[jira] [Created] (VCL-1065) update_cygwin.cmd script does not work correctly if computer is joined to Active Directory

Tue, 01 Aug 2017 07:37:01 -0700 

Andy Kurth created VCL-1065:
-------------------------------

             Summary: update_cygwin.cmd script does not work correctly if 
computer is joined to Active Directory
                 Key: VCL-1065
                 URL: https://issues.apache.org/jira/browse/VCL-1065
             Project: VCL
          Issue Type: Improvement
          Components: vcld (backend)
            Reporter: Andy Kurth
            Assignee: Andy Kurth
             Fix For: 2.5


The GID and UID numbers Cygwin uses may change after a computer is joined to 
Active Directory.

Also, depending on the version of Cygwin the format of the resulting output 
from *mkpasswd -l* and *mkgroup -l* may differ.  As a result, the operations 
performed by *update_cygwin.cmd* may fail to allow the sshd service to work 
correctly.  Example:

Cygwin 1.5, output the same whether or not computer is joined to AD:
{noformat}root:unused_by_nt/2000/xp:1000:513:U-VCLV98-247\root,S-1-5-21-4145529145-2666226658-940326903-1000:/home/root:/bin/bash{noformat}

Note: the UID 1000 corresponds to the Windows numeric identifier for the user 
account.  GID 513 represents the _None_ group.

Cygwin 2.2, computer *not* joined to AD:
{noformat}root:*:197609:197152:U-WIN10ENT\root,S-1-5-21-57237294-3426833820-2376726728-1001:/hom
  e/root:/bin/bash{noformat}

Note: the UID and GID numbers changed.  AFAIK, the _197152_ GID is fixed and 
still corresponds to the _None_ group.

Cygwin 2.8, computer *joined* to AD:
{noformat}VCLV98-249+root:*:197609:197152:U-VCLV98-249\root,S-1-5-21-57237294-3426833820-2376726728-1001:/home/root:/bin/bash{noformat}

Note: the computer name is prepended to the beginning of the line.  This is 
also the case for the line corresponding to the _None_ group produced by the 
mkgroup command:
{noformat}
Users:S-1-5-32-545:545:
VCLV98-249+None:S-1-5-21-57237294-3426833820-2376726728-513:197121:
{noformat}

I also noticed problems caused by the way the vcld backend code configures 
computers prior to a reboot or capture.  Each may add a startup scheduled task 
-- _VCL Update Cygwin_ and _VCL Post Load_ respectively.  These may run at the 
same time.  Both call update_cygwin.cmd (post load does a few additional 
steps).  Problems occur if multiple instances of update_cygwin.cmd runs at the 
same time.  Contained in the script are commands to delete existing host key 
files and then regenerate them.  The regenerate command hangs if the key file 
it is trying to create already exists.  This causes that instance of 
update_cygwin.cmd to hang indefinitely.







--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to