This is the mail archive of the mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

RE: NTSEC, passwd/group, and "544"

Corinna Vinschen wrote:
> "Masterson, Dave" wrote:
> > I'm trying to setup the NTSEC feature on Cygwin 1.1 and 
> > running into strange problems.  With NTSEC turned off, 
> > the output of "ls -l .bashrc" looks like this:
> > 
> > -rwxr-xr-x   1 dmasters dev           359 Nov  5 13:47 .bashrc*
> > 
> > With NTSEC turned on, it looks like this:
> > 
> > -rwx------   1 544      dev           359 Nov  5 13:47 .bashrc*
> >
> 544 is the admins group.

Ok, I see that now from the documentation.  However, what governs the
permissions on the file?

> If ntsec is off, the ownership might be faked dependent of the 
> contents of /etc/passwd.

How?  Does it simply assume that all files are owned by the current user
(ie. leave it to Windows to arbitrate access to the file)?
> If you are member of admins and if you create a file without ntsec
> (or in a native environemt at all) the files will not be owned by
> you but by the admins group.
> You should add an entry for the admins group to /etc/passwd similar
> to that one:
> myadmingrp::544:513:,S-1-5-32-544::/bin/false

I thought mkpasswd (without "-s") would do this by default (but "root"
instead of "myadmingrp").

> This will fix the output of ls -l in either case. On the other hand,
> _if_ you are member of the admins group and _if_ you want that the
> files will be owned by you, there's no way around of `ntsec' and/or
> using `chown'.

> > BTW, mkpasswd and mkgroup did not make the "root" account/group

> Sure. They are not intended to do it by themselves. It's _your_
> choice.

By my choice, do you mean my choice for adding "-s" to the command line?  Or
do you mean that mkpasswd doesn't add these accounts at all and its my
choice to add them by hand?

David Masterson
*	Rational Software
*	18880 Homestead Rd.
*	Cupertino, CA  95014
*	(408) 863-5150

Want to unsubscribe from this list?
Send a message to

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]