This is the mail archive of the cygwin-apps mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: New Cygwin 1.7.0-18 in release-2

On Jul 18 14:09, Corinna Vinschen wrote:
> > > > On Jul 17 18:18, Eric Blake wrote:
> > > > > Somewhere between setting obcaseinsensitive to 0 yesterday and upgrading
> > > > > to the new cygwin1.dll today, I'm now suffering from an inability to
> > > > > modify files on a shared drive on my work machine.  I can create empty
> > > > > files and remove existing files just fine, but get access denied on any
> > > > > attempt to change contents.  The -1 for owner and group looks fishy as 
> > > > > well.
> [...]
> The real problem is exactly what I describe in the comment in
> fhandler_base::open().  Apparently, creating the file and sending the
> security descriptor to the server is a two step approach.  So Samba
> creates the file first, and then, afterwards, Windows sends the request
> to change the security descriptor of the file.  Now Samba can't map
> SID->uid and returns STATUS_ACCESS_DENIED.  But there seems to be no
> knowledge that the two actions are actually one system call in Windows.
> So Samba doesn't remove the file, but still, NtCreateFile failed.
> Bummer.
> I have a local workaround which I'll apply in a minute.
> However, I never really understood why the mapping from the Windows
> SID to the UNIX user fails, even though the user has been successfully
> authenticated before.  I have written a clueless mail to the samba
> developers list.  Maybe they can enlighten me.

They don't so far.  However, as a side note, with "acl" on, you currently
don't see user/group info in `ls -l', if your machines are not in fully
Windows domain integrated.  With the latest incarnation of
mkpasswd and mkgroup (from CVS, not fully functional in 1.7.0-20), you can
now ask your Samba machine for their passwd and group information:

$ mkpasswd -L samba-machine >> /etc/passwd
$ mkgroup -L samba-machine >> /etc/group

At least this works for me.  Unfortunately Samba doesn't enumerate the
UNIX user and group information from its own /etc/passwd and /etc/group
files.  For instance the user "root" is S-1-22-1-0, the group "root" is
S-1-22-2-0.  That's what you see in the Windows Explorer Security tab 
as "Unix User\root" and "Unix Group\root".  Apparently these are never
enumerated, only returned in calls to LookupAccountSid and


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]