This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [1.7] passwd: useless if used with a logged on domain user

On Mon, Mar 23, 2009 at 14:59, Corinna Vinschen wrote:
> On Mar 23 14:35, J?lio Costa wrote:
>> On Sun, Mar 22, 2009 at 19:22, Corinna Vinschen wrote:
>> > On Mar 22 17:34, J?lio Costa wrote:
>> >> ~ $ ./my_passwd.exe -S SYSTEM
>> >> my_passwd: unknown user SYSTEM
>> >
>> > The SYSTEM user is not in the user database. ÂSo that's an expected
>> > result.
>> >
>> It is in mine:
>> ~ $ grep system /etc/passwd
>> system:*:18:544:,S-1-5-18::
> Let me rephrase:
> Â"The SYSTEM user is not in the *Windows* user database."

Ah, ok. So, this test was rubbish. Well, it's always good to test all
code paths, right? :)

>> I've come to some conclusions in this process. Here they are:
>> #1 li -> usri3_priv (line 552, 587 and 594) will only tell you if the
>> logged on user is (isn't) admin in his/her LOGON domain! But what is
>> needed here is to know if the logged on user is (isn't) admin in the
>> TARGET domain/server, where is the TARGET account!
> So you mean we should rather check if the user is in the Administrators
> group (S-1-5-32-544)?

Because the info in usri3_priv is wrong if you have different logon
and target domains/servers, and you can't convince NetUserGetInfo to
give you (e.g.) the local view (that is, query NULL server) about a
domain user (that was the only way that could produce the right
usri3_priv value in my test case).

>> #2 Just querying (-S) the account characteristics does not need Admin
>> priviledges, so the test in 552 should be done instead inside the
>> if@576; And should be a different test, from what is said in #1;
>> #3 Generally, commands in Windows without providing additional
>> information defaults to the local machine. So should passwd.
>> Currently, I'm forced to say '-d $HOSTNAME' to ensure that the target
>> user is really on the local machine. This is not coherent behaviour
>> because it depends or not on if the current logged on user cames from
>> a domain or is local. Currently the csih script breaks in his call to
>> passwd due to this. Which breaks sshd-host-config (and maybe others?)
>> I think the most coherent behaviour should be: 'if '-d' is not
>> supplied, the TARGET domain is always LOCAL; otherwise, follow
>> supplied domain'. It is precisely how NET USER and friends works, with
>> the '/DOMAIN' parameter, with the added tweak that you don't even have
>> to name the logon domain (although it could be done like this in
>> passwd also, i think...)
> That sounds about right. ÂI agree. ÂExcept in the case I'm just calling
> `passwd' without a user name in which case I definitely want to change
> my own password.

Yes, of course. That is the primary/historical use of passwd, after all.

>> But I'll keep trying to achieve a stable version. Unless, of course,
>> you think that this is not "the way"(tm) to do it...
> Using CheckTokenMembership isn't quite the way to go. ÂIf I understand
> you right that the idea is just checking if the token contains the
> well-known Administrators group, I'll check in something equivalent.

Ok. I'll be waiting for the a new check-in, then.

Once again, many thanks for looking into this.

Julio Costa

Unsubscribe info:
Problem reports:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]