X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Date: Thu, 9 Oct 2008 13:05:36 +0200
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: invalid login gid in /etc/passwd does not show group name as 	'mkgroup'
Message-ID: <20081009110536.GT9289@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <0MKqpg-1KnHDP448X-0001py AT mx DOT kundenserver DOT de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <0MKqpg-1KnHDP448X-0001py@mx.kundenserver.de>
User-Agent: Mutt/1.5.16 (2007-06-09)
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On Oct  7 11:22, Herb Maeder wrote:
> The "Special values of user and group ids" section of the Cygwin User's 
> Guide (http://cygwin.com/1.7/cygwin-ug-net.html#ntsec-ids) states:
> 
>    Also, since Cygwin release 1.3.20, if the current user is present in 
>    /etc/passwd, but that user's login group is not present in /etc/group,
>    the group name will be shown as 'mkgroup', again indicating the 
>    appropriate command.
> 
> I don't see that this holds true, at least for the case of a Domain User.
> In fact, I see that an invalid login group id will be shown as a group
> name of 'Domain Users' even though there is no such gid listed in
> /etc/group. This can be confusing since things appear to work normally on
> the surface, but some commands may fail in some not-so-obvious ways as a
> result of the invalid login gid.
> 
> I noticed this under cygwin-1.7, but I believe the same holds under
> cygwin-1.5. 

Right.

> This is my passwd entry, 'id' output, and group id from a file created by
> me:
> 
>   % grep herb /etc/passswd
>   herb:unused:11647:10513:U-ZZZ\herb,S-1-5-21-1936786716-3317986166-2952453263-1647:/c/home/herb:/bin/bash
> 
>   % grep :10513: /etc/group
>   Domain Users:S-1-5-21-1936786716-3317986166-2952453263-513:10513:
> 
>   % id
>   uid=11647(herb) gid=10513(Domain Users) groups=545(Users),10513(Domain Users)
> 
>   % touch foobar
>   % ls -ln foobar
>   -rw-r--r-- 1 11647 10513 0 Oct  7 10:27 foobar
> 
> If I change the uid from 10513 to 898 (not in /etc/group), then fire up a
> new window+shell, I see this:
> 
>   % grep herb /etc/passwd
>   herb:unused:11647:898:U-ZZZ\herb,S-1-5-21-1936786716-3317986166-2952453263-1647:/c/home/herb:/bin/bash
> 
>   % grep :898: /etc/group
> 
>   % id
>   uid=11647(herb) gid=898(Domain Users) groups=545(Users),10513(Domain Users),898(Domain Users)
> 
>   % ls -ln foobar
>   -rw-r--r-- 1 11647 898 0 Oct  7 10:27 foobar
> 
> Note that the "id" displays the gid as 'Domain Users', and the gid of file
> foobar is listed as 898 even though it was originally created with gid
> 10513.
> 
> I'm not sure if this is specific to Domain Users or not.  Also I don't
> know if there is some valid reason for this behavior.

It's not specific to "Domain Users" and there's no *valid* reason for
this.  The whole idea (which is a couple of years old, from 2002
actually) is that Cygwin tries to have valid passwd and group entries in
memory for *at least* the current user.  So, the situation from Cygwin's
point of view develops along these lines:

  First, Cygwin checks the user token and finds the user's primary
  group SID.

  Next it checks /etc/passwd and finds that the pgid is 898.

  There's no /etc/group entry for the primary gid of the current user?
  Ok, let's create one so that this gid makes sense.

  Grab the SID.  Check if there's a group entry corresponding to that
  SID.  Gotcha.  It's the entry with gid 10513 (which is ignored) and
  the name "Domain Users".

  Ok, so let's add a group entry in memory like this:

    Domain Users:S-1-5-21-1936786716-3317986166-2952453263-513:898:

  Bingo.  We now have two entries for Domain Users, one with gid 898
  and one with 10513.

It's well meant since you now see the real name of your primary group.
And, in theory, nothing bad should happen since the underlying SID is
correct.  But the outcome is somewhat puzzeling, whatever Cygwin does.
For instance, the gid of a file depends on the numbers.  If the pgid is
smaller than the real gid, files are owned by the faked pgid and vice
versa.  Either way, id will show you two group entries which have the
same meaning, even if the names would differ (Domain User/mkgroup).

I'm not sure how to fix that issue right now.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/