X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=Mh424iruTx7yrrM+PCTlXbTRkk5XSNCg+5/8A2lhSFOsrl+C6H4xg yGOLHWw6AQFxyqIDpe7OFCgr/WxZA2d6rpp5i8zrFSdbabYEXW0piab8LdQSPNQw w4gooIVRxS/VK5LKLZr28ZqjOldNMzq6qFc5M6AyF7ilMr4ysujZbE= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=gdp3hTrzWwh/EKpPmkIoabvcrR8=; b=HNNWWFGZ9PUU+y5n4bBifig2bMFL tgHN8it2CH/8lrOOsO6MWL/933qHY2CDbPtZ9P2PyEwQofnuDxszrRNl97kHW63B fOBrUUPXpesJDDPE4fiXmFuYJPL7y4kWhhIydqyTjIdA4f7SbejZl3CByNWSLzeq t4znwUvWV8zSbtw= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-4.9 required=5.0 tests=AWL,BAYES_00,UNSUBSCRIBE_BODY autolearn=no version=3.3.2 X-HELO: calimero.vinschen.de Date: Wed, 18 Feb 2015 14:34:54 +0100 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: ssh-host-config script sends /etc/passwd thru awk Message-ID: <20150218133454.GA31759@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <4C148215-468D-469D-8060-B2010DF5E9A9 AT etr-usa DOT com> <20150217230230 DOT GH8493 AT calimero DOT vinschen DOT de> <62DA4A6B-8BA1-4676-B88F-42F6A3707AAD AT etr-usa DOT com> <20150218100809 DOT GK8493 AT calimero DOT vinschen DOT de> <87k2zf1lbc DOT fsf AT Rainer DOT invalid> <20150218130152 DOT GO8493 AT calimero DOT vinschen DOT de> <8761az1hul DOT fsf AT Rainer DOT invalid> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="VS++wcV0S1rZb1Fb" Content-Disposition: inline In-Reply-To: <8761az1hul.fsf@Rainer.invalid> User-Agent: Mutt/1.5.23 (2014-03-12) --VS++wcV0S1rZb1Fb Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Feb 18 14:15, Achim Gratz wrote: > Corinna Vinschen writes: > >> + csih_old_cygwin ; use_file=3D$? > >> if [ ${use_file} -ne 0 -a -f /etc/nsswitch.conf ] > >> then > >> - grep -Eq "^${file}:[^#]*\" /etc/nsswitch.conf || use_file=3D0 > >> + grep -Eq "^${file}:" /etc/nsswitch.conf && > >> + grep -Eq "^${file}:[^#]*\" /etc/nsswitch.conf || > >> + use_file=3D0 > > > > And here, the test for the version is moved into the csih_old_cygwin > > function. So far, so good, but... in how far does this change the > > result of csih_use_file_etc?!? Assuming the expression has a bug, > > wouldn't this still be the case, and the mkpasswd calls in > > csih_create_privileged_user and csih_create_unprivileged_user > > would still write the entry to /etc/passwd? > > > > Can you explain what I'm missing? >=20 > The old test wrote to /etc/{passwd,group} when use_file!=3D1, > /etc/nsswitch.conf existed and did not have a line for either passwd or > group or if that line had no "db" on it. If the line is missing > altogether, then files should still not be used since the default is > "files db", only when the line exists and omits "db". I think=E2=80=A6 Uh, the penny is dropping... in slow motion... Hang on, let me try to rephrase what we need here, without letting myself getting distracted by the code nor your patch. I'm firmly securing my blinders... - If we have an old Cygwin version <=3D 1.7.33 =3D=3D> write to /etc/passwd - Otherwise, if /etc/nsswitch.conf is missing, don't write. - Otherwise, if /etc/nsswitch.conf is missing the "passwd:" entry, the default is "files db", don't write. - Otherwise, if "passwd" contains "db", don't write. - Otherwise, write. Now lets' check the expression: csih_old_cygwin ; use_file=3D$? if [ ${use_file} -ne 0 -a -f /etc/nsswitch.conf ] then grep -Eq "^${file}:" /etc/nsswitch.conf && grep -Eq "^${file}:[^#]*\" /etc/nsswitch.conf || use_file=3D0 Old version? use_file is 0 New version but /etc/nsswitch.conf is missing? use_file =3D 1 /etc/nsswitch.conf does not contain a "passwd" line? use_file =3D 1 /etc/nsswitch.conf contain a "passwd" line but no "db"? use_file =3D 0 otherwise use_file =3D 1 Yup, that looks right. Thanks for explaining. I guess that should help us along. If you check this change in, I will release a new csih version asap. Thank you! Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --VS++wcV0S1rZb1Fb Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJU5JT+AAoJEPU2Bp2uRE+gmu4P/1dVXHeMOoNtNwL5HzABNLT/ 6AYiA9VHVxOTCf+MrjxGquap/tSIaZKFBCx7KS0wSa5ffXj6nznXv4YxpqBromYU q3gkn0DJxhqRl8wA6uv70e4XxQmJwcGh6Nx0KQBz0VU8KzuqGQ2b+JSmlLTj2NpD ZgiPspITJj3dyY7WXhqBqhlOh1eCpvg0dP2J1lv5BQ25hcNRgGQuPvbY8+c8sqUT HZQAxCeMlKQ2sp0zYSa7NgQLibre9AuSZuG0n8vr4bClSYctOf3mpiOi5FrCcwyw IDEAtv7/xawvMdft2spii8LwCGfyey3fGoyMqQpR8fYWGchjqpLLmz3Jn8TE3QKE /SCARTu2YKv+lOSXqpqKyBSAT17f44qwsVM4Qhq1TWnbzH87Y48jrib2z7be8kkj VomIy1Zx9jHflK22R2nHt4lGopY/HKEKXO9sGgsk1mUp9HhN3OE/QKgMjQLdIcZ6 /mC8WrRaNj9ugyHPYh4YpDSFt9/2dElynMcY5+vgfcMKKQ+KRrszTCIg+zzC+Tlv ADrc0ehWBkqF24Gp1EdTGDUNGLPctYlwVrl7PVvfp5k6bfuzLvfN7KeTgk4ag42H rjypoNaFzyqD1f4IK2JViSFi5MCXwD4Dt0bSdW4rWu7FNKllDf1BenUxTskNQ82F n2P+D+yDZYX51IWE1/HR =HKLS -----END PGP SIGNATURE----- --VS++wcV0S1rZb1Fb--