Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT sourceware DOT cygnus DOT com Delivered-To: mailing list cygwin AT sourceware DOT cygnus DOT com Message-ID: From: "Tolkin, Steve" To: "'cygwin'" Subject: RE: NT security and cygwin Date: Thu, 1 Jun 2000 17:46:29 -0400 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="iso-8859-1" Thanks for the reply. I now say export CYGWIN="ntsec ntea tty notitle" in my .bashrc, but this does not seem to change anything. P.S. I am not sure what those other values are for -- I am just a monkey copying things I have read. I am running Cygwin 1.1.0 and I read somewhere that ntsec was supposed to be on by default in that release. Steve > -----Original Message----- > From: Corinna Vinschen [mailto:corinna AT vinschen DOT de] > Sent: Thursday, June 01, 2000 5:09 PM > To: Tolkin, Steve > Cc: cygwin AT sourceware DOT cygnus DOT com > Subject: Re: NT security and cygwin > > > "Tolkin, Steve" wrote: > > > > What prompted this was discovering that I could not delete > files from /temp > > and also that rcs ci was failing (see next email). > > The answer to this first problem was that I needed to chmod > +w /temp first. > > > > But I do not understand how cygwin interacts with NT security. > > > > I found some discussion of NT security in the mail archives at > > www.delorie.com/archives/browse.cgi specifically the item > > 3913FB8B DOT 77A8647 AT vinschen DOT de > > "NT security and the ntsec usage" > > > > Is this on the web anywhere? Is it not available from > > www.vinschen.de > > > > It is only "Chapter 2. Setting up Cygwin". But is the rest > of the Cygwin > > User;s guide avaiable somewhere? > > > > Q0. The /temp directory was created a long time ago. When > I first looked > > using ls -ld it had > > permissions dr-xr-xr-x Is this standard for directories > created in DOS? > > What other directories > > might not be writable, that I should change now? > > > > Q1. In NT I am am member of a domain and my USERNAME is SY71046. > > Why isn't that used in cygwin? > > I ran mkpasswd -d and saw 900 users in my domain -- but not me! > > Is this part of the problem? > > > > Q2. Why does id report administrator with a lowercase a but > passwd has one > > with an upper case A? > > > > 504~> id > > uid=500(administrator) gid=544(Administrators) > groups=544(Administrators) > > > > Q3. I'd rather than new files be created by my id than > administartor. > > How can I achieve that? > > 527/etc> touch foo > > 528/etc> ls -l foo > > -rw-rw-rw- 1 administ Administ 0 Jun 1 11:05 foo > > > > Here is my /etc/passwd, slightly sanitized > > Everyone:*:0:0:,S-1-1-0:: > > SYSTEM:*:18:18:,S-1-5-18:: > > Administrator::500:544:,S-1-5-....-500::/bin/sh > > Guest::501:513:,S-1-5-21-....-501::/bin/sh > > stolkin::1000:544:Steven Tolkin,S-1-5-21-...-1000::/bin/sh > > VUSR_BOSA454958::1001:513:VSA Server > Account,S-1-5-21-....-1001::/bin/sh > > > > Note that I changed the group number for administrator, and > for stolkin. > > They were originally emited by mkpasswd -l as value 513, > meaning none. > > All what you want is possible when adding `ntsec' to the > env.var CYGWIN. The documentation for ntsec is currently > only in the sources but I have posted it as html in > this mailing list a few weeks ago. Search the archive. > > Corinna > > -- > Corinna Vinschen > Cygwin Developer > Cygnus Solutions, a Red Hat company > -- Want to unsubscribe from this list? Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com