subject:"\[ANNOUNCEMENT\] TEST RELEASE\: Cygwin 1.7.34\-003 \(Christmas\/New Year release\)"

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-21 Thread Corinna Vinschen

On Jan 21 11:20, Corinna Vinschen wrote:
> On Jan 21 10:37, Corinna Vinschen wrote:
> > On Jan 21 02:45, Andrey Repin wrote:
> > > The setup: A Win7 machine - member of a NT4-style domain. (No AD yet.)
> > > [...]
> > I'm wondering if that's a side effect of using a NT4 domain.  This isn't
> > supported in Cygwin anymore for quite some time.  After all AD has
> > replaced NT4 15 years ago.  All the LDAP calls to fetch the AD attributes
> > won't work in an NT4 domain, for instance.
> > 
> > But even if all the calls to the DB fail, the /path scheme shouldn't be
> > affected.
> 
> But it is...  I just inspected the code in CYgwin fetching the extra info
> for domain accounts.  Due to the way this works - a single ldap call to
> fetch all AD attributes - the evaluation only takes place after the LDAP
> call was successful.  This is independent of using non-AD schemes, basically
> like this:
> 
>if (is_domain_account)
>  {
>[...]
>if (cldap->fetch_ad_account ())
>{
>  gid = posix_offset + cldap->get_primary_gid ();
>  home = cygheap->pg.get_home (cldap);
>  shell = cygheap->pg.get_shell (cldap);
>  gecos = cygheap->pg.get_gecos (cldap);
>}
> 
> The reason here is that we have to fetch the gid value anyway, so the
> code is relying on the ldap call.  The get_home(), get_shell(), get_gecos()
> methods get the full content fetched from AD and only then creates the
> pw_dir, pw_shell and pw_gecos values based on the content of nsswitch.conf.
> 
> So, yes, this is a direct result of not supporting NT4 domains anymore.

FTR, Andrey and I were tackling this problem off-list, and I now added a
small, non-intrusive piece of code to allow fetching account info from
an NT4 domain.


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


pgpgAn4RpT3FK.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-21 Thread Corinna Vinschen

On Jan 21 10:37, Corinna Vinschen wrote:
> On Jan 21 02:45, Andrey Repin wrote:
> > Sorry for the holdup, I was trying to crack it by myself.
> > But I was unsuccessful, and have to reach for help.
> > Even the most striped down configuration doesn't produce visible 
> > improvements.
> > 
> > The setup: A Win7 machine - member of a NT4-style domain. (No AD yet.)
> > Logged in as domain user with admin rights.
> > Current profile path is C:\Users\.
> > group/passwd files are moved away.
> > 
> > Contents of nsswitch.conf (the last, stripped down next to nothing attempt):
> > 
> > passwd: db
> > group: db
> > 
> > db_home: /%H
> > db_shell: /bin/sh
> > 
> > 
> > > set HOME
> > HOMEDRIVE=C:
> > HOMEPATH=\Users\anrdaemon.CCENTER
> > 
> > > getent passwd %USERNAME%
> > anrdaemon:*:1051576:1049089:U-CCENTER\anrdaemon,S-1-5-21-1031481445-3291699540-3997755762-3000:/home/anrdaemon:/bin/bash
> > 
> > If I understand it right, the /%H should always return usable value, so do
> > /bin/sh. But I can't get it to work.
> 
> Weird, really.  I just tried it again myself and it worked immediately.
> 
> What I'm doing is this:
> 
> - I'm *not* running cygserver.
> - Open a mintty.
> - Change the nsswitch.conf settings and save the file.
> - Start another mintty to observe the effect.
> 
> If cygserver is not running, every new mintty session will see the
> latest version of the nsswitch.conf file and create the passwd/group
> entries from there.
> 
> I'm wondering if that's a side effect of using a NT4 domain.  This isn't
> supported in Cygwin anymore for quite some time.  After all AD has
> replaced NT4 15 years ago.  All the LDAP calls to fetch the AD attributes
> won't work in an NT4 domain, for instance.
> 
> But even if all the calls to the DB fail, the /path scheme shouldn't be
> affected.

But it is...  I just inspected the code in CYgwin fetching the extra info
for domain accounts.  Due to the way this works - a single ldap call to
fetch all AD attributes - the evaluation only takes place after the LDAP
call was successful.  This is independent of using non-AD schemes, basically
like this:

   if (is_domain_account)
 {
   [...]
   if (cldap->fetch_ad_account ())
 {
   gid = posix_offset + cldap->get_primary_gid ();
   home = cygheap->pg.get_home (cldap);
   shell = cygheap->pg.get_shell (cldap);
   gecos = cygheap->pg.get_gecos (cldap);
 }

The reason here is that we have to fetch the gid value anyway, so the
code is relying on the ldap call.  The get_home(), get_shell(), get_gecos()
methods get the full content fetched from AD and only then creates the
pw_dir, pw_shell and pw_gecos values based on the content of nsswitch.conf.

So, yes, this is a direct result of not supporting NT4 domains anymore.


Sorry,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


pgpX8Yi2tcVUB.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-21 Thread Corinna Vinschen

On Jan 21 02:45, Andrey Repin wrote:
> Sorry for the holdup, I was trying to crack it by myself.
> But I was unsuccessful, and have to reach for help.
> Even the most striped down configuration doesn't produce visible improvements.
> 
> The setup: A Win7 machine - member of a NT4-style domain. (No AD yet.)
> Logged in as domain user with admin rights.
> Current profile path is C:\Users\.
> group/passwd files are moved away.
> 
> Contents of nsswitch.conf (the last, stripped down next to nothing attempt):
> 
> passwd: db
> group: db
> 
> db_home: /%H
> db_shell: /bin/sh
> 
> 
> > set HOME
> HOMEDRIVE=C:
> HOMEPATH=\Users\anrdaemon.CCENTER
> 
> > getent passwd %USERNAME%
> anrdaemon:*:1051576:1049089:U-CCENTER\anrdaemon,S-1-5-21-1031481445-3291699540-3997755762-3000:/home/anrdaemon:/bin/bash
> 
> If I understand it right, the /%H should always return usable value, so do
> /bin/sh. But I can't get it to work.

Weird, really.  I just tried it again myself and it worked immediately.

What I'm doing is this:

- I'm *not* running cygserver.
- Open a mintty.
- Change the nsswitch.conf settings and save the file.
- Start another mintty to observe the effect.

If cygserver is not running, every new mintty session will see the
latest version of the nsswitch.conf file and create the passwd/group
entries from there.

I'm wondering if that's a side effect of using a NT4 domain.  This isn't
supported in Cygwin anymore for quite some time.  After all AD has
replaced NT4 15 years ago.  All the LDAP calls to fetch the AD attributes
won't work in an NT4 domain, for instance.

But even if all the calls to the DB fail, the /path scheme shouldn't be
affected.

For a start, can you run `strace -o getent.trace getent passwd anrdaemon
in a mintty session started *after* changing nsswitch.conf and send the
getent.trace file?  It might give some clue.

Thanks,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat

pgptxQ413XjM_.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-20 Thread Andrey Repin

Greetings, Corinna Vinschen!

>> >> >> > I added a %H specifier to the /path schema which is substituted by 
>> >> >> > the
>> >> >> > Windows home path in POSIX notation.  So, what you should be able to 
>> >> >> > do
>> >> >> > now is something like:
>> >> >> >
>> >> >> >   db_home: /%H/cygwin
>> >> >> 
>> >> >> I've used
>> >> >> 
>> >> >>db_home: %H/cygwin
>> >> 
>> >> > Meep!  Did you read the preliminary user's guide?  You really should.
>> >> 
>> >> >   
>> >> > https://cygwin.com/preliminary-ug/ntsec.html#ntsec-mapping-nsswitch-passwd
>> >> 
>> >> > The leading slash is in integral part of the "path" scheme,  The above
>> >> > is not recognized as valid entry at all.
>> >> 
>> >> Speaking of validity of entries.
>> >> I was toying around with my chain of VM's, and got to think about a way to
>> >> debug new nsswitch.conf configurations.
>> >> Is there an easy way to see, what steps are performed, and what results 
>> >> are
>> >> returned, from schemes specified in nsswitch.conf ?
>> 
>> > I'm not sure I understand the question.  Just change the db_home
>> > or whatever entry to another one and start another mintty?
>> 
>> That would be an indirect test, that doesn't tell a whole lot if things not
>> work to the expected results.
>> I'm trying different configurations right now, but it seems the result always
>> /home/$USER. And I'm not sure, if it is my misunderstanding, mistakes in my
>> cygwin configuration, or errors in system configuration?
>> It would be wonderful to have a way to directly test different schemes, even
>> if only for current user.

> I don't see the difference.  If you don't get the desired results,
> explain the setting you test and what you did.  Let's discuss it.  If
> it's a bug, I'll fix the bug.  If it's a misunderstanding on your part,
> let's try to improve the documentation.

Sorry for the holdup, I was trying to crack it by myself.
But I was unsuccessful, and have to reach for help.
Even the most striped down configuration doesn't produce visible improvements.

The setup: A Win7 machine - member of a NT4-style domain. (No AD yet.)
Logged in as domain user with admin rights.
Current profile path is C:\Users\.
group/passwd files are moved away.

Contents of nsswitch.conf (the last, stripped down next to nothing attempt):

passwd: db
group: db

db_home: /%H
db_shell: /bin/sh


> set HOME
HOMEDRIVE=C:
HOMEPATH=\Users\anrdaemon.CCENTER

> getent passwd %USERNAME%
anrdaemon:*:1051576:1049089:U-CCENTER\anrdaemon,S-1-5-21-1031481445-3291699540-3997755762-3000:/home/anrdaemon:/bin/bash


If I understand it right, the /%H should always return usable value, so do
/bin/sh. But I can't get it to work.
The only other change I can think about is shortened /cygdrive prefix

none / cygdrive binary,posix=0,noacl 0 0

Reverting it back doesn't make a difference.


--
WBR,
Andrey Repin (anrdae...@yandex.ru) 21.01.2015, <02:09>

Sorry for my terrible english...


--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-14 Thread Corinna Vinschen

On Jan 14 13:19, Achim Gratz wrote:
> Corinna Vinschen  cygwin.com> writes:
> > I uploaded a snapshot and I'm going to release another test release.
> 
> The snapshot and the test release are the same thing at the moment?

Yes.


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


pgp1K_bY1ZE6J.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-14 Thread Achim Gratz

Corinna Vinschen  cygwin.com> writes:
> I uploaded a snapshot and I'm going to release another test release.

The snapshot and the test release are the same thing at the moment?


Regards,
Achim.



--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-14 Thread Corinna Vinschen

On Jan 13 14:53, Corinna Vinschen wrote:
> On Jan 13 13:31, Achim Gratz wrote:
> > Would it be possible to give the homeDirectory preference over homeDrive? 
> > This order would be more useful for Cygwin since Cygwin doesn't map the
> > drive when the user logs in.
> 
> The idea of the windows scheme and the analogue %H was to reflect what
> Windows does.  It's hard to do the right thing here since, as usual,
> there will be different takes on "right" or "wrong"...

I just dropped utilizing homeDrive entirely.  Cygwin uses the value
of homeDirectory only now.  I uploaded a snapshot and I'm going to
release another test release.


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


pgpN0101msNvD.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-14 Thread Corinna Vinschen

On Jan 13 14:12, cyg Simple wrote:
> > From: Corinna Vinschen
> > On Jan 13 09:37, cyg Simple wrote:
> > user's Windows default environment at the time of a user context switch (for
> > instance, logon via ssh).  In that case, "leaving it as is"
> > today would mean to *drop* TMP/TEMP from the environment, because that's
> > what ssh does anyway.  Ssh drops almost everything from the environment,
> > before exec'ing the child process.  And that's a good thing, because the
> > environment (e.g. LOCALAPPDATA, USERPROFILE, etc) would otherwise reflect
> > the settings of the user running the sshd service, not the settings of the 
> > user just
> > logging in.
> > 
> 
> Shouldn't these be removed during the startup of sshd?  Then the child
> process would setup the variables during the login process?

That's basically what happens, except that sshd only removes the
variables when starting the child process, not at its own process
startup.

> > Having said that, TMP/TEMP have the downside of being used by POSIX and
> > Windows applications alike.  Therefore these variables usually are converted
> > from Windows to POSIX and vice versa on the fly.
> 
> This is what I was referring to earlier.

Yup, I just reiterated it to make sure the procedure is clear.

> > However, whether it makes sense to set TMP/TEMP in a ssh logon session or a
> > cron session is questionable.
> 
> Ack.  The environment tends to be empty on cron in *nix so I agree.  The 
> logon process tends to be what sets the variables, however with Cygwin sshd 
> we need to logon to a new user; would remote desktop protocol provider API 
> help?
> 
> http://msdn.microsoft.com/en-us/library/dd919947(v=vs.85).aspx

It has no functions for that afaics.  I'm using CreateEnvironmentBlock
to fetch the user's default Windows env and then merge it into the
environment propagated to the child process running under the user's
account.  I just added code to skip all crucial variables (e.g. TMP,
TEMP, PATH) and uploaded a new snapshot with this change to
https://cygwin.com/snapshots/  I'm also going to release another
test release today.


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


pgpCmYY35QSrt.pgp
Description: PGP signature

RE: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-13 Thread cyg Simple

> From: Corinna Vinschen
> 
> On Jan 13 09:37, cyg Simple wrote:
> > > -Original Message-
> > > From: Achim Gratz
> > >
> > > Corinna Vinschen  writes:
> > > > Which means what for the Cygwin DLL?  Dropping TMP/TEMP from the
> > > > merged Windows env?  It makes sense, I think.  Of course, there
> > > > will be others...
> >
> > My process is dependent on the fact that TMP/TEMP have in/out
> > rewriting of strings from POSIX to WINDOWS so please leave it as is.
> 
> You're missing something here.  What we're talking about is a merge of the

Correct, I was missing this key point.

> user's Windows default environment at the time of a user context switch (for
> instance, logon via ssh).  In that case, "leaving it as is"
> today would mean to *drop* TMP/TEMP from the environment, because that's
> what ssh does anyway.  Ssh drops almost everything from the environment,
> before exec'ing the child process.  And that's a good thing, because the
> environment (e.g. LOCALAPPDATA, USERPROFILE, etc) would otherwise reflect
> the settings of the user running the sshd service, not the settings of the 
> user just
> logging in.
> 

Shouldn't these be removed during the startup of sshd?  Then the child process 
would setup the variables during the login process?

> The new functionality we're talking about here is that the next Cygwin would
> "resurrect" the Windows environment setting for the child process started by
> sshd.  And these settings would be the one for the user just logging in.  This
> would help some Windows applications which otherwise choke if these
> Windows environment variables are missing.

Ack.

> 
> Having said that, TMP/TEMP have the downside of being used by POSIX and
> Windows applications alike.  Therefore these variables usually are converted
> from Windows to POSIX and vice versa on the fly.

This is what I was referring to earlier.

> 
> However, whether it makes sense to set TMP/TEMP in a ssh logon session or a
> cron session is questionable.

Ack.  The environment tends to be empty on cron in *nix so I agree.  The logon 
process tends to be what sets the variables, however with Cygwin sshd we need 
to logon to a new user; would remote desktop protocol provider API help?

http://msdn.microsoft.com/en-us/library/dd919947(v=vs.85).aspx

--
cyg Simple



--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-13 Thread Corinna Vinschen

On Jan 13 09:37, cyg Simple wrote:
> > -Original Message-
> > From: Achim Gratz
> > 
> > Corinna Vinschen  writes:
> > > Which means what for the Cygwin DLL?  Dropping TMP/TEMP from the
> > > merged Windows env?  It makes sense, I think.  Of course, there will
> > > be others...
> 
> My process is dependent on the fact that TMP/TEMP have in/out rewriting of
> strings from POSIX to WINDOWS so please leave it as is.

You're missing something here.  What we're talking about is a merge
of the user's Windows default environment at the time of a user context
switch (for instance, logon via ssh).  In that case, "leaving it as is"
today would mean to *drop* TMP/TEMP from the environment, because that's
what ssh does anyway.  Ssh drops almost everything from the environment,
before exec'ing the child process.  And that's a good thing, because
the environment (e.g. LOCALAPPDATA, USERPROFILE, etc) would otherwise
reflect the settings of the user running the sshd service, not the
settings of the user just logging in.

The new functionality we're talking about here is that the next Cygwin
would "resurrect" the Windows environment setting for the child process
started by sshd.  And these settings would be the one for the user just
logging in.  This would help some Windows applications which otherwise
choke if these Windows environment variables are missing.

Having said that, TMP/TEMP have the downside of being used by POSIX and
Windows applications alike.  Therefore these variables usually are
converted from Windows to POSIX and vice versa on the fly.

However, whether it makes sense to set TMP/TEMP in a ssh logon session
or a cron session is questionable.

Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat

pgp8k3_BOQQ9m.pgp
Description: PGP signature

RE: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-13 Thread cyg Simple

> -Original Message-
> From: Achim Gratz
> 
> Corinna Vinschen  writes:
> > Which means what for the Cygwin DLL?  Dropping TMP/TEMP from the
> > merged Windows env?  It makes sense, I think.  Of course, there will
> > be others...

My process is dependent on the fact that TMP/TEMP have in/out rewriting of
strings from POSIX to WINDOWS so please leave it as is.

> 
> Just for this question: if the Cygwin DLL always handles it no matter
what, then I
> think these should be dropped.  If they aren't dropped, I'd say at least
sshd
> would need to override them.  I don't want to enable PermitUserEnvironment
> just to deal with these two and sshrc can't be used to change the
environment.
> Another idea would be to prefix WIN_ to all inherited variables so any
Cygwin
> program wanting to use them could pull them in as needed.
> 

And I have a mashup of Cygwin and Windows applications.  I use Cygwin as a
tool for Windows applications not a replacement of the Windows applications.

> As I said, I'm trying to keep Cygwin and its environment separate from
Windows
> as much as possible, but others have different ideas about this and would
> probably want the opposite.  Maybe some CYGWIN setting would allow to do
> one or the other as needed (or always do it, but control the prefix), but
that's of
> course extra code to maintain and test.
> 

I suppose a CYGWIN environment option could  control  the result with the
default being the current actions.

--
cyg Simple


--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-13 Thread Achim Gratz

Corinna Vinschen  cygwin.com> writes:
> Which means what for the Cygwin DLL?  Dropping TMP/TEMP from the
> merged Windows env?  It makes sense, I think.  Of course, there will
> be others...

Just for this question: if the Cygwin DLL always handles it no matter what,
then I think these should be dropped.  If they aren't dropped, I'd say at
least sshd would need to override them.  I don't want to enable
PermitUserEnvironment just to deal with these two and sshrc can't be used to
change the environment.  Another idea would be to prefix WIN_ to all
inherited variables so any Cygwin program wanting to use them could pull
them in as needed.

As I said, I'm trying to keep Cygwin and its environment separate from
Windows as much as possible, but others have different ideas about this and
would probably want the opposite.  Maybe some CYGWIN setting would allow to
do one or the other as needed (or always do it, but control the prefix), but
that's of course extra code to maintain and test.

Regards,
Achim.

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-13 Thread Corinna Vinschen

On Jan 13 13:31, Achim Gratz wrote:
> Corinna Vinschen  cygwin.com> writes:
> > No.  How often do you change such a central setting as the db_home
> > setting for all users?
> 
> Almost never.  But testing gets more involved in this way.
> 
> > I thought it's clear how Cygwin does it.  Here it is:
> > 
> >   Is homeDrive non-empty?
> > If yes, convert to POSIX and use as $HOME.
> > If not, is homeDirectory non-empty? 
> >   If yes, convert to POSIX and use as $HOME.
> >   If no, ask the local computer for the user's profile directory.
> > If it has one, convert to POSIX and use as home dir
> > If not, fallback to /home/$USER.
> 
> I'd still want something else: automount /home/ to the appropriate
> directory.  But, as said before, that won't work through nsswitch.conf or at
> least doesn't really belong there.

Not now, not yet.  And this still might be automated as outlined
in my other mail.  It's at least worth a try, isn't it?

> > ...which you can change in /etc/fstab.
> 
> ...which has other problems for the rest of the mapped drives.  I still
> think the home directory should be treated separately.

That's all nice and dandy, but *how*.  Please look from the perspective
of the Cygwin DLL.  If you have a good idea how to implement this, I'm
open to discuss it.  But ultimately it has to be coded (SHTDI) and it
has to fit into the existing code somehow.

Given the existing code, what about utilizing the cygwinHome attribute,
for instance?  Creating a user account could be locally extended to set
this attribute to some useful value.

> > Right, but there's nothing Cygwin can do about it.  It means, you can't
> > use this db_home setting if you use ssh sessions, or you use password
> > authentication (real, or via passwd -R) and mount the drive in a profile.
> 
> Would it be possible to give the homeDirectory preference over homeDrive? 
> This order would be more useful for Cygwin since Cygwin doesn't map the
> drive when the user logs in.

The idea of the windows scheme and the analogue %H was to reflect what
Windows does.  It's hard to do the right thing here since, as usual,
there will be different takes on "right" or "wrong"...

> > Btw., what about my TMP/TEMP question?
> 
> I think at least sshd should treat these like PATH: provide a sane default

This is never the question.  When I'm asking stuff like this, I'm
usually talking about the Cygwin DLL, because the functionality is
inside the DLL.  Ssh or, fwiw, no other application have a say in the
matter.  In these implementaion matters, please take the look always
from the lowest common denominator, the Cygwin DLL.

> and ignore any existing settings.  I'm not sure in which other contexts this
> situation can occur, but if the Windows settings are used the path must be
> converted to POSIX.  I personally think that Cygwin has no business putting
> files into Windows TMP/TEMP since in almost all cases the ACL will be set in
> ways that either make it insecure or difficult for non-ACL-aware programs to
> correctly deal with it.

Which means what for the Cygwin DLL?  Dropping TMP/TEMP from the
merged Windows env?  It makes sense, I think.  Of course, there will
be others...

Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat

pgpn1DGVvDQNq.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-13 Thread Achim Gratz

Corinna Vinschen  cygwin.com> writes:
> No.  How often do you change such a central setting as the db_home
> setting for all users?

Almost never.  But testing gets more involved in this way.

> I thought it's clear how Cygwin does it.  Here it is:
> 
>   Is homeDrive non-empty?
> If yes, convert to POSIX and use as $HOME.
> If not, is homeDirectory non-empty? 
>   If yes, convert to POSIX and use as $HOME.
>   If no, ask the local computer for the user's profile directory.
> If it has one, convert to POSIX and use as home dir
> If not, fallback to /home/$USER.

I'd still want something else: automount /home/ to the appropriate
directory.  But, as said before, that won't work through nsswitch.conf or at
least doesn't really belong there.

> ...which you can change in /etc/fstab.

...which has other problems for the rest of the mapped drives.  I still
think the home directory should be treated separately.

> Right, but there's nothing Cygwin can do about it.  It means, you can't
> use this db_home setting if you use ssh sessions, or you use password
> authentication (real, or via passwd -R) and mount the drive in a profile.

Would it be possible to give the homeDirectory preference over homeDrive? 
This order would be more useful for Cygwin since Cygwin doesn't map the
drive when the user logs in.

> Btw., what about my TMP/TEMP question?

I think at least sshd should treat these like PATH: provide a sane default
and ignore any existing settings.  I'm not sure in which other contexts this
situation can occur, but if the Windows settings are used the path must be
converted to POSIX.  I personally think that Cygwin has no business putting
files into Windows TMP/TEMP since in almost all cases the ACL will be set in
ways that either make it insecure or difficult for non-ACL-aware programs to
correctly deal with it.

Regards,
Achim.

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-13 Thread Corinna Vinschen

On Jan 13 12:02, Achim Gratz wrote:
> [using the 20150113 snapshot already]
> 
> Corinna Vinschen  cygwin.com> writes:
> > The leading slash is in integral part of the "path" scheme,  The above
> > is not recognized as valid entry at all.
> 
> It doesn't work differently now that I've added the slash, though.  To solve
> the problems with the server one must re-start both cygserver and sshd after
> changing the configuration.  I think it's only cygserver, though, so is
> there a signal that one can send to have it invalidate the cache and re-load
> the configuration like some daemons on UN*X do?

No.  How often do you change such a central setting as the db_home
setting for all users?

> In any case, the code seems to prefer the mapped drives.  I don't know how
> it arrives there, an AD user having a mapped home / roaming profile has the
> UNC path available as the homedirectory attribute and the drive latter to
> map to is the homedrive attribute.  These two attributes are missing from
> accounts that only have local user profiles.

I thought it's clear how Cygwin does it.  Here it is:

  Is homeDrive non-empty?
If yes, convert to POSIX and use as $HOME.
If not, is homeDirectory non-empty? 
  If yes, convert to POSIX and use as $HOME.
  If no, ask the local computer for the user's profile directory.
If it has one, convert to POSIX and use as home dir
If not, fallback to /home/$USER.

> This is problematic for two reasons: it brings in the standard posix=0 mount
> option via the cygdrive prefix

...which you can change in /etc/fstab.

> and when trying to log in via SSH onto a
> server the drive mapping is not established unless that user has a desktop
> session open on the server.

Right, but there's nothing Cygwin can do about it.  It means, you can't
use this db_home setting if you use ssh sessions, or you use password
authentication (real, or via passwd -R) and mount the drive in a profile.

Btw., what about my TMP/TEMP question?

Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat

pgpoox9nTRSFs.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-13 Thread Achim Gratz

[using the 20150113 snapshot already]

Corinna Vinschen  cygwin.com> writes:
> The leading slash is in integral part of the "path" scheme,  The above
> is not recognized as valid entry at all.

It doesn't work differently now that I've added the slash, though.  To solve
the problems with the server one must re-start both cygserver and sshd after
changing the configuration.  I think it's only cygserver, though, so is
there a signal that one can send to have it invalidate the cache and re-load
the configuration like some daemons on UN*X do?

In any case, the code seems to prefer the mapped drives.  I don't know how
it arrives there, an AD user having a mapped home / roaming profile has the
UNC path available as the homedirectory attribute and the drive latter to
map to is the homedrive attribute.  These two attributes are missing from
accounts that only have local user profiles.

This is problematic for two reasons: it brings in the standard posix=0 mount
option via the cygdrive prefix and when trying to log in via SSH onto a
server the drive mapping is not established unless that user has a desktop
session open on the server.

Regards,
Achim.

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-13 Thread Corinna Vinschen

On Jan 13 06:53, Andrey Repin wrote:
> Greetings, Corinna Vinschen!
> 
> >> >> > I added a %H specifier to the /path schema which is substituted by the
> >> >> > Windows home path in POSIX notation.  So, what you should be able to 
> >> >> > do
> >> >> > now is something like:
> >> >> >
> >> >> >   db_home: /%H/cygwin
> >> >> 
> >> >> I've used
> >> >> 
> >> >>db_home: %H/cygwin
> >> 
> >> > Meep!  Did you read the preliminary user's guide?  You really should.
> >> 
> >> >   
> >> > https://cygwin.com/preliminary-ug/ntsec.html#ntsec-mapping-nsswitch-passwd
> >> 
> >> > The leading slash is in integral part of the "path" scheme,  The above
> >> > is not recognized as valid entry at all.
> >> 
> >> Speaking of validity of entries.
> >> I was toying around with my chain of VM's, and got to think about a way to
> >> debug new nsswitch.conf configurations.
> >> Is there an easy way to see, what steps are performed, and what results are
> >> returned, from schemes specified in nsswitch.conf ?
> 
> > I'm not sure I understand the question.  Just change the db_home
> > or whatever entry to another one and start another mintty?
> 
> That would be an indirect test, that doesn't tell a whole lot if things not
> work to the expected results.
> I'm trying different configurations right now, but it seems the result always
> /home/$USER. And I'm not sure, if it is my misunderstanding, mistakes in my
> cygwin configuration, or errors in system configuration?
> It would be wonderful to have a way to directly test different schemes, even
> if only for current user.

I don't see the difference.  If you don't get the desired results,
explain the setting you test and what you did.  Let's discuss it.  If
it's a bug, I'll fix the bug.  If it's a misunderstanding on your part,
let's try to improve the documentation.


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


pgpqQG3dDfRe6.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-12 Thread Andrey Repin

Greetings, Corinna Vinschen!

>> >> > I added a %H specifier to the /path schema which is substituted by the
>> >> > Windows home path in POSIX notation.  So, what you should be able to do
>> >> > now is something like:
>> >> >
>> >> >   db_home: /%H/cygwin
>> >> 
>> >> I've used
>> >> 
>> >>db_home: %H/cygwin
>> 
>> > Meep!  Did you read the preliminary user's guide?  You really should.
>> 
>> >   
>> > https://cygwin.com/preliminary-ug/ntsec.html#ntsec-mapping-nsswitch-passwd
>> 
>> > The leading slash is in integral part of the "path" scheme,  The above
>> > is not recognized as valid entry at all.
>> 
>> Speaking of validity of entries.
>> I was toying around with my chain of VM's, and got to think about a way to
>> debug new nsswitch.conf configurations.
>> Is there an easy way to see, what steps are performed, and what results are
>> returned, from schemes specified in nsswitch.conf ?

> I'm not sure I understand the question.  Just change the db_home
> or whatever entry to another one and start another mintty?

That would be an indirect test, that doesn't tell a whole lot if things not
work to the expected results.
I'm trying different configurations right now, but it seems the result always
/home/$USER. And I'm not sure, if it is my misunderstanding, mistakes in my
cygwin configuration, or errors in system configuration?
It would be wonderful to have a way to directly test different schemes, even
if only for current user.


--
WBR,
Andrey Repin (anrdae...@yandex.ru) 13.01.2015, <06:47>

Sorry for my terrible english...


--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-12 Thread Corinna Vinschen

On Jan 12 15:50, Andrey Repin wrote:
> Greetings, Corinna Vinschen!
> 
> >> > I added a %H specifier to the /path schema which is substituted by the
> >> > Windows home path in POSIX notation.  So, what you should be able to do
> >> > now is something like:
> >> >
> >> >   db_home: /%H/cygwin
> >> 
> >> I've used
> >> 
> >>db_home: %H/cygwin
> 
> > Meep!  Did you read the preliminary user's guide?  You really should.
> 
> >   https://cygwin.com/preliminary-ug/ntsec.html#ntsec-mapping-nsswitch-passwd
> 
> > The leading slash is in integral part of the "path" scheme,  The above
> > is not recognized as valid entry at all.
> 
> Speaking of validity of entries.
> I was toying around with my chain of VM's, and got to think about a way to
> debug new nsswitch.conf configurations.
> Is there an easy way to see, what steps are performed, and what results are
> returned, from schemes specified in nsswitch.conf ?

I'm not sure I understand the question.  Just change the db_home
or whatever entry to another one and start another mintty?


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


pgpg03Ydd25oN.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-12 Thread Andrey Repin

Greetings, Corinna Vinschen!

>> > I added a %H specifier to the /path schema which is substituted by the
>> > Windows home path in POSIX notation.  So, what you should be able to do
>> > now is something like:
>> >
>> >   db_home: /%H/cygwin
>> 
>> I've used
>> 
>>db_home: %H/cygwin

> Meep!  Did you read the preliminary user's guide?  You really should.

>   https://cygwin.com/preliminary-ug/ntsec.html#ntsec-mapping-nsswitch-passwd

> The leading slash is in integral part of the "path" scheme,  The above
> is not recognized as valid entry at all.

Speaking of validity of entries.
I was toying around with my chain of VM's, and got to think about a way to
debug new nsswitch.conf configurations.
Is there an easy way to see, what steps are performed, and what results are
returned, from schemes specified in nsswitch.conf ?


--
WBR,
Andrey Repin (anrdae...@yandex.ru) 12.01.2015, <15:48>

Sorry for my terrible english...


--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-12 Thread Corinna Vinschen

On Jan 10 21:44, Achim Gratz wrote:
> Corinna Vinschen writes:
> > I added a %H specifier to the /path schema which is substituted by the
> > Windows home path in POSIX notation.  So, what you should be able to do
> > now is something like:
> >
> >   db_home: /%H/cygwin
> 
> I've used
> 
>db_home: %H/cygwin

Meep!  Did you read the preliminary user's guide?  You really should.

  https://cygwin.com/preliminary-ug/ntsec.html#ntsec-mapping-nsswitch-passwd

The leading slash is in integral part of the "path" scheme,  The above
is not recognized as valid entry at all.


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


pgpTHu3Xxgmvl.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-10 Thread Achim Gratz

Corinna Vinschen writes:
> I added a %H specifier to the /path schema which is substituted by the
> Windows home path in POSIX notation.  So, what you should be able to do
> now is something like:
>
>   db_home: /%H/cygwin

I've used

   db_home: %H/cygwin

instead.  That works, sort of.  The windows home is mapped to H:,
therefore Cygwin decides to use /cygdrive/h/cygwin and that in turn
means "posix=0" as the standard mount option.  It doesn't seem to work
for SSH logins onto a server however, the resulting home directory is
always /home/.  I can't investigate further at the moment...

Regards,
Achim.
-- 
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

Factory and User Sound Singles for Waldorf Blofeld:
http://Synth.Stromeko.net/Downloads.html#WaldorfSounds

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-08 Thread Corinna Vinschen

On Jan  7 18:41, Corinna Vinschen wrote:
> On Dec 20 19:19, Achim Gratz wrote:
> > Another thing is that the Cygwin home directory is always a
> > sub-directory of the windows home in our environment, so it would be
> > useful if there was a placeholder for the windows home directory (%H or
> > some such) for the /path override or even the schema entries to use.
> 
> Not unreasonable but tricky.  %H would be an absolute path which
> collides with the current implementation in terms of the leading slash.
> Hmm.

I added a %H specifier to the /path schema which is substituted by the
Windows home path in POSIX notation.  So, what you should be able to do
now is something like:

  db_home: /%H/cygwin

If %H is preceeded by a slash, the slash gets removed since %H is
already an absolute path.  However, the code is not explicitely checking
for nonsense, like

  db_home: /foo/%H/baz

It will just replace that with something like

  /foo/cygdrive/c/Users/Willy.Brandt/baz

so you end up with a broken home path.

This new feature is not documented yet, and for testing I'd like to urge
you to try the latest snapshot from https://cygwin.com/snapshots/  If
that change works as desired, I'll add documentation and release
another, hopefully one of the last, Cygwin test releases.

Thanks,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat

pgpaJux_SI5fC.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-08 Thread Corinna Vinschen

On Jan  7 18:41, Achim Gratz wrote:
> Corinna Vinschen  cygwin.com> writes:
> > > but that would produce some rather unwieldy and long paths for certain
> > > users.  So, instead of specifying the users' home directory directly I
> > > would like to mount or auto-mount /home/≤user> to the actual (network)
> > > home directory.
> > 
> > Hmm.  That's tricky.  There's no automatism for that yet.  Nsswitch.conf
> > only describes how to create the passwd entry for a user.  It does not
> > add any mechanism to run at user context switch.  And not everybody
> > would like to have something like that so it needs configuration.
> > 
> > I'm not opposed to stuff like that if it simplifies admin's job, but on
> > one hand we should evaluate first if there's a way to script that,
> > rather than to hardcode it into the Cygwin DLL, and on the other hand
> > it's not something I'd like to add for the first cut of 1.7.34...
> 
> I agree that this is not something that belongs into nsswitch.conf, but
> since those mounts are working a bit differently on Cygwin than Linux I'd
> expect that in order to make some auto-mount facility available the DLL
> would need to know about it and provide at least some hooks to set them up
> correctly before any process tries to use them.

Adding a user mount should be scriptable.  The actual home directory
is the next to last entry in the user's `getent passwd' output.  In a
profile script, this entry can be used to generate a user bind mount
from the actual dir to /home/$USER.  Then, set $HOME to /home/$USER.
AFAICS this doesn't require any additional DLL support.

> > > > - When spawning a process under another user account, merge the user's
> > > >   default Windows environment into the new process' environment.
> > > 
> > > I think this change pulls in additional environment variables with
> > > windows path components when starting programs via cygserver/sshd that
> > > are not a login shell (and perhaps when the user's login shell isn't
> > > bash, so that profile doesn't get run), most notably PATH, TMP and TEMP.
> > > If these variables are used later on by programs expecting a POSIX path
> > > there, then things break.
> > 
> > Did you try it?  The idea was that these variables are converted to POSIX
> > on the way in...
> 
> They aren't, but even if they were I don't think it's the right thing to do
> for some variables.  Slightly edited:

Ok, I see.  So where exactly is the problem?  Variable which already
exist in the env are not overwritten ($PATH).  Variables which only have
a meaning for Windows apps should stay in DOS notation anyway.

So what's left?  TMP/TEMP/TMPDIR?  If that's all, we have two choices,
either convert them, or skip them.

What's better?


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


pgpfQzbkXXt4n.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-07 Thread Achim Gratz

Corinna Vinschen  cygwin.com> writes:
> > but that would produce some rather unwieldy and long paths for certain
> > users.  So, instead of specifying the users' home directory directly I
> > would like to mount or auto-mount /home/≤user> to the actual (network)
> > home directory.
> 
> Hmm.  That's tricky.  There's no automatism for that yet.  Nsswitch.conf
> only describes how to create the passwd entry for a user.  It does not
> add any mechanism to run at user context switch.  And not everybody
> would like to have something like that so it needs configuration.
> 
> I'm not opposed to stuff like that if it simplifies admin's job, but on
> one hand we should evaluate first if there's a way to script that,
> rather than to hardcode it into the Cygwin DLL, and on the other hand
> it's not something I'd like to add for the first cut of 1.7.34...

I agree that this is not something that belongs into nsswitch.conf, but
since those mounts are working a bit differently on Cygwin than Linux I'd
expect that in order to make some auto-mount facility available the DLL
would need to know about it and provide at least some hooks to set them up
correctly before any process tries to use them.

> > > - When spawning a process under another user account, merge the user's
> > >   default Windows environment into the new process' environment.
> > 
> > I think this change pulls in additional environment variables with
> > windows path components when starting programs via cygserver/sshd that
> > are not a login shell (and perhaps when the user's login shell isn't
> > bash, so that profile doesn't get run), most notably PATH, TMP and TEMP.
> > If these variables are used later on by programs expecting a POSIX path
> > there, then things break.
> 
> Did you try it?  The idea was that these variables are converted to POSIX
> on the way in...

They aren't, but even if they were I don't think it's the right thing to do
for some variables.  Slightly edited:

~ > ssh -XA gratz@server -t env
HOMEPATH=\\homes\gratz\GNU
APPDATA=C:\Users\gratz\AppData\Roaming
ProgramW6432=C:\Program Files
TERM=xterm-256color
SHELL=/bin/bash
WINDIR=C:\Windows
PUBLIC=C:\Users\Public
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
USERDOMAIN=EU
SSH_TTY=/dev/pty0
OS=Windows_NT
ALLUSERSPROFILE=C:\ProgramData
USER=gratz
TEMP=C:\Users\gratz\AppData\Local\Temp
USERNAME=gratz
ProgramFiles(x86)=C:\Program Files (x86)
MAIL=/var/spool/mail//gratz
PATH=/usr/bin:/bin
PSModulePath=C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
FP_NO_HOST_CHECK=NO
PWD=/home/gratz
ServerType=Standard
SYSTEMDRIVE=C:
CYGWIN_ROOT=D:\Freeware\Cygwin\
CYGWIN64_ROOT=D:\Freeware\Cygwin64\
USERPROFILE=C:\Users\gratz
CommonProgramW6432=C:\Program Files\Common Files
LOCALAPPDATA=C:\Users\gratz\AppData\Local
ProgramData=C:\ProgramData
SHLVL=1
HOME=/home/gratz
CommonProgramFiles=C:\Program Files\Common Files
COMSPEC=C:\Windows\system32\cmd.exe
TMP=C:\Users\gratz\AppData\Local\Temp
CYGWIN32_ROOT=D:\Freeware\Cygwin32\
LOGNAME=gratz
SYSTEMROOT=C:\Windows
PROGRAMFILES=C:\Program Files
CYGWIN_NOWINPATH=true
_=/usr/bin/env


Regards,
Achim.


--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2015-01-07 Thread Corinna Vinschen

On Dec 20 19:19, Achim Gratz wrote:
> Corinna Vinschen writes:
> > The major change in this new release will be the new method to read
> > account (passwd and group) information from the Windows user databases
> > directly, without the requirement to generate /etc/passwd and /etc/group
> > files to generate Unix-like uid and gid.
> 
> I've just set up a box with Win8.1 Core as a build machine.  I've used
> the SAM desc schema and removed /etc/passwd and /etc/group and it works
> great.
> 
> 
> Here's one thing I still think warrants some improvement (in an AD
> environment, at least):
> 
> Previously I've always used /etc/fstab.d/ for mounting the users'
> home directory onto /home/.  That worked except for login via ssh
> publickey since at the time ssh checks for the authorized keys that
> mount isn't set up yet.  So I've copied those files into a different
> directory and told sshd to look there, which means I had to set up each
> user manually on the server.  I could now replace that mapping via AD,

No, you couldn't.  The cygwinFstab attribute exists in the schema,
but the functionality isn't implemented yet (and won't be for a while).

> but that would produce some rather unwieldy and long paths for certain
> users.  So, instead of specifying the users' home directory directly I
> would like to mount or auto-mount /home/ to the actual (network)
> home directory.

Hmm.  That's tricky.  There's no automatism for that yet.  Nsswitch.conf
only describes how to create the passwd entry for a user.  It does not
add any mechanism to run at user context switch.  And not everybody
would like to have something like that so it needs configuration.

I'm not opposed to stuff like that if it simplifies admin's job, but on
one hand we should evaluate first if there's a way to script that,
rather than to hardcode it into the Cygwin DLL, and on the other hand
it's not something I'd like to add for the first cut of 1.7.34...

> Another thing is that the Cygwin home directory is always a
> sub-directory of the windows home in our environment, so it would be
> useful if there was a placeholder for the windows home directory (%H or
> some such) for the /path override or even the schema entries to use.

Not unreasonable but tricky.  %H would be an absolute path which
collides with the current implementation in terms of the leading slash.
Hmm.

> > For your convenience I wrote new documentation.  Since this is a TEST
> > prerelease, the new documentation is not part of the official docs yet.
> > Rather have a look at
> >
> >   https://cygwin.com/preliminary-ntsec.html
> 
> > - When spawning a process under another user account, merge the user's
> >   default Windows environment into the new process' environment.
> 
> I think this change pulls in additional environment variables with
> windows path components when starting programs via cygserver/sshd that
> are not a login shell (and perhaps when the user's login shell isn't
> bash, so that profile doesn't get run), most notably PATH, TMP and TEMP.
> If these variables are used later on by programs expecting a POSIX path
> there, then things break.

Did you try it?  The idea was that these variables are converted to POSIX
on the way in...


Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat


pgpex22ucqEEq.pgp
Description: PGP signature

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2014-12-27 Thread Andrey Repin

Greetings, Bryan Berns!

> I'll take a look at the archives for February.  I'm not sure how it'd
> be "obvious" given that's it's just descriptive metadata for the SID,
> but I'll try to educate myself before rehashing a previous discussion.

This is where POSIX is different from Windows.
What is ephemeral metadata in Windows could be quite a real file object in 
POSIX.


--
WBR,
Andrey Repin (anrdae...@yandex.ru) 28.12.2014, <06:34>

Sorry for my terrible english...


--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2014-12-27 Thread Bryan Berns

Thanks for the reply, Andrey.

I'll take a look at the archives for February.  I'm not sure how it'd
be "obvious" given that's it's just descriptive metadata for the SID,
but I'll try to educate myself before rehashing a previous discussion.

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2014-12-27 Thread Andrey Repin

Greetings, Bryan Berns!

> It would be nice if the names presented would be in what Microsoft
> calls the "NameSamCompatible" format instead of DOMAIN+USERNAME

If you mean "DOMAIN\USER" scheme, it would not work for obvious reasons.
I.e., you can't have a file name with [back]slash.

> format.  I see this is by design based on the documentation submitted
> Corinna put together.  Not a problem, although I'm curious as to why
> it was setup this way.

If you really curious, you can dig up the discussion on the subject starting
about a year ago.
I.e. a lengthy topic[1] in February of this year, when preliminary versions of
this change became available.

[1] mid:20140213143849.gh2...@calimero.vinschen.de


--
WBR,
Andrey Repin (anrdae...@yandex.ru) 28.12.2014, <03:59>

Sorry for my terrible english...


--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2014-12-27 Thread Bryan Berns

Finally had a chance to test out the new release, albeit in a very
limited fashion.  On our multi-domain forest with SID-History enabled,
running 'ls -l' was able to lookup account names for groups and users
on files.  Some ACEs had SIDs that would only be in present
SID-History and those worked as well.

It would be nice if the names presented would be in what Microsoft
calls the "NameSamCompatible" format instead of DOMAIN+USERNAME
format.  I see this is by design based on the documentation submitted
Corinna put together.  Not a problem, although I'm curious as to why
it was setup this way.

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2014-12-20 Thread Achim Gratz

Corinna Vinschen writes:
> The major change in this new release will be the new method to read
> account (passwd and group) information from the Windows user databases
> directly, without the requirement to generate /etc/passwd and /etc/group
> files to generate Unix-like uid and gid.

I've just set up a box with Win8.1 Core as a build machine.  I've used
the SAM desc schema and removed /etc/passwd and /etc/group and it works
great.

Here's one thing I still think warrants some improvement (in an AD
environment, at least):

Previously I've always used /etc/fstab.d/ for mounting the users'
home directory onto /home/.  That worked except for login via ssh
publickey since at the time ssh checks for the authorized keys that
mount isn't set up yet.  So I've copied those files into a different
directory and told sshd to look there, which means I had to set up each
user manually on the server.  I could now replace that mapping via AD,
but that would produce some rather unwieldy and long paths for certain
users.  So, instead of specifying the users' home directory directly I
would like to mount or auto-mount /home/ to the actual (network)
home directory.

Another thing is that the Cygwin home directory is always a
sub-directory of the windows home in our environment, so it would be
useful if there was a placeholder for the windows home directory (%H or
some such) for the /path override or even the schema entries to use.

> For your convenience I wrote new documentation.  Since this is a TEST
> prerelease, the new documentation is not part of the official docs yet.
> Rather have a look at
>
>   https://cygwin.com/preliminary-ntsec.html

> - When spawning a process under another user account, merge the user's
>   default Windows environment into the new process' environment.

I think this change pulls in additional environment variables with
windows path components when starting programs via cygserver/sshd that
are not a login shell (and perhaps when the user's login shell isn't
bash, so that profile doesn't get run), most notably PATH, TMP and TEMP.
If these variables are used later on by programs expecting a POSIX path
there, then things break.

Regards,
Achim.
-- 
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

Samples for the Waldorf Blofeld:
http://Synth.Stromeko.net/Downloads.html#BlofeldSamplesExtra

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

[ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

2014-12-17 Thread Corinna Vinschen

Hi Cygwin friends and users,


I released another TEST version of the next upcoming Cygwin release.
The version number is 1.7.34-003.

This is the Christmas/New Year release and the last one for 2014.

Not much has changed compared to 1.7.34-002.  A few minor bugfixes
and the new -k/--remove-default option to setfacl.


If you want to help testing this new release (which I seriously hope
for), you can find it in your setup-x86.exe or setup-x86_64.exe as
"test" release.


The major change in this new release will be the new method to read
account (passwd and group) information from the Windows user databases
directly, without the requirement to generate /etc/passwd and /etc/group
files to generate Unix-like uid and gid.

For your convenience I wrote new documentation.  Since this is a TEST
prerelease, the new documentation is not part of the official docs yet.
Rather have a look at

  https://cygwin.com/preliminary-ntsec.html

If you read it (which I seriously hope for) and it's all just
incomprehensible gobbledygook to you, please say so on the mailing list

  cygwin AT cygwin DOT com

so we have a chance to improve the documentation.

Please give this TEST release a try.

If you find problems in the new features or regressions compared to the
current stable release 1.7.33, please report them to the public mailing
list

  cygwin AT cygwin DOT com


Following is a list of changes in this new release:


What's new:
---

- Cygwin can now generate passwd/group entries directly from Windows
  user databases (local SAM or Active Directory), thus allowing to run
  Cygwin without having to create /etc/passwd and /etc/group files.
  Introduce /etc/nsswitch.conf file to configure passwd/group handling.

  For bordercase which require to use /etc/passwd and /etc/group files,
  change mkpasswd/mkgroup to generate passwd/group entries compatible
  with the entries read from SAM/AD.

- Add -b/--remove-all option to setfacl to reduce the ACL to only the
  entries representing POSIX permission bits.

- Add -k/--remove-default option to setfacl to remove all default ACL
  entries from an ACL.

- Provide Cygwin documentation (PDFs and HTML) for offline usage in
  /usr/share/doc/cygwin-${version}.


What changed:
-

- Revamp Solaris ACL implementation to more closely work like POSIX ACLs
  are supposed to work.  Finally implement a CLASS_OBJ emulation.  Update
  getfacl(1)/setfacl(1) accordingly.

- The xdr functions are no longer exported for newly built executables.
  Use libtirpc-devel instead.

- 32 bit only: Change default values for socket buffer size to raise
  performance on 10Gb networks.

- When spawning a process under another user account, merge the user's
  default Windows environment into the new process' environment.


Bug Fixes
-

- Fix the problem that ptys master side always writes single byte packages
  to the slave side, and pty slaves always read VMIN byte packages from
  the master side if VMIN is > 0.
  Fixes: https://cygwin.com/ml/cygwin-developers/2014-11/msg0.html

- Fix a synchronization problem in signal handling when using pthreads.
  Addresses: https://cygwin.com/ml/cygwin/2014-11/msg00472.html

- Fix an "invalid handle" problem when using flock(2) with a parent process
  holding the lock.
  Addresses: https://cygwin.com/ml/cygwin/2014-12/msg00012.html


To install 32-bit Cygwin use http://cygwin.com/setup-x86.exe
To install 64 bit Cygwin use http://cygwin.com/setup-x86_64.exe

If you're already running a 32 bit version of Cygwin on 64 bit Windows
machines, you can continue to do so.  If you're planning a new install
of Cygwin on a 64 bit Windows machine, consider to use the new 64 bit
Cygwin version, unless you need certain packages not yet available in
the 64 bit release.


Have fun,
Corinna

-- 
Corinna Vinschen  Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat

--
Problem reports:   http://cygwin.com/problems.html
FAQ:   http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info:  http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

RE: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

RE: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

[ANNOUNCEMENT] TEST RELEASE: Cygwin 1.7.34-003 (Christmas/New Year release)

32 matches

Site Navigation

Mail list logo

Footer information