Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-developers-owner AT cygwin DOT com Delivered-To: mailing list cygwin-developers AT cygwin DOT com Date: Tue, 22 Oct 2002 15:12:17 -0400 From: Christopher Faylor To: cygwin-developers AT cygwin DOT com Subject: Re: Avoiding /etc/passwd and /etc/group scans Message-ID: <20021022191217.GD4828@redhat.com> Reply-To: cygwin-developers AT cygwin DOT com Mail-Followup-To: cygwin-developers AT cygwin DOT com References: <3DB416E7 DOT 99E22851 AT ieee DOT org> <20021021162246 DOT GC15828 AT redhat DOT com> <20021022162432 DOT GF514 AT redhat DOT com> <3DB58CBD DOT 87B2BDD8 AT ieee DOT org> <20021022181947 DOT GA4729 AT redhat DOT com> <3DB5A076 DOT ABAFF076 AT ieee DOT org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3DB5A076.ABAFF076@ieee.org> User-Agent: Mutt/1.5.1i On Tue, Oct 22, 2002 at 03:01:10PM -0400, Pierre A. Humblet wrote: >Christopher Faylor wrote: >> >> I'll provide you with ssh access to sources.redhat.com if you want to >> accumulate your patches on a branch and maybe even offer your own >> "snapshots". > >OK. So this branch would have the evolving ntsec stuff, but will be >populated with stable fork/mmap/tty/etc.. code. Right. "stable" fork/mmap/tty/etc. You'd have to be constantly merging from the trunk. >> I really didn't anticipate the level of difficulties that are showing up >> in the cygwin mailing list wrt ntsec, so I'd like to get them solved. >> I'm thinking that if we can get some stuff tested before Corinna returns >> then maybe it will make her job a little easier. > >Right, I am sure she will have enough things to do. To really test it >we need to have people use it. Thus I like the idea of having it in >snapshots. Another idea is to isolate all of your changes using ifdefs and I can just turn on the ifdef in the normal snapshot process. Then you wouldn't have to maintain a separate branch. >> Barring that, if you could offer some assurance, on the cygwin mailing >> list, that you're looking into the bugs, that would be helpful. Then, >> at least, people will realize that their complaints aren't falling on >> deaf ears. > >OK. But whatever changes I make can only mask the underlying problem >with the incorrect passwd file. Right. >I am not sure where the incomplete passwd files are coming from. >Old users may have files without sids. Right. I expressed some amazement about this myself in cygwin at cygwin and was chided for it. I didn't expect that there would be *that* many people with passwd files lacking sids out there. >I just looked at passwd-grp.sh.done (July 28) on my system and noticed >that the -l switch is not given to mkpasswd/group for domain users. So >they may have problems when they login as a local user. Similarly >software installed as a local user won't work if the user logs in later >as a domain user. > >Is there any harm in always giving the -l and -d switches? In other >words, what happens with -d on a standalone machine? That won't solve >everything but it is simple and better than what is in my >passwd-grp.sh.done Will it potentially cause a delay if we use the -d switch? The same person who chided me was indicating that setup.exe was somehow creating files that were incorrect or that cygwin was unable to execute files with .exe extensions. I don't really understand what's going on. Does it make sense that someone would have to properly generate /etc/passwd and also turn off ntsec in order for things to work again?