On Feb 3 17:52, Kurt Franke wrote: > Corinna Vinschen <corinna-cygwin <at> cygwin.com> writes: > > This means, a rewrite of the /etc/passwd, /etc/group reading code from > > "all or nothing" to "one at a time when needed". Maybe that's in fact > > the way to go. > > dbm files was already used in yellow pages two dekades ago. > maybe there are some good examples how to do this (yppasswd etc.)
We can't use dbm unless we provide the functions as part of the Cygwin DLL. > > In theory, we don't want to keep the files around anyway. I have > > implemented ways to configure user settings from /etc/passwd (like > > home dir or login shell) in the local SAM or in AD. So the admin > > can switch to centralized maintainance even for Cygwin stuff. > > how to handling setting of the the primary group in /etc/passwd ? I don't understand the question. If your user has an /etc/passwd entry, you can simply change the pw_gid field in the file, just as today. > is it possible to store in in SAM ? In AD the primary group is what's defined in the primaryGroupID field, just as for your Windows user account, so your Cygwin primary group is always the same as the Windows primary group. What your admin set it to, or "Domain Users" by default. In SAM it's always "None". Override is only possible via /etc/passwd for now. So far, the overridable values are defined like this: - In AD, Cygwin will utilize the PosixAccount/PosixGroup entries per RFC 2307, available since Server 2003 R2. For a user uid overrides Windows username gecos adds gecos info unixHomeDirectory sets the Cygwin home directory loginShell sets the login shell uidNumber is used for the mapping from NFS/Samba shares to the Windows/Cygwin uid For a group cn overrides Windows groupname gidNumber is used for the mapping from NFS/Samba shares to the Windows/Cygwin gid - In SAM (only used for local accounts), there are no freely definable fields for users or groups, except for the "Description" field. Therefore, you can set values using a faux-XML syntax in the "Description" field. Here's what is supported right now: <CYGWINNAME:bla/> overrides Windows username/groupname <CYGWINHOME:path/> sets the Cygwin home directory to "path" <CYGWINSHELL:shell/> sets the login shell to "shell" - pw_uid, pw_gid and gr_gid are computed per the SFU rules. Local accounts have a uid/gid of 0x30000 + RID, primary domain accounts have a uid/gid of 0x100000 + RID, accounts from a trusted domain have the uid/gid trusted_domain.posix_offset(*) + RID. If you want to override pw_uid, pw_gid, or gr_gid, you have to add an entry to /etc/passwd or /etc/group. But given that the uid/gid values have no importance, this should not be necessary. Please note that this is all work in progress. Details can still change for one reason or another. The upcoming 1.7.28 Cygwin release will not have any of this. I'll check in the changes only after we released 1.7.28. (*) http://msdn.microsoft.com/en-us/library/windows/desktop/ms722487%28v=vs.85%29.aspx > > On the other hand, we'd like to keep passwd and group for home users > > which don't feel comfortable to make changes to the SAM, but then > > we only need very tiny files with one or two entries anyway. > > > > Reading the files on demand only might be the right thing to do. > > Catching two birds with one stone... > > it may be possible to have both using SAM but with a frontend named > /etc/passwd respective /etc/group > > how about setting up read/write devices for passwd and group contents > in /dev/ directory and just create symobolic links to it in /etc/ ? > changes written to the devices of should be allow only to admins. > such changes then should go done to SAM behind it as only storage location. > > (this would make cygwin have the most modern handling of theses files > and become an example for the different unices and linux :-) ) That's not feasible. The /etc/passwd and /etc/group files are supposed to stay real files which can be used to override the stuff from AD/SAM for people feeling more comfortable with that. You *can* utilize AD and SAM, but you don't have to. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
pgpVdUveaGHqc.pgp
Description: PGP signature