Right, let's see... >> Thanks. First up - when I first read of all the changes to >> permissions, I thought I read that the /etc/passwd and /etc/group >> files should no longer be necessary, and I thought I'd deleted them, >> [...] >> > So, what does `id' print for you? >> >> #: john@johndesktop:~ ; id >> uid=197608(john) gid=545(Users) groups=545(Users),197121(None),114(Local >> account >> and member of Administrators >> group),544(Administrators),4(INTERACTIVE),66049(CONSOLE >> LOGON),11(Authenticated >> Users),15(This Organization),113(Local >> account),4095(CurrentSession),66048(LOCAL),262154(NTLM >> Authentication),405504(High Mandatory Level) > > This is in an elevated shell, and it's with the passwd file still > present, right?
Yes the passwd file was present, but no, I didn't do anything (like type in a
password) to make it elevated.
Although - given I appear to be a member of Administrators, does that make it
elevated?
> Can we please start from scratch?
With pleasure :)
> First, you removed passwd and group
> files, ok? Keep everything commented out in nsswitch.conf, or set it
> to
>
> passwd: db
> group: db
I went with this explicit option, forcing db.
> Please also remove the comment settings for your user and any group in
> the local SAM. Stop all Cygwin processes. Start a new shell.
Done I think, and rebooted for safety.
I checked (or tried to check) Users, Administrators, None, Power Users,
Authenticated Users, This Organization, Local account, CurrentSession, Guests,
Remote Desktop Users, and LOCAL. Hope that was enough.
> $ id
#: john@johndesktop:~ ; id
uid=197608(john) gid=197121(None) groups=197121(None),114(Local account and
member of Administrators
group),544(Administrators),545(Users),4(INTERACTIVE),66049(CONSOLE
LOGON),11(Authenticated Users),15(This Organization),113(Local
account),4095(CurrentSession),66048(LOCAL),262154(NTLM
Authentication),405504(High Mandatory Level)
> $ getent passwd $USER
#: john@johndesktop:~ ; getent passwd $USER
john:*:197608:197121:U-JOHNDESKTOP\john,S-1-5-21-775725812-2182925691-3402384268-1000:/home/john:/bin/bash
> $ cd <some local directory> # Not network share
> $ touch foo
> $ ls -l foo
#: john@johndesktop:~ ; cd
#: john@johndesktop:~ ; touch foo
#: john@johndesktop:~ ; ls -l foo
-rw-rwxr--+ 1 john None 0 Apr 23 10:57 foo
> Does it look correct? Are you "john" and your primary group is "None"?
Looks good to me...
>> Removing passwd and group immediately changes my output to
>> #: john@johndesktop:/etc ; ll /cygdrive/l/.bashrc
>> -rw-r--r-- 1 Unknown+User Unix_Group+1000 3833 Aug 22 2013
>> /cygdrive/l/.bashrc
>
> This is why you should start from scratch. It totally baffles me that
> you see an "Unknown+User" here. Given that this is a Samba share, what
> you *should* see is "Unix_User+$UID". "Unknown+User" means that Cygwin
> or rather, Windows can't resolve the SID Samba returns. Fishy...
>
> Next you do this aforementioned `ls -l' on the samba share. So we
> know your Linux account is john (uid 1000) and your primary group is
> john (gid 1000).
>
> Create a file "foo1" on the share via Windows, and create a file "foo2"
> on the share directly from Linux.
Windows:
#: john@johndesktop:/cygdrive/l ; cd /cygdrive/l
#: john@johndesktop:/cygdrive/l ; touch foo1
Linux:
#: john@johnwl:~ ; touch foo2
> Assuming the Samba machine is not running winbind, what you should see for
> a just created file is this:
>
> From Linux shell:
>
> -rw-r--r-- 1 john john [...] foo1
> -rw-r--r-- 1 john john [...] foo2
#: john@johnwl:~ ; ls -l foo*
-rw-r--r-- 1 john john 0 Apr 23 10:58 foo1
-rw-r--r-- 1 john john 0 Apr 23 10:58 foo2
Tick :)
> From Cygwin:
>
> -rw-r--r-- 1 Unix_User+1000 Unix_Group+1000 [...] foo1
> -rw-r--r-- 1 Unix_User+1000 Unix_Group+1000 [...] foo2
#: john@johndesktop:/cygdrive/l ; ls -l foo*
-rw-r--r-- 1 Unknown+User Unix_Group+1000 0 Apr 23 10:58 foo1
-rw-r--r-- 1 Unknown+User Unix_Group+1000 0 Apr 23 10:58 foo2
Cross :(
> If you look into Explorer's "Properties" dialog for the files, the
> "Security" tab should show something like this in both cases:
>
> Everyone
> john (Unix User\john)
> john (Unix Group\john)
foo1:
Everyone
john (Unix Group\john)
John Orr (JOHNWL\john)
foo2:
[ as above ]
> However, if that's not the case, something else is going on. The
> Samba machine is running winbindd and access from your Windows machine
> creates files under another Linux account which is then mapped back
> to some Active Directory account.
I'm not aware of running winbind, and:
#: john@johnwl:~ ; ps -ef | grep winbind
john 6164 5732 0 11:01 pts/0 00:00:00 grep --color=auto winbind
I've attached a dump of ps -ef in case there's more ideas in it.
> If so, we're running into a problem here. Is your machine an AD member
> machine?
It's not. Speaking to the sys admin, they are standalone machine like one
might set up at home. No AD, just my account, and an administrator account
that the sys admin can use. The only change he makes is to give him control
over windows software updates (he vets them first before pushing them out to
the rest of us).
> It doesn't seem so. But then, Cygwin won't be able to resolve
> the SID it gets back for these files. I really wonder if there's some
> configuration problem between your machine and the rest of the company
> which just leaves Cygwin hanging in the rain.
The whole situation is on my machine alone. The linux machine is a Debian
Wheezy Virtual Machine running on my Windows 7 machine under VirtualBox (with a
Bridged Adapter network setup).
I tried running tcpdump on my linux box to capture the network traffic
generated by running ls -l foo1 from cygwin, then importing it into wireshark -
I'm no expert here but the NT QUERY SECURITY DESC looked like this:
SMB (Server Message Block Protocol)
SMB Header
NT Trans Response (0xa0)
[FID: 0x2520 (\foo1)]
[Opened in: 48]
[Closed in: 63]
[File Name: \foo1]
[Create Flags: 0x00000010]
[Access Mask: 0x00020080]
[File Attributes: 0x00000000]
[Share Access: 0x00000007 SHARE_READ SHARE_WRITE SHARE_DELETE]
[Create Options: 0x00204000]
[Disposition: Open (if file exists open it, else fail) (1)]
Function: NT QUERY SECURITY DESC (6)
[...]
NT QUERY SECURITY DESC Data
NT Security Descriptor
Revision: 1
Type: 0x9004
Offset to owner SID: 20
Offset to group SID: 48
Offset to SACL: 0
Offset to DACL: 64
Owner: S-1-5-21-2908258922-1501660359-1356206134-1000 (Domain
SID-Domain RID)
Revision: 1
Num Auth: 5
Authority: 5
Subauthorities: 21-2908258922-1501660359-1356206134-1000
RID: 1000 (Domain RID)
Group: S-1-22-2-1000 ()
Revision: 1
Num Auth: 2
Authority: 22
Subauthorities: 2-1000
[...]
The full file is attached. The linux box is 172.18.9.173, windows is
172.18.9.236.
Anything else I can do to debug? Thus far I've only run stable cygwin releases
but if necessary that could change.
Thanks again!
John
dump4.pcap
Description: Binary data
UID PID PPID C STIME TTY TIME CMD root 1 0 0 10:33 ? 00:00:00 init [2] root 2 0 0 10:33 ? 00:00:00 [kthreadd] root 3 2 0 10:33 ? 00:00:01 [ksoftirqd/0] root 6 2 0 10:33 ? 00:00:00 [migration/0] root 7 2 0 10:33 ? 00:00:00 [watchdog/0] root 8 2 0 10:33 ? 00:00:00 [migration/1] root 9 2 0 10:33 ? 00:00:00 [kworker/1:0] root 10 2 0 10:33 ? 00:00:01 [ksoftirqd/1] root 11 2 0 10:33 ? 00:00:00 [kworker/0:1] root 12 2 0 10:33 ? 00:00:00 [watchdog/1] root 13 2 0 10:33 ? 00:00:00 [cpuset] root 14 2 0 10:33 ? 00:00:00 [khelper] root 15 2 0 10:33 ? 00:00:00 [kdevtmpfs] root 16 2 0 10:33 ? 00:00:00 [netns] root 17 2 0 10:33 ? 00:00:00 [sync_supers] root 18 2 0 10:33 ? 00:00:00 [bdi-default] root 19 2 0 10:33 ? 00:00:00 [kintegrityd] root 20 2 0 10:33 ? 00:00:00 [kblockd] root 21 2 0 10:33 ? 00:00:01 [kworker/1:1] root 22 2 0 10:33 ? 00:00:00 [khungtaskd] root 23 2 0 10:33 ? 00:00:00 [kswapd0] root 24 2 0 10:33 ? 00:00:00 [ksmd] root 25 2 0 10:33 ? 00:00:00 [khugepaged] root 26 2 0 10:33 ? 00:00:00 [fsnotify_mark] root 27 2 0 10:33 ? 00:00:00 [crypto] root 114 2 0 10:33 ? 00:00:00 [ata_sff] root 117 2 0 10:33 ? 00:00:00 [khubd] root 132 2 0 10:33 ? 00:00:00 [scsi_eh_0] root 133 2 0 10:33 ? 00:00:00 [scsi_eh_1] root 134 2 0 10:33 ? 00:00:00 [kworker/u:1] root 135 2 0 10:33 ? 00:00:00 [kworker/u:2] root 136 2 0 10:33 ? 00:00:00 [scsi_eh_2] root 156 2 0 10:33 ? 00:00:00 [md] root 171 2 0 10:33 ? 00:00:00 [jbd2/sda1-8] root 172 2 0 10:33 ? 00:00:00 [ext4-dio-unwrit] root 316 1 0 10:33 ? 00:00:00 udevd --daemon root 428 316 0 10:33 ? 00:00:00 udevd --daemon root 429 316 0 10:33 ? 00:00:00 udevd --daemon root 437 2 0 10:33 ? 00:00:00 [iprt] root 445 2 0 10:33 ? 00:00:00 [kpsmoused] root 446 2 0 10:33 ? 00:00:00 [kworker/0:2] root 1690 1 0 10:33 ? 00:00:00 /sbin/rpcbind -w statd 1725 1 0 10:33 ? 00:00:00 /sbin/rpc.statd root 1730 2 0 10:33 ? 00:00:00 [rpciod] root 1732 2 0 10:33 ? 00:00:00 [nfsiod] root 1739 1 0 10:33 ? 00:00:00 /usr/sbin/rpc.idmapd root 1929 1 0 10:33 ? 00:00:00 dhclient -v -pf /run/dhclient.eth0.pid -lf /var/lib/dhcp/dhclient.eth0.leases eth0 root 2172 1 0 10:33 ? 00:00:00 /usr/sbin/rsyslogd -c5 root 2212 1 0 10:33 ? 00:00:01 /usr/sbin/VBoxService root 2237 1 0 10:33 ? 00:00:02 /usr/sbin/nmbd -D root 2246 1 0 10:33 ? 00:00:00 /usr/sbin/smbd -D root 2279 2246 0 10:33 ? 00:00:00 /usr/sbin/smbd -D root 2283 1 0 10:33 ? 00:00:00 /usr/sbin/acpid tomcat6 2291 1 4 10:33 ? 00:03:23 /usr/lib/jvm/java-6-openjdk-amd64/bin/java -Djava.util.logging.config.file=/var/lib/tomcat6/conf/logging.properties -Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.endorsed.dirs=/usr/share/tomcat6/endorsed -classpath /usr/share/tomcat6/bin/bootstrap.jar -Dcatalina.base=/var/lib/tomcat6 -Dcatalina.home=/usr/share/tomcat6 -Djava.io.tmpdir=/tmp/tomcat6-tomcat6-tmp org.apache.catalina.startup.Bootstrap start root 2319 2 0 10:33 ? 00:00:00 [flush-8:0] root 2357 1 0 10:33 ? 00:00:00 /usr/sbin/apache2 -k start www-data 2359 2357 0 10:33 ? 00:00:00 /usr/sbin/apache2 -k start www-data 2363 2357 0 10:33 ? 00:00:00 /usr/sbin/apache2 -k start voi-web 2364 2357 0 10:33 ? 00:00:00 /usr/sbin/apache2 -k start www-data 2365 2357 0 10:33 ? 00:00:00 /usr/sbin/apache2 -k start www-data 2366 2357 0 10:33 ? 00:00:00 /usr/sbin/apache2 -k start daemon 2476 1 0 10:33 ? 00:00:00 /usr/sbin/atd root 2518 1 0 10:33 ? 00:00:00 /usr/sbin/cron 104 2557 1 0 10:33 ? 00:00:00 /usr/bin/dbus-daemon --system root 2602 1 0 10:33 ? 00:00:00 /sbin/mdadm --monitor --pid-file /run/mdadm/monitor.pid --daemonise --scan --syslog 101 2905 1 0 10:33 ? 00:00:00 /usr/sbin/exim4 -bd -q30m ntp 2970 1 0 10:33 ? 00:00:00 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -c /var/lib/ntp/ntp.conf.dhcp -u 106:111 root 2994 1 0 10:33 ? 00:00:00 /bin/sh /usr/bin/mysqld_safe --server-id=1379719561 --port=3306 --datadir=/var/lib/mysql/tirtlnet --pid-file=/var/run/mysqld/mysqld.tirtlnet.pid --socket=/var/run/mysqld/mysqld.sock --log-error=/var/lib/mysql/tirtlnet/log/mysql.err --slow_query_log_file=/var/lib/mysql/tirtlnet/log/mysql-slow.log --general_log_file=/var/lib/mysql/tirtlnet/log/mysql.log --tmpdir=/var/lib/mysql/tirtlnet/tmp --log_bin=/home/mysql/tirtlnet/binlog/mysql-bin.log --innodb_buffer_pool_size=256M --relay-log=mysqld-relay-bin --report-host=tnbackup.tirtl.net --report-port=3306 root 2998 1 0 10:33 ? 00:00:00 /bin/sh /usr/bin/mysqld_safe --read-only --server-id=1379719562 --port=3307 --datadir=/var/lib/mysql/tirtlnet-ceb --pid-file=/var/run/mysqld/mysqld.tirtlnet-ceb.pid --socket=/var/run/mysqld/mysqld-ceb.sock --log-error=/var/lib/mysql/tirtlnet-ceb/log/mysql.err --slow_query_log_file=/var/lib/mysql/tirtlnet-ceb/log/mysql-slow.log --general_log_file=/var/lib/mysql/tirtlnet-ceb/log/mysql.log --tmpdir=/var/lib/mysql/tirtlnet-ceb/tmp --innodb_buffer_pool_size=16M --log_bin=/home/mysql/tirtlnet-ceb/binlog/mysql-bin.log --replicate-do-db=nsw-rta --replicate-wild-do-table=nsw-rta.heading --replicate-wild-do-table=nsw-rta.%_class --replicate-wild-do-table=nsw-rta.lane --replicate-wild-do-table=nsw-rta.tirtl_lane_camera_map --replicate-wild-do-table=nsw-rta.voi% --replicate-wild-do-table=nsw-rta.camera% root 3114 1 0 10:33 ? 00:00:00 /usr/bin/python -tt /usr/share/file-messaging/queue_daemon.py --daemon --pidfile /var/run/queue-daemon.pid --config-dir /etc/queue-daemon.d root 4261 1 0 10:33 ? 00:00:00 /usr/sbin/sshd root 4544 1 0 10:33 ? 00:00:00 /bin/bash /opt/ceos/bin/agent --name=tirtlnet --pid-file=/var/run/tirtlnet.pid --wait=86400 /etc/tirtlnet/agent.d mysql 4575 2994 1 10:33 ? 00:00:56 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql/tirtlnet --plugin-dir=/usr/lib/mysql/plugin --user=mysql --server-id=1379719561 --slow-query-log-file=/var/lib/mysql/tirtlnet/log/mysql-slow.log --general-log-file=/var/lib/mysql/tirtlnet/log/mysql.log --tmpdir=/var/lib/mysql/tirtlnet/tmp --log-bin=/home/mysql/tirtlnet/binlog/mysql-bin.log --innodb-buffer-pool-size=256M --relay-log=mysqld-relay-bin --report-host=tnbackup.tirtl.net --report-port=3306 --log-error=/var/lib/mysql/tirtlnet/log/mysql.err --pid-file=/var/run/mysqld/mysqld.tirtlnet.pid --socket=/var/run/mysqld/mysqld.sock --port=3306 mysql 4712 2998 0 10:33 ? 00:00:03 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql/tirtlnet-ceb --plugin-dir=/usr/lib/mysql/plugin --user=mysql --read-only --server-id=1379719562 --slow-query-log-file=/var/lib/mysql/tirtlnet-ceb/log/mysql-slow.log --general-log-file=/var/lib/mysql/tirtlnet-ceb/log/mysql.log --tmpdir=/var/lib/mysql/tirtlnet-ceb/tmp --innodb-buffer-pool-size=16M --log-bin=/home/mysql/tirtlnet-ceb/binlog/mysql-bin.log --replicate-do-db=nsw-rta --replicate-wild-do-table=nsw-rta.heading --replicate-wild-do-table=nsw-rta.%_class --replicate-wild-do-table=nsw-rta.lane --replicate-wild-do-table=nsw-rta.tirtl_lane_camera_map --replicate-wild-do-table=nsw-rta.voi% --replicate-wild-do-table=nsw-rta.camera% --log-error=/var/lib/mysql/tirtlnet-ceb/log/mysql.err --pid-file=/var/run/mysqld/mysqld.tirtlnet-ceb.pid --socket=/var/run/mysqld/mysqld-ceb.sock --port=3307 root 4722 4544 0 10:33 ? 00:00:00 sleep 86400 root 4834 1 0 10:33 tty1 00:00:00 /sbin/getty 38400 tty1 root 4835 1 0 10:33 tty2 00:00:00 /sbin/getty 38400 tty2 root 4836 1 0 10:33 tty3 00:00:00 /sbin/getty 38400 tty3 root 4837 1 0 10:33 tty4 00:00:00 /sbin/getty 38400 tty4 root 4838 1 0 10:33 tty5 00:00:00 /sbin/getty 38400 tty5 root 4839 1 0 10:33 tty6 00:00:00 /sbin/getty 38400 tty6 root 5655 4261 0 10:58 ? 00:00:00 sshd: john [priv] root 5658 1 0 10:58 ? 00:00:00 /usr/sbin/console-kit-daemon --no-daemon root 5725 1 0 10:58 ? 00:00:00 /usr/lib/policykit-1/polkitd --no-debug john 5731 5655 0 10:58 ? 00:00:00 sshd: john@pts/0 john 5732 5731 0 10:58 pts/0 00:00:00 -bash john 7389 2246 0 11:39 ? 00:00:00 /usr/sbin/smbd -D john 7748 5732 0 11:48 pts/0 00:00:00 ps -ef
-- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
