X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; q=dns; s=
	default; b=lyvXJhWphIMddADGWXFWn7CwSgbxIqcqfQkZP1hM2MbRUzZ9ehPoV
	E3FguG7VhQ6FEsVPn04kHg+E3SY9h6U68e0l7MaoGsCwt92/FkCvQO5ja92pbSFC
	ArNCvsT4gV+N0uDNArmkWLD+Bu8Li9IAdOzvxrs+seVRSuBEf6Ohz8=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; s=default;
	 bh=tDS/JbxeSX11L2oEXROKuPpChr4=; b=BSdzLYkKo7bt2jpS+qNs4QbN+6eG
	9Qrx2QgRreBRpJHmYC+2vN8OJ2BJIkIPyMEyf+cf17Yc34CEFa8e49SQ5PjxHItp
	P1C6yk1Cy5jVoCVKDIjRWXHib96Qx6drcDO7AYbmCRVZ4pUkVhvFMvFvx0Cuxpfd
	Zuj73rls5Z9khzY=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2
X-HELO: calimero.vinschen.de
Date: Fri, 11 Apr 2014 14:19:48 +0200
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: Still testing needed: New passwd/group AD/SAM integration
Message-ID: <20140411121948.GC23281@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <20140410145323 DOT GB2437 AT calimero DOT vinschen DOT de> <5346B667 DOT 3040704 AT breisch DOT org> <20140410152809 DOT GD2437 AT calimero DOT vinschen DOT de> <5346E55D DOT 6020405 AT etr-usa DOT com> <20140410190424 DOT GK2437 AT calimero DOT vinschen DOT de> <5346FCF9 DOT 5000908 AT redhat DOT com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;	protocol="application/pgp-signature"; boundary="DIOMP1UsTsWJauNi"
Content-Disposition: inline
In-Reply-To: <5346FCF9.5000908@redhat.com>
User-Agent: Mutt/1.5.21 (2010-09-15)

--DIOMP1UsTsWJauNi
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Apr 10 14:20, Eric Blake wrote:
> On 04/10/2014 01:04 PM, Corinna Vinschen wrote:
> > A local cygwin user told me that the users in their company would
> > probably be confused by the '+ or, FWIW, any other non-backslash char,
> > because they were drilled to see and use usernames always in domain\name
> > form, or even in domain\\user form when logging in to Linux.
> >=20
> > I like slashes a lot more for obvious reasons.  But maybe, and that
> > wouldn't be too hard to implement, we could accept account names with
> > slash and with backslash, just as we do with pathnames.  Output of
> > usernames would be with slashes, of course.
>=20
> POSIX says:
> [...]
> In short, in POSIX systems, user names are solely from the set
> [-_.a-zA-Z0-9]; which excludes +, \, or any other separator we come up
> with.  I'm fine with using a non-portable character (this is, after all,
> a cygwin extension of how to map Windows user names to a Linux emulation
> environment).  But keeping in mind the rules on tilde expansion,
>=20
> ~a+b/file
>=20
> can undergo tilde expansion for username 'a+b', but
>=20
> ~a\\b/file
>=20
> cannot do so, because the \ is necessarily always quoted.  There is no
> way to get tilde expansion to work for a username containing a shell
> metacharacter, which frowns on quite a few otherwise useful characters,
> including \.
>=20
> Worse, the thought of using / as the separator gives me the willies - it
> is BOUND to go wrong.  The expression
>=20
> ~a/b/file
>=20
> is NOT requesting 'file' within user 'a/b's home, but 'b/file' within
> user 'a's home.

This is a really good point.  This effectively eliminates slash from
the picture and the backslash reduces usability a lot, it seems.

So we might actually be better off by sticking to a configurable
separator char and default '+'?

What bugs me a bit is what this means for applications which expect
fixed usernames.  Sshd, for instance, expects the fixed username
"sshd" right now when using privilege separation.  I discussed this
with the OpenSSH devs, and they understand the problem, but they think
this should be handled by a Cygwin-specific function.  So there's some
extra work in it for me to get OpenSSH up to speed with this change,
but I fear I'm not the only one.  The more configurable stuff like this
is, the more complicated it gets maintaining some packages.


Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--DIOMP1UsTsWJauNi
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTR93kAAoJEPU2Bp2uRE+gGuUP/3z2TQlwgZBB2ror4vXgn4zp
RaSr4A+BffE4uFvcArcwlfqlyhqShpzKRMKZappDcS8ewGr6Q009fzNRxko/Ps4h
zfnwtiHIZd4g/9U7ZGe+smW5WqOAlgPfEjmSe6gxqwX3LkYDoSR9JpMKmBcbfn02
Oz06VnCqPuZxD8btY/q9yNC4MZve6mmd+oXZaubxVMwOzKAU4ftyhb8NxMSfpW1T
izxOzg5loXo1KkKu/2r+SpAv2GVNNBKGhW2j5inq7hCpWGMIJUj7mqWwhpR1WJw7
9l/Uv6zdF75TWOUnrYR+g+vmCUViJNknHHHQDnMu2U7W7NdX5gegDrL2+l9wIACR
I9HI00mFIEN2zeIVOV1UoxoiVhZtLnp5gDPI6fWdjbVtr1jXitCy9c30Bts8m6Oq
kRIvuRXbxWZEH9bBm04wLQgJnQ77sORa0AAtSHDU8SryMUA1pcFETViKYN12lB1y
ejhOxuxFFvnEYletlh6gACAXJdYKzvo+Hvw1uh2ut/4tjEjGphQuOYds4ZgTgvWZ
ws3GHTm5NeDglW5JAqBYz9QfohDm3Yt7GEnlCbsX6xT6LYpYTwWoPoPssxP2oEtx
ysKwxLYX+NIbAhP6v+8Yq9oWllD99ZphKSUF5hdQ9jfKLcIvI5AI+IUenB+Q4nFv
BJz0w8XvLrmrltjxUCLq
=EpVi
-----END PGP SIGNATURE-----

--DIOMP1UsTsWJauNi--