This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Testers needed: New passwd/group handling in Cygwin
- From: Achim Gratz <Stromeko at NexGo dot DE>
- To: cygwin at cygwin dot com
- Date: Tue, 11 Mar 2014 15:07:33 +0000 (UTC)
- Subject: Re: Testers needed: New passwd/group handling in Cygwin
- Authentication-results: sourceware.org; auth=none
- References: <87fvn7cb68 dot fsf at Rainer dot invalid> <20140225200414 dot GA4238 at calimero dot vinschen dot de> <loom dot 20140310T181432-804 at post dot gmane dot org> <20140310181339 dot GF28681 at calimero dot vinschen dot de> <87mwgxsyac dot fsf at Rainer dot invalid> <20140310191603 dot GH28681 at calimero dot vinschen dot de> <87iorlsvvn dot fsf at Rainer dot invalid> <loom dot 20140311T081705-682 at post dot gmane dot org> <20140311102007 dot GJ28681 at calimero dot vinschen dot de> <loom dot 20140311T125212-440 at post dot gmane dot org> <20140311130716 dot GB21306 at calimero dot vinschen dot de>
Corinna Vinschen <corinna-cygwin <at> cygwin.com> writes:
> You don't have to move them away. Just set nsswitch.conf.
Did that and using the snapshot DLL from 2014-03-05 on top of a full
snapshot install from 2014-03-10. The ACL is this:
# file: x86
# owner: gratz
# group: Domain Users
user::---
group::---
group:admin-cygwinupload:rwx
group:user-cygwinupload:rwx
mask:rwx
other:---
default:user::---
default:group::---
default:group:admin-cygwinupload:rwx
default:group:user-cygwinupload:rwx
default:mask:rwx
default:other:---
With the original passwd and group file in place and nsswitch.conf set to
either "files" or "files db" the test fails. With just "files" getfacl
doesn't show the group ACL at all, while with "files db" I see the ACL for
both the admin and the user group (both are not in the group file). Setting
to just "db" the ACL is shown as before and the test from Perl now succeeds!
In fact any combination that includes "files" fails. So, after some head
scratching I changed the uid and gid in the passwd and group files to match
the new mapping scheme and lo and behold the test is now working. The
getfacl command starts to show the group ACL when I add them to the group
file (with the correct gid mapping), but the test still fails with "files"
only. With the correct group entries and "files db", the test also works.
So, Perl somehow uses the gid/uid mapping and relies on those to be working,
while bash uses a code path that doesn't and probably just uses the uid/gid
directly. I guess I could make the "files" only case work by adding some
more groups (no time for checking what that might be at the moment), again
changing the mapping (will mkpasswd do this at some point?). Do you still
need traces or does get you a test case that works in your environment?
Regards,
Achim.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple