Mailing-List: contact cygwin-developers-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT cygwin DOT com>
List-Help: <mailto:cygwin-developers-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT cygwin DOT com
Delivered-To: mailing list cygwin-developers AT cygwin DOT com
Message-ID: <3DB5A076.ABAFF076@ieee.org>
Date: Tue, 22 Oct 2002 15:01:10 -0400
From: "Pierre A. Humblet" <Pierre DOT Humblet AT ieee DOT org>
X-Accept-Language: en,pdf
MIME-Version: 1.0
To: cygwin-developers AT cygwin DOT com
Subject: Re: Avoiding /etc/passwd and /etc/group scans
References: <3DB416E7 DOT 99E22851 AT ieee DOT org> <20021021162246 DOT GC15828 AT redhat DOT com> <20021022162432 DOT GF514 AT redhat DOT com> <3DB58CBD DOT 87B2BDD8 AT ieee DOT org> <20021022181947 DOT GA4729 AT redhat DOT com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Christopher Faylor wrote:
>
> I'll provide you with ssh access to sources.redhat.com if you want to
> accumulate your patches on a branch and maybe even offer your own
> "snapshots".

OK. So this branch would have the evolving ntsec stuff, but will be 
populated with stable fork/mmap/tty/etc.. code.
 
> I really didn't anticipate the level of difficulties that are showing up
> in the cygwin mailing list wrt ntsec, so I'd like to get them solved.
> I'm thinking that if we can get some stuff tested before Corinna returns
> then maybe it will make her job a little easier.

Right, I am sure she will have enough things to do. To really test it 
we need to have people use it. Thus I like the idea of having it in
snapshots.
 
> Barring that, if you could offer some assurance, on the cygwin mailing
> list, that you're looking into the bugs, that would be helpful.  Then,
> at least, people will realize that their complaints aren't falling on
> deaf ears.

OK. But whatever changes I make can only mask the underlying problem 
with the incorrect passwd file. 

I am not sure where the incomplete passwd files are coming from. 
Old users may have files without sids. 

I just looked at passwd-grp.sh.done (July 28) on my system and noticed 
that the -l switch is not given to mkpasswd/group for domain users. 
So they may have problems when they login as a local user.
Similarly software installed as a local user won't work if the
user logs in later as a domain user.

Is there any harm in always giving the -l and -d switches? 
In other words, what happens with -d on a standalone machine?
That won't solve everything but it is simple and better than what 
is in my passwd-grp.sh.done

Pierre