Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT sourceware DOT cygnus DOT com Delivered-To: mailing list cygwin AT sourceware DOT cygnus DOT com Message-ID: From: "Tolkin, Steve" To: cygwin AT sourceware DOT cygnus DOT com Subject: NT security and cygwin Date: Thu, 1 Jun 2000 11:11:52 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" What prompted this was discovering that I could not delete files from /temp and also that rcs ci was failing (see next email). The answer to this first problem was that I needed to chmod +w /temp first. But I do not understand how cygwin interacts with NT security. I found some discussion of NT security in the mail archives at www.delorie.com/archives/browse.cgi specifically the item 3913FB8B DOT 77A8647 AT vinschen DOT de "NT security and the ntsec usage" Is this on the web anywhere? Is it not available from www.vinschen.de It is only "Chapter 2. Setting up Cygwin". But is the rest of the Cygwin User;s guide avaiable somewhere? Q0. The /temp directory was created a long time ago. When I first looked using ls -ld it had permissions dr-xr-xr-x Is this standard for directories created in DOS? What other directories might not be writable, that I should change now? Q1. In NT I am am member of a domain and my USERNAME is SY71046. Why isn't that used in cygwin? I ran mkpasswd -d and saw 900 users in my domain -- but not me! Is this part of the problem? Q2. Why does id report administrator with a lowercase a but passwd has one with an upper case A? 504~> id uid=500(administrator) gid=544(Administrators) groups=544(Administrators) Q3. I'd rather than new files be created by my id than administartor. How can I achieve that? 527/etc> touch foo 528/etc> ls -l foo -rw-rw-rw- 1 administ Administ 0 Jun 1 11:05 foo Here is my /etc/passwd, slightly sanitized Everyone:*:0:0:,S-1-1-0:: SYSTEM:*:18:18:,S-1-5-18:: Administrator::500:544:,S-1-5-....-500::/bin/sh Guest::501:513:,S-1-5-21-....-501::/bin/sh stolkin::1000:544:Steven Tolkin,S-1-5-21-...-1000::/bin/sh VUSR_BOSA454958::1001:513:VSA Server Account,S-1-5-21-....-1001::/bin/sh Note that I changed the group number for administrator, and for stolkin. They were originally emited by mkpasswd -l as value 513, meaning none. Here is my /etc/group: Everyone:S-1-1-0:0: SYSTEM:S-1-5-18:18: None:S-1-5-21-...-513:513: Administrators:S-1-5-32-544:544: Backup Operators:S-1-5-32-551:551: Guests:S-1-5-32-546:546: Power Users:S-1-5-32-547:547: Replicator:S-1-5-32-552:552: Users:S-1-5-32-545:545: Thanks, Steve -- Steven Tolkin steve DOT tolkin AT fmr DOT com 617-563-0516 Fidelity Investments 82 Devonshire St. R24D Boston MA 02109 There is nothing so practical as a good theory. Comments are by me, not Fidelity Investments, its subsidiaries or affiliates. -- Want to unsubscribe from this list? Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com