Still testing needed: New passwd/group AD/SAM integration
Andrey Repin
anrdaemon@yandex.ru
Mon Apr 14 09:05:00 GMT 2014
Greetings, Corinna Vinschen!
>> > What bugs me a bit is what this means for applications which expect
>> > fixed usernames. Sshd, for instance, expects the fixed username
>> > "sshd" right now when using privilege separation. I discussed this
>> > with the OpenSSH devs, and they understand the problem, but they think
>> > this should be handled by a Cygwin-specific function. So there's some
>> > extra work in it for me to get OpenSSH up to speed with this change,
>> > but I fear I'm not the only one. The more configurable stuff like this
>> > is, the more complicated it gets maintaining some packages.
>>
>> I really don't see a problem. Is this implementation-dependent issue?
>> 99% you are operating within "current domain" and do not need to specify
>> domain prefix at all.
> Uh, but you're missing the situation where the machine is a domain
> machine but the privilege separation account "sshd" is created in
> the local SAM. That's what the ssh-host-config script might do.
> Sshd will have to use MACHINE<separator>sshd as username for privsep
> in this case.
Never been in such situation, thanks for clarification.
--
WBR,
Andrey Repin (anrdaemon@yandex.ru) 14.04.2014, <12:57>
Sorry for my terrible english...
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list