaXSJaBHg4lxhu H1Igzg8BMUmXFA7Jk2uHdHN1PzUBn+mj+ZROHudXlvla1+X925rBq0LOE8aJJ4Xj ovX3x7iRjZEr5q57qD5DlnUWcYX26fQr6p/z33yyXBdTunNhGUxNrD+/ddLIzobj +yawqIoba0vCx0YD/eCcR7Yuo+emtp+bdxXtMmvaPvDq0n2YfOQ9dq3IzMSafDho McBEevcSPzO1aAmcGgPZ8o//bfitjcJFn787uj9LdmluzACPMl2mP9ObyZFerl8B WIXIQdpf+Yffm2IWs6KoJl8bUEaE8GL5+G/HHacw9q62g4zM4nIEk7rjcckBShd6 RBtqTU1/nzikzyDcL1zBsBGlvZ6xCoyPVYr9jGZVlDd90LNO3KIqIlv1vyqGrNj6 cfNiRMdyPGUkf7h+ZVhirTun6Bj5uRSIES9FpgsEhqPBXvizVi4cs5SKUWyJbrRX 1AqvY6anwE6QMffemmx3y/sgAd3l2p43xKVl9FkBMrC0j6emejX9SJE1BwUjctEr 5LmPl6p8A+Wcl7iJtlbB04D13fDHHvvPNf2dLzqVomOTrnvyd9sM8jQ2/qNrYdnd 9ViBz9ySVhzAv2vPhw8A =itk5 -----END PGP SIGNATURE----- --gHypzss5dW8YUwgb--