Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT cygwin DOT com>
List-Help: <mailto:cygwin-developers-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT cygwin DOT com
Delivered-To: mailing list cygwin-developers AT cygwin DOT com
Date: Tue, 22 Oct 2002 15:12:17 -0400
From: Christopher Faylor <cgf AT redhat DOT com>
To: cygwin-developers AT cygwin DOT com
Subject: Re: Avoiding /etc/passwd and /etc/group scans
Message-ID: <20021022191217.GD4828@redhat.com>
Reply-To: cygwin-developers AT cygwin DOT com
Mail-Followup-To: cygwin-developers AT cygwin DOT com
References: <3DB416E7 DOT 99E22851 AT ieee DOT org> <20021021162246 DOT GC15828 AT redhat DOT com> <20021022162432 DOT GF514 AT redhat DOT com> <3DB58CBD DOT 87B2BDD8 AT ieee DOT org> <20021022181947 DOT GA4729 AT redhat DOT com> <3DB5A076 DOT ABAFF076 AT ieee DOT org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <3DB5A076.ABAFF076@ieee.org>
User-Agent: Mutt/1.5.1i

On Tue, Oct 22, 2002 at 03:01:10PM -0400, Pierre A. Humblet wrote:
>Christopher Faylor wrote:
>>
>> I'll provide you with ssh access to sources.redhat.com if you want to
>> accumulate your patches on a branch and maybe even offer your own
>> "snapshots".
>
>OK. So this branch would have the evolving ntsec stuff, but will be 
>populated with stable fork/mmap/tty/etc.. code.

Right.  "stable" fork/mmap/tty/etc.  You'd have to be constantly merging
from the trunk.
 
>> I really didn't anticipate the level of difficulties that are showing up
>> in the cygwin mailing list wrt ntsec, so I'd like to get them solved.
>> I'm thinking that if we can get some stuff tested before Corinna returns
>> then maybe it will make her job a little easier.
>
>Right, I am sure she will have enough things to do. To really test it 
>we need to have people use it. Thus I like the idea of having it in
>snapshots.

Another idea is to isolate all of your changes using ifdefs and I can
just turn on the ifdef in the normal snapshot process.  Then you wouldn't
have to maintain a separate branch.

>> Barring that, if you could offer some assurance, on the cygwin mailing
>> list, that you're looking into the bugs, that would be helpful.  Then,
>> at least, people will realize that their complaints aren't falling on
>> deaf ears.
>
>OK. But whatever changes I make can only mask the underlying problem 
>with the incorrect passwd file. 

Right.

>I am not sure where the incomplete passwd files are coming from. 
>Old users may have files without sids. 

Right.  I expressed some amazement about this myself in cygwin at cygwin
and was chided for it.  I didn't expect that there would be *that* many
people with passwd files lacking sids out there.

>I just looked at passwd-grp.sh.done (July 28) on my system and noticed
>that the -l switch is not given to mkpasswd/group for domain users.  So
>they may have problems when they login as a local user.  Similarly
>software installed as a local user won't work if the user logs in later
>as a domain user.
>
>Is there any harm in always giving the -l and -d switches?  In other
>words, what happens with -d on a standalone machine?  That won't solve
>everything but it is simple and better than what is in my
>passwd-grp.sh.done

Will it potentially cause a delay if we use the -d switch?

The same person who chided me was indicating that setup.exe was somehow
creating files that were incorrect or that cygwin was unable to execute
files with .exe extensions.  I don't really understand what's going on.

Does it make sense that someone would have to properly generate
/etc/passwd and also turn off ntsec in order for things to work again?