X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:reply-to:subject:to:references:from:message-id :date:mime-version:in-reply-to:content-type :content-transfer-encoding; q=dns; s=default; b=r+Y0md6oRgaOjYJ+ q9V8Ewk457oGDaIYpdZKN2guHck5a2KL/FMiUtEiF6+Yx9AFLMWh7DbMzDHQEF9l 3dRNZUJgdcm2+tF6qkCJ3xA8WToOWdqwhe20WtJdylww05bTRBAOtjVeOjx8GQSM 38w/IHSCNYoKytBwycJEROlEDjs= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:reply-to:subject:to:references:from:message-id :date:mime-version:in-reply-to:content-type :content-transfer-encoding; s=default; bh=B5Qh1rooj1TedDQEyGp34N JRWM4=; b=pB8J9d8x80w/whYYTODpfXIIO8FIvI0jTCebXQudSQ6256Ioggzn6f NLXKR66unpmeJzjNqxVwTMovGy9EYHJLBtrwvh/YSJIYSc0/4WMiCSh/zcBiUEd6 T7Ek0PaOMC4xqTXTUsYfWxCzQWAOBgd2o0QIO/jXzU0klBYkP26c4= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-2.9 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 spammy=Fully, Kingdom, ten, Country X-HELO: smtp-out-so.shaw.ca Reply-To: Brian DOT Inglis AT SystematicSw DOT ab DOT ca Subject: Re: getent doesn't work properly To: cygwin AT cygwin DOT com References: <20191018105229 DOT GE16240 AT calimero DOT vinschen DOT de> <20191023114234 DOT GZ16240 AT calimero DOT vinschen DOT de> From: Brian Inglis Openpgp: preference=signencrypt Message-ID: <8dc989b7-d1ca-fe78-75f7-1c241c18320d@SystematicSw.ab.ca> Date: Wed, 23 Oct 2019 07:28:41 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.0 MIME-Version: 1.0 In-Reply-To: <20191023114234.GZ16240@calimero.vinschen.de> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-IsSubscribed: yes On 2019-10-23 05:42, Corinna Vinschen wrote: > On Oct 23 11:17, Maayan Apelboim wrote: >>> Is "UK" the name of the local machine or the name of your domain? >>> How does your /etc/nsswitch.conf file look like? >>> Do you still have /etc/passwd and /etc/group files? >>> If so, does removing the files change the above behaviour? >>> If so, can you attach both files verbatim to your reply? >> UK is my domain. >> I'm not using passwd and group files after being advised in the past not to. >> My /etc/nsswitch.conf is default. Didn't make any changes to this file. > Since I can't reproduce this problem, would you mind trying to run getent > under strace? It would be helpful to get 2 strace outputs for the same > account, one working, one failing. Call it like this: > > $ strace -o getent-1.trace getent passwd Is there any difference in internet connectivity between between the problem system and the other systems? Try $ whois uk. to see that UK is the ccTLD (Country Code Top Level Domain) of the United Kingdom. It is also in every app, or on every system, where aspects of DNS usage have to be managed, in the PSL (Public Suffix List - see https://publicsuffix.org/), which lists all ccTLDs, gTLDs (Global Top Level Domain), 2LDs, and higher level DNS suffixes under which domain names appear and may be created or registered, and under those domain names below the higher level DNS suffixes, host names may appear and be used. It is available in a Cygwin package; try: $ cygcheck -p publicsuffix-list-dafsa You can view the source under: https://github.com/publicsuffix/list and from: https://publicsuffix.org/list/public_suffix_list.dat With MS having long ago blurred the lines between Windows and DNS domains, it is likely not a good idea to name a local domain the same as any part of the DNS name space, especially any names in the PSL, without smart DMZ blocking rules. It is possible either: that problem system has external internet access and is looking around the world for users; or unlike your other systems, that problem system does not, and some lookup is failing or restricted. You may need to get someone to run and compare network traces on the failing system and another working system, if a software problem can not be diagnosed. [There was a similar issue about five years ago with Oracle databases, whose software was distributed, documented, and set up by default for years using names like /SERVER/.world, so company database names could look as coolly global as DNS domain names, although real DNS domain names were also supported later. Then gTLD (Global Top Level Domain) WORLD was proposed, and we had to ensure that all Oracle servers were behind blocking DMZs that ensured Oracle databases did not try to leak to the outside *WORLD*. Try $ whois world. ] [I was involved in a company split ten years ago where the original company had embedded the FQDN (Fully Qualified Domain Name) into every host and server name in the company. The last I heard, the new company still had to use the old company domain name for systems internally, rather than just the local host or server name. So *DO NOT* use or embed domain names where you don't need to! MS insistence on always having to specify domain names rather than always implying them is a very bad misfeature when a company changes its name.] -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada This email may be disturbing to some readers as it contains too much technical detail. Reader discretion is advised. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple