Fwd: Fwd: Switching to posix with no acl
-- Forwarded message - From: Jim McNamara Date: Sat, Nov 14, 2020, 7:26 PM Subject: Re: Fwd: Switching to posix with no acl To: René Berber On Sat, Nov 14, 2020, 7:17 PM René Berber via Cygwin wrote: > On 11/14/2020 12:37 PM, Jim McNamara via Cygwin wrote: > > > Since there are no adduser or addgroup, I guess I'd create those files > > manually off /etc. > > I think the recommended way is using the mkpasswd command. Actually the > recommended procedure is not to use anything. > > Just run that command and take a look at the output. You have to filter > out most lines, only add the user you want. > > Now run it with --help, you'll see you can list 'local' users AND domain > users. I put quotes on local because you can also specify local to > which computer (as long as it is running SMB, I think). > > Its about the same for groups: mkgroup. > > Hope this helps a little. > -- > R.Berber > -- > Problem reports: https://cygwin.com/problems.html > FAQ: https://cygwin.com/faq/ > Documentation:https://cygwin.com/docs.html > Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple Hi R. Berber- Thanks for the cool info. Can't wait to check it out :-) Robo-loki Hi R. Yes. 'The recommendation is to not use anything.' There are too many accounts specific to the OS like SYSTEM. I think they serve a purpose. e.g. a process can run as system. I vote for leaving well enough alone on this one. I will just set permission at command line in mintty for stuff like ssh authorized_keys etc. and not touch permission outside of mintty. Have a cool night. Thanks, Robo-loki -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: Fwd: Switching to posix with no acl
On 11/14/2020 12:37 PM, Jim McNamara via Cygwin wrote: Since there are no adduser or addgroup, I guess I'd create those files manually off /etc. I think the recommended way is using the mkpasswd command. Actually the recommended procedure is not to use anything. Just run that command and take a look at the output. You have to filter out most lines, only add the user you want. Now run it with --help, you'll see you can list 'local' users AND domain users. I put quotes on local because you can also specify local to which computer (as long as it is running SMB, I think). Its about the same for groups: mkgroup. Hope this helps a little. -- R.Berber -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Fwd: Switching to posix with no acl
-- Forwarded message - From: Jim McNamara Date: Sat, Nov 14, 2020, 1:37 PM Subject: Fwd: Switching to posix with no acl To: Cygwin -- Forwarded message - From: Jim McNamara Date: Sat, Nov 14, 2020, 12:57 AM Subject: Switching to posix with no acl To: Cygwin Hi all Since there are no adduser or addgroup, I guess I'd create those files manually off /etc. Then I'd run passwd. After that put in /etc/fstab none /cygdrive cygdrive binary, posix=0, noacl, user 0 0 Close all processes. That would give me a posix permission set up, right? I read something about windows ignoring some dos bit with a file permission but that is outside of cygwin...right? Lastly, with acl you open an administrator cmd shell. With posix can I escalate to root and stay away from admin cmd shell? Is anyone else using posfix setup in general or mostly acl? Thanks for any help! Roboloki Sat. Nov. 14 1:35 pm Hi all- I found in the manual about the execute bit permission being ignored in filesystems with acl. That answered one question above. I can just take advantage of how exe heuristics work. If I find myself in a position where it needs administrator rights via a shell, will it interfere with my posix permissions, users, or groups once the /etc/groups and /etc/password and fstab are already setup? Did the fstab entry above look okay for posix permission? Thanks for any assistance ! Roboloki Sat. Nov. 14, 1:45 PM HI all - I had a privilege escalation window come up for instance when running a system supplied configure script for sshd ( I think ). It gave the choices yes or no prompting to choose carefully for noacl permission mode or acl translation setup. I think that prompt is very good. Will it (administrator mode) always at least ask or identify which type of setup if required? Thanks as always, Robo-loki -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Fwd: Switching to posix with no acl
-- Forwarded message - From: Jim McNamara Date: Sat, Nov 14, 2020, 12:57 AM Subject: Switching to posix with no acl To: Cygwin Hi all Since there are no adduser or addgroup, I guess I'd create those files manually off /etc. Then I'd run passwd. After that put in /etc/fstab none /cygdrive cygdrive binary, posix=0, noacl, user 0 0 Close all processes. That would give me a posix permission set up, right? I read something about windows ignoring some dos bit with a file permission but that is outside of cygwin...right? Lastly, with acl you open an administrator cmd shell. With posix can I escalate to root and stay away from admin cmd shell? Is anyone else using posfix setup in general or mostly acl? Thanks for any help! Roboloki Sat. Nov. 14 1:35 pm Hi all- I found in the manual about the execute bit permission being ignored in filesystems with acl. That answered one question above. I can just take advantage of how exe heuristics work. If I find myself in a position where it needs administrator rights via a shell, will it interfere with my posix permissions, users, or groups once the /etc/groups and /etc/password and fstab are already setup Did the fstab entry above look okay for posix permission? Thanks for any assistance ! Roboloki -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple