Web lists-archives.com

Re: openssh: privilege separation no longer supported on Cygwin? SURPRISE!




On Wed, 31 May 2017 10:59:38, cyg Simple wrote:
> On 5/31/2017 10:16 AM, Houder wrote:
> > On Wed, 31 May 2017 09:27:02, cyg Simple wrote:
> > 
> > [snip]
> >> All of this talk of /etc/passwd leads me to point you to
> >> https://cygwin.com/cygwin-ug-net/ntsec.html.
> > 
> > cyg,
> > 
> > Do you want me to study that text a second, third, fourth or Xth time ...?
> > 
> 
> Yes, especially section
> https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping where it
> explains that /etc/passwd and /etc/group are now deprecated and it's use
> is for backward compatibility and that you should be using
> /etc/nsswitch.conf[1] instead.  Have you attempted this?
> 
> [1] https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch

Actually, that text reads:

 = Mapping Windows SIDs to POSIX uid/gid values:

  * Read /etc/passwd and /etc/group files if they exist, just as in the olden
    days, mainly for backward compatibility.
-----

It does not stipulate that these files are no longer supported ... Corinna did
not dare to proclaim them "deprecated".

Do I use the file /etc/nsswitch.conf? Yes, certainly. As shown in:

    https://cygwin.com/ml/cygwin/2017-05/msg00456.html
    (see bottom of post)

Do you want me to drop /etc/{passwd,group} files. Yes, you do. I will not.

Moreover, it is completely irrelevant from a logical point of view  whether
/etc/{passwd,group) or AD is used to maintain the "network administration".

Regards,

Henri


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple