Re: File owner set to Unknown+User on cygwin 1.7.35 via samba 3.6.6 on debian

[Corinna Vinschen <corinna-cygwin at cygwin dot com>]

On Apr 22 20:50, random user wrote:
> >> On 4/22/2015 7:21 PM, John Orr wrote: ...
> 
> Would I be right in guessing that your samba server is doing
> authentication using a /etc/samba/smbpasswd file?
> 
> If that is the case, the output you show matches my experience.  Files
> with owner matching the logged in user in such a case one end up with
> an owner SID like the
> 
>   S-1-5-21-2908258922-1501660359-1356206134-1000
> 
> seen in your output, as if it is a local user defined only by the
> samba server itself.  (It seems tied to neither my Unix userid nor my
> Windows Domain SID, it just seems as if the samba server pretends to
> be a local Windows OS with its own set of users.)
> 
> For users and groups not defined in smbpasswd (or maybe it's for all
> except for file owner matching the logged in user), the SIDs do show
> up in the S-1-5-22- Unix_User+/Unix_Group+ form.
> 
> I'll leave it at that; hopefully more capable hands can help you
> choose how to then deal with these SIDs.

That's a very good point and sounds like a very likely cause for this
problem.  The fact that the GUI shows "JOHNWL\john" seems like a very
good hint.

Here's the problem:  Cygwin's automatism can't resolve this SID,
and the methods implemented in the account handling can't help with
that.

The reason is this:  When you ask the Windows GUI for the ACL of a file,
it knows whom to ask for the SIDs.  It's either a SID it knows anyway
(builtin, SAM, AD), or it asks the underlying server of the share.

However, the account handling in Cygwin is decoupled from the code
fetching file ACLs.  It ony generically cares for passwd and group
entries, and it only knows to ask SAM or AD for the SID.  It has no
connection to the server serving the share.  This *might* be possible,
but code for that just isn't there.

What you can do to workaround this problem is either to change Samba
so as not to return the above SID for the user with UID 1000, but the
default SID S-1-22-1-1000.  Or, in Cygwin, you just keep a passwd file
with two entries around.  These entries should be equivalent to the
output of `getent passwd $USER', so just copy/paste it twice.  Then
tweak the SID of the second entry to match the above SID.  The end result
should be:

  john:*:197608:197121:U-JOHNDESKTOP\john,S-1-5-21-775725812-2182925691-3402384268-1000:/home/john:/bin/bash
  john:*:197608:197121:U-JOHNWL\john,S-1-5-21-2908258922-1501660359-1356206134-1000:/home/john:/bin/bash

Then set /etc/nsswitch.conf to "passwd: files db" and restart your
Cygwin processes.  That should help.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpa0f4g2sW1D.pgp
Description: PGP signature