This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: RFC: 1.7.33 problem with user's home directory


On Nov 10 23:09, Warren Young wrote:
> On Nov 10, 2014, at 1:52 PM, Corinna Vinschen <corinna-cygwin@cygwin.com> wrote:
> 
> > Shall the "db" entries utilize the Windows home folder if it exits(*)
> > and drop using the unixHomeDirectory?  It seems inevitableâ
> 
> Use of AD implies some level of security consciousness.  The ability to write to c:\cygwin â not just during installation, but during all use thereafter! â comes out of a world where every user is a local Administrator.
> 
> This answer I wrote on Stack Overflow is one way to solve the problem today:
> 
>     http://stackoverflow.com/questions/26666180/
> 
> It might not be a bad idea if Cygwin started doing this sort of thing by default in the future.  (Obviously for new installs only.)

What I gather from the replies so far is this:

- Nobody really cares for unixHomeDirectory.

- Some want to use the Windows home folder.

- Some want Cygwin to utilize the HOMEPATH dir.

- Some want Cygwin to use always it's own /home and do everything else
  via symlinks or mount points.

The problem so far is that I'm not sure it's clear to everybody what
I mean.  I'm *not* talking about a default value which can easily be
overridden by tweaking /etc/passwd.  I'm talking about what the passwd
entry contains if there's no passwd file, and the admins want to keep
the administration strictly inside AD.  The passwd entry gets generated
from what AD provides.  And here we need a sensible default behaviour.

One possible, but not naturally useful default behaviour is what
the current code does:

1. Utilize the unixHomeDirectory AD attribute.
2. If unixHomeDirectory is empty, fall back to /home/$USER.

Another possible behaviour:

1. Utilize the homeDirectory AD attribute (aka %HOMEDRIVE%%HOMEPATH%).
2. If homeDirectory is empty, fall back to /home/$USER.

Another:

1. Always use /home/$USER and let the admins come up with a matching
   mount point scheme.

Another:

1. Add a setting to /etc/nsswitch.conf which allows to specify one of
  the above:

    home: [unix|win|home]...

   - "unix" means, set pw_dir to unixHomeDirectory
   - "win" means, set pw_dir to homeDirectory
   - "home" means, set pw_dir to /home/$USER
   - Multiple entries are possible.
   - Default in the absence of this setting is: always set pw_dir to
     /home/$USER.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgp81PptdofYh.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]