openssh: privilege separation no longer supported on Cygwin? SURPRISE!
cyg Simple
cygsimple@gmail.com
Wed May 31 20:16:00 GMT 2017
On 5/31/2017 12:34 PM, Houder wrote:
> On Wed, 31 May 2017 10:59:38, cyg Simple wrote:
>> On 5/31/2017 10:16 AM, Houder wrote:
>>> On Wed, 31 May 2017 09:27:02, cyg Simple wrote:
>>>
>>> [snip]
>>>> All of this talk of /etc/passwd leads me to point you to
>>>> https://cygwin.com/cygwin-ug-net/ntsec.html.
>>>
>>> cyg,
>>>
>>> Do you want me to study that text a second, third, fourth or Xth time ...?
>>>
>>
>> Yes, especially section
>> https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping where it
>> explains that /etc/passwd and /etc/group are now deprecated and it's use
>> is for backward compatibility and that you should be using
>> /etc/nsswitch.conf[1] instead. Have you attempted this?
>>
>> [1] https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch
>
> Actually, that text reads:
>
> = Mapping Windows SIDs to POSIX uid/gid values:
>
> * Read /etc/passwd and /etc/group files if they exist, just as in the olden
> days, mainly for backward compatibility.
> -----
>
> It does not stipulate that these files are no longer supported ... Corinna did
> not dare to proclaim them "deprecated".
>
> Do I use the file /etc/nsswitch.conf? Yes, certainly. As shown in:
>
> https://cygwin.com/ml/cygwin/2017-05/msg00456.html
> (see bottom of post)
>
> Do you want me to drop /etc/{passwd,group} files. Yes, you do. I will not.
>
That choice is yours but they are needless except for very limited needs.
> Moreover, it is completely irrelevant from a logical point of view whether
> /etc/{passwd,group) or AD is used to maintain the "network administration".
>
So what. You have to maintain separate multiple databases for the same
user.
Just give removing these two files a try to see if you have good success.
--
cyg Simple
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list