Avoiding /etc/passwd and /etc/group scans

Pierre A. Humblet Pierre.Humblet@ieee.org
Tue Oct 22 12:45:00 GMT 2002

Christopher Faylor wrote:

> Another idea is to isolate all of your changes using ifdefs and I can
> just turn on the ifdef in the normal snapshot process.  Then you wouldn't
> have to maintain a separate branch.

That gets ugly quickly. I'd rather have a separate branch.
I would touch at most 4 or 5 files.

> >I just looked at passwd-grp.sh.done (July 28) 

Oops. There is also a more recent passwd-grp.bat. I just deleted
my passwd file and ran setup. It only gave the -l switch although
I am a domain user. 
I have both a domain account and a local account with the same names. 
When I start cygwin as a domain user it incorrectly picks up my local 
account uid. However things (e.g. chmod) behave correctly with my recent 

> Will it potentially cause a delay if we use the -d switch?

Yes, e.g. if the domain user runs disconnected from the PDC. 
It could also take long in large domains. Giving the -d -u switches
would help there. 

> The same person who chided me was indicating that setup.exe was somehow
> creating files that were incorrect or that cygwin was unable to execute
> files with .exe extensions.  I don't really understand what's going on.

The "incorrect" may be from the absent -d 
I don't understand the non executable .ex, although an "ls -l" that
does not show the x is understandable.

> Does it make sense that someone would have to properly generate
> /etc/passwd and also turn off ntsec in order for things to work again?

There is a possibility in a multi domain environment that a user will deal
with files owned by a sid that does not appear in the output of a plain
mkpasswd -d. One would have to do mkpasswd -d specific-domains to have
correct display in "ls -l" and to chmod such a file (that's one thing I
know how to make work without running multiple mkpasswd). 
Turning off ntsec is then an easy  way out.


More information about the Cygwin-developers mailing list