This is the mail archive of the mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Domain Users

On Wed, 8 Oct 2003, Boris Mayer-St-Onge wrote:

> Recently, we have upgraded our version of cygwin from 1.3.12-2 to
> 1.5.5-1.  Since that, we have a problem with domain users.
> Cygwin is installed locally on each computer by the local administrator
> and it is used by domain users.  If we open a bash shell, we have the
> following messages:
> bash: cannot create temp file for here document: Permission denied

At a guess, this is because you have TEMP set to some directory that
domain users cannot access.  You could add a "TEMP=/tmp" at the top of
/etc/profile, and see if it helps.  Oh, and make sure /tmp on every
computer is mode 01777, so that it *is* writeable by everyone.

> Your group is currently "mkpasswd".  This indicates that
> the /etc/passwd (ans possibly /etc/group) files should be rebuilt.
> See the man pages for mkpasswd and mkgroup then, for example, run
> mkpasswd -l [-d] > /etc/passwd
> mkgroup -l [-d] > /etc/group
> Note that the -d switch is necessary for domain users.
> If we add "Domain Users" in the /etc/group file and one domain user in
> the /etc/passwd, this user can then use cygwin correctly (but we still
> have the message concerning the temp file.  Any hints?).

See above.

> The problem is that we have several hundren of users and some of them
> are added and deleted each week.  Is there an other solution that adding
> all the users in the /etc/passwd file?
> Boris

Unfortunately, the SID of the user should be in /etc/passwd for the user
to have full use of Cygwin's services, etc.  One possible solution in your
situation is to keep one centralized user database on a shared drive and
mount it as /etc/passwd on each machine (and similarly for groups).  That
way, when you add and remove users, you will only have to change one file.
The UIDs for the standard accounts (i.e., Administrator{,s}, SYSTEM, etc)
are usually pretty standard, at least on NT-based OSs, but I'm not too
sure about the SIDs, so you might have some problems there...  Also, be
aware that security attributes on shared drives are controlled by the
"smbntsec" setting in the CYGWIN environment variable, rather than
      |\      _,,,---,,_
ZZZzz /,`.-'`'    -.  ;-;;,_
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster."  -- Patrick Naughton

Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]