This is the mail archive of the mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [ANNOUNCEMENT] New release of setup.exe (

On Sat, Mar 15, 2003 at 03:30:03AM -0800, Doug VanLeuven wrote:
> I wish I had just one domain.  To set this up in a mutidomain
> environment, I'm finding
> I install as an administrator of one of the domains DOMAIN1
> create local passwd & group files
> 	passwd.local & group.local
> create domain passwd & group files:
> 	passwd.DOMAIN1 & group.DOMAIN1
> Then log in as an admin in domain DOMAIN2
> create domain passwd & group files:
> 	passwd.DOMAIN2 group.DOMAIN2
> ...

Why do you need to log in several times instead of using
repeatedly mkpasswd -d DOMAINX? Is it for access right reasons?
Also, how do you avoid having duplicated uids? Do you use the
-o switch ?

If it weren't for the access right problems (can you solve them
by having one user that has access everywhere), mkpasswd could be 
extended to take several domains at once. It could also avoid 
duplicating uids. Would that help you?

> Then finally combine them all
> 	cat passwd.* | sort | uniq > passwd
> The sort & uniq is to remove the extra local accounts thoughtfully
> provided when generating the domain password files.

Yep, we should think of removing them. It should never happen than
a passwd file is created solely by providing the -d switch.
> The problem is when a user logs on who is more recent than when the
> passwd file was initially created and so doesn't exist in /etc/passwd.
> The user may not have admin privilege to regenerate the entire domain
> file, but could extract their own info and append it via a craftily
> written /etc/profile that performed the regeneration when the user
> doesn't exist.
> No, I'm not going into the overhead to associate the proper
> uid offset.
> (mkpasswd -u $USERNAME -d $USERDOMAIN; cat passwd.*)|sort|uniq >passwd

How large is /etc/passwd in the end? 
Do you really need to have all the users in the file?

> Then, I can periodically ship out an updated passwd.DOMAIN file to
> be included by logon scripts, without having to have personalized
> passwd files that reflect each machine's differing local accounts.
> I just wanted to put it out there that seperately maintained
> passwd files for the domain(s) & local accounts and a final
> merge offer some real advantages.

Thanks for the tip.


Unsubscribe info:
Bug reporting:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]