X-Recipient: archive-cygwin@delorie.com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:references:from:message-id:date :mime-version:in-reply-to:content-type :content-transfer-encoding; q=dns; s=default; b=ynhGWXBrhSE/rX3u 3bX769TMhrQA2oGM3H1pYU7aQTLaJ+mD9NuGPEunIURzOaMDjnAEfpKek6zei6ai GGQdULSysNX27QBpfV2f1UPP5b0IUnenL3Pw+lNrxiZuia/6VXvUl+C2VjJS6KMc ehPkvbvReA9UAFt1mS7D6ky0qbk= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:to:references:from:message-id:date :mime-version:in-reply-to:content-type :content-transfer-encoding; s=default; bh=GuCSW/1/wbtiomn8E65WFa 4oK5g=; b=vsL6gh5c1cXZzEjdC58tRZTqB3wQ/PxmtYaDphA/4Bhd5G0Cibk8D+ 7CuR5VjtkYTsteJh39JwJCQLQlilOHZPpaoNvnTmVycIJrYhydJsZgT4lQRX/L9g um7eI0CSccQnDY6XVHHnz0TWGcwiM/tvDva5Mw4DRKtf/J8XhbxTI= Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Delivered-To: mailing list cygwin@cygwin.com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2 spammy=sid, expires, Password, shares X-HELO: homiemail-a56.g.dreamhost.com Subject: Re: Accessing SMB share as wrong user? To: cygwin@cygwin.com References: <7f4eb950-de06-2981-c9b4-fd345c11ffb3@dd-b.net> <705418614.20170529225346@yandex.ru> From: David Dyer-Bennet Message-ID: Date: Mon, 29 May 2017 16:30:41 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1 MIME-Version: 1.0 In-Reply-To: <705418614.20170529225346@yandex.ru> Content-Type: text/plain; charset=utf-8 X-IsSubscribed: yes Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id v4TLV39m021920 On 5/29/2017 14:53, Andrey Repin wrote: > Greetings, David Dyer-Bennet! > >> And then of course I can't access it: >> $ echo things >> foobar >> -bash: foobar: Permission denied > > See Cygwin manual about setting up your network identity. > Read around nsswitch.conf and implications of its different settings. Okay, the detailed info on account mapping and nsswitch.conf looked like it ought to address this situation, but it doesn't actually seem to change anything. But the documentation is *exceedingly* unclear, the examples incomplete, and there's no info on easy ways to check if it's working or not, so I may be wrong. I have deleted /etc/passwd. /etc/nsswitch is the default (all comments), meaning it should be doing the default thing (in particular it should behave as if "passwd: files db" and "group: files db" were present; those are the defaults). Using the Windows Computer Management utility I was able to add Cygwin SAM comment entries to my Windows user account giving the proper Unix UID for my account on the server, and the group. And I can see that data come back from the Windows cmd.com using net user "David Dyer-Bennet": C:\Windows\System32>net user "David Dyer-Bennet" User name David Dyer-Bennet Full Name Comment User's comment Country/region code 000 (System Default) Account active Yes Account expires Never Password last set 7/11/2015 20:29:50 Password expires Never Password changeable 7/11/2015 20:29:50 Password required No User may change password Yes Workstations allowed All Logon script User profile Home directory Last logon 5/29/2017 16:06:34 Logon hours allowed All Local Group Memberships *Administrators *Ssh Users Global Group memberships *None The command completed successfully. So, I *think* I've got it set the way the documentation says (as I said, I'm running a Samba server, but no AD or LDAP; that case is specifically addressed in the documentation you point me to, and I think I've followed that part of the instructions). (The text in the doc isn't really clear on what number I put in the unix="nnn" bit in the Cygwin comment, but the examples show a simple small integer in the range commonly used for actual Unix UIDs, and that makes sense, so I think I'm doing the right thing there.) Oh, and 1001 is the correct UID for me on the SAMBA server, I double-checked that. What with one thing and another I even ended up rebooting the Windows box after setting all that up (not, I believe, necessary; just starting a new Cygwin process tree should I think be adequate for these changes, but I *did* in fact reboot the whole box). And, after reboot, my user id in Cygwin is still based on my Windows SID (the last tuple), and my access to the files on the server behaves exactly as before. "This used to work," as they say. I've used Samba to export files from Linux, Solaris (the built-in CIFS there actually, not SAMBA), and FreeBSD servers, and accessed them from Windows and from Cygwin for more than a decade. Started being weird in the last year or two I think, taken me this long to track it down in this much detail (I was figuring the trouble was on the other end for a long time, but I've basically eliminated that). And the presence of this stuff in the documentation indicates that there *is* something I need to do in Windows to make this work. Is anybody actually using this exact mode, SAMBA but no domain controller, to a windows box, then accessing those shares via Cygwin? How are you doing it? Any suggestions on gathering more relevant information? -- David Dyer-Bennet http://dd-b.net/ -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple