This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: RFC2307 accounts

Le 09/03/2016 12:27, Corinna Vinschen a Ãcrit :
On Mar  9 11:42, Marc Rechte wrote:
Le 09/03/2016 10:14, Mark Geisert a Ãcrit :
Marc Rechte wrote:

   Trying to set RFC2307 accounts, using unix schema in

Your original post of this material was answered about 30 minutes after
your post.  Kindly follow up there...
Sorry, I did not get that answer emailed to me (some confusion during the

I am not clear with answer given by Corinna.

The idea behind RFC2307, imho is to have a consistent UID/GID between
systems which have joined a domain. This is what we achieved in our domain,
where a user login into whatever Linux box, gets the same uid/gid. One would
expect the same behaviour in cygwin (on a joined machine), wouldn't he ?
That's not the idea behind the uid/gid mapping.  You might have noticed
that "unix" is not used as a keyword in the passwd and group settings
in /etc/nsswitch.conf, only in the db_home, db_shell, and db_gecos settings.

Keep in mind that we have two mappings.  The main mapping is the mapping
between Windows SID and a computed uid/gid value used in Cygwin which
allows fast mapping in both directions.  A computed value drops the
requirement to access an LDAP server for the mapping, which is
especially bad when not using AD as mapping server.

Please read
again.  The RFC 2307 mapping only comes into play when reading meta
information from an NFS or Samba share.  The unix uid/gid values have to
be mapped to a Windows user (better: SID) in the first place, not to the
Cygwin uid/gid values.  The actual uid/gid values are irrelevant.  Worse,
using the RFC 2307 values might collide with other, computed uid/gid


OK, I noticed that. Now it brings me a problem using rsync on cygwin.

On cygwin:
$ cat /etc/rsyncd.conf
        path = /cygdrive/c/tmp
        comment = zone de test
        fake super = yes
        read only = no

On the Linux box:
# ls -l /home/tunix/
drwxr-xr-x  3 tunix root                     4096  9 mars  12:23 resto_win
-rw-rw-r--+ 1 tunix utilisateurs_du_domaine 82882  9 mars  10:56

#  rsync -avz --acls --delete /home rsync://
# rsync -avz --acls --delete rsync:// resto_win/
# ls -l /home/tunix/resto_win/tunix/
drwx------ 2 1050005 1049089  4096  9 mars  12:14 resto_win
-rw------- 1 1050005 1049089 82882  9 mars  10:56

You will notice that owner, group and ACLs  are *not* restored properly

Am I demanding too much to cygwin ?

Thanks for your time.


Attachment: smime.p7s
Description: Signature cryptographique S/MIME

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]