X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=FTdpRM2v/CmRQdDABjZ+ZMBy59P+dKshCo1sMHHtGeAZ7IK8FH4wv Jw70iapgP7dadImRZTAaIWtXIij3v3f5xqBMX2fdlzK1efKvjHJaRx6oiXM33xkx 7+X+8SXBmgXpHELd/2kq3NrMkYT9o2nEGMuPP4fWzywuIDFKEYwiQ8= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=zIYuU8aV3jZIFOGmVulE+FEv4lU=; b=qqeC1BYuWnmQTXlWsnCK2eVtOXoy 4QeIi9HbqQsB+BrxnsU6TQKHqGj5UpX9gEjyGOorqru6nvztK5wjzv/baUkUOxiK lbF1rPhkuMGcdXwgSjSES5o7YQiLFC54E7DKPWZwJNOdIt6dR6mU33yPXRC/Zdgi x4jlHI9SnvJaIsk= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-4.1 required=5.0 tests=AWL,BAYES_50,KAM_LAZY_DOMAIN_SECURITY autolearn=no version=3.3.2 X-HELO: calimero.vinschen.de Date: Thu, 23 Apr 2015 10:04:45 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: File owner set to Unknown+User on cygwin 1.7.35 via samba 3.6.6 on debian Message-ID: <20150423080445.GE3657@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <1883631812 DOT 201190 DOT 1429592754813 DOT JavaMail DOT zimbra AT ceos DOT com DOT au> <20150421085053 DOT GW3657 AT calimero DOT vinschen DOT de> <1277097406 DOT 207429 DOT 1429664315268 DOT JavaMail DOT zimbra AT ceos DOT com DOT au> <20150422084333 DOT GA3657 AT calimero DOT vinschen DOT de> <1756410182 DOT 228840 DOT 1429755696338 DOT JavaMail DOT zimbra AT ceos DOT com DOT au> <55386C07 DOT 7050400 AT gmail DOT com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="DLfA7Wi+Vmsdqq5j" Content-Disposition: inline In-Reply-To: <55386C07.7050400@gmail.com> User-Agent: Mutt/1.5.23 (2014-03-12) --DLfA7Wi+Vmsdqq5j Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Apr 22 20:50, random user wrote: > >> On 4/22/2015 7:21 PM, John Orr wrote: ... >=20 > Would I be right in guessing that your samba server is doing > authentication using a /etc/samba/smbpasswd file? >=20 > If that is the case, the output you show matches my experience. Files > with owner matching the logged in user in such a case one end up with > an owner SID like the >=20 > S-1-5-21-2908258922-1501660359-1356206134-1000 >=20 > seen in your output, as if it is a local user defined only by the > samba server itself. (It seems tied to neither my Unix userid nor my > Windows Domain SID, it just seems as if the samba server pretends to > be a local Windows OS with its own set of users.) >=20 > For users and groups not defined in smbpasswd (or maybe it's for all > except for file owner matching the logged in user), the SIDs do show > up in the S-1-5-22- Unix_User+/Unix_Group+ form. >=20 > I'll leave it at that; hopefully more capable hands can help you > choose how to then deal with these SIDs. That's a very good point and sounds like a very likely cause for this problem. The fact that the GUI shows "JOHNWL\john" seems like a very good hint. Here's the problem: Cygwin's automatism can't resolve this SID, and the methods implemented in the account handling can't help with that. The reason is this: When you ask the Windows GUI for the ACL of a file, it knows whom to ask for the SIDs. It's either a SID it knows anyway (builtin, SAM, AD), or it asks the underlying server of the share. However, the account handling in Cygwin is decoupled from the code fetching file ACLs. It ony generically cares for passwd and group entries, and it only knows to ask SAM or AD for the SID. It has no connection to the server serving the share. This *might* be possible, but code for that just isn't there. What you can do to workaround this problem is either to change Samba so as not to return the above SID for the user with UID 1000, but the default SID S-1-22-1-1000. Or, in Cygwin, you just keep a passwd file with two entries around. These entries should be equivalent to the output of `getent passwd $USER', so just copy/paste it twice. Then tweak the SID of the second entry to match the above SID. The end result should be: john:*:197608:197121:U-JOHNDESKTOP\john,S-1-5-21-775725812-2182925691-340= 2384268-1000:/home/john:/bin/bash john:*:197608:197121:U-JOHNWL\john,S-1-5-21-2908258922-1501660359-1356206= 134-1000:/home/john:/bin/bash Then set /etc/nsswitch.conf to "passwd: files db" and restart your Cygwin processes. That should help. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --DLfA7Wi+Vmsdqq5j Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJVOKedAAoJEPU2Bp2uRE+gyOMP/17BTPlUEaQaB3HcnMQsQe8L /pUklgr/ltVMlqVLu/oQYn2OndA/JhZR7teamdVNaLdm/PgtqAN20Cwdb9CsoJZU Zn8p8NoJr8lwBRPnTueFYwaX8ggJJ5D708msNw50OKvtBwiW8ZQtJcuJVnlxjY7u 9AQru399rsURUykVLSYtbsuhI1C4DV7gQiZOPZXtP4UjuPa5SiwBBrKy6J/TK/UT homM2KJot0gOvQUdUgqaG5hASzH+J2L81MUPvB/Wa5ItptW7Woz09CflIHUV4FSv u00PyRDRjaLe3KX6/0IpltRXdlgX0744UQz+AmxgOzYrlOwxCKmKjPZJLS9LTIVk HLHyZiD9dtFR31JM+eU4YLS6YXTsZI0TLZgzd6rwRTAtqV0wKG7epvVFAm/tu28x 7x30lzhYStdOPiuZQnW1vRhTqgkcFnsxHCh3cl8Vu6GeUj62j7SGkbnaROO2ruXX hZAYF0su/h5Wp5wZVxqwJLU8JmChTIoK86xYVcZhle/aL608cohdU27+/ANsE7Fe R++jiuwrvjexBW1GKK64wBoFlBeNzsnoJnb8MsSywgVzm7h4X4uXLUVi8SargMO+ 1Ipf/vAPwM4250kmjig3+qEOusx1B/5SdNCRid4buGYZGVcrhGF4bGWtibTam/6s 0h7f965Hp/Ax0R83ZkFT =LXxP -----END PGP SIGNATURE----- --DLfA7Wi+Vmsdqq5j--