ssh-host-config script sends /etc/passwd thru awk

Corinna Vinschen
Wed Feb 18 14:00:00 GMT 2015

On Feb 18 14:15, Achim Gratz wrote:
> Corinna Vinschen writes:
> >> +  csih_old_cygwin ; use_file=$?
> >>    if [ ${use_file} -ne 0 -a -f /etc/nsswitch.conf ]
> >>    then
> >> -    grep -Eq "^${file}:[^#]*\<db\>" /etc/nsswitch.conf || use_file=0
> >> +    grep -Eq "^${file}:" /etc/nsswitch.conf &&
> >> +      grep -Eq "^${file}:[^#]*\<db\>" /etc/nsswitch.conf ||
> >> +       use_file=0
> >
> > And here, the test for the version is moved into the csih_old_cygwin
> > function.  So far, so good, but... in how far does this change the
> > result of csih_use_file_etc?!?  Assuming the expression has a bug,
> > wouldn't this still be the case, and the mkpasswd calls in
> > csih_create_privileged_user and csih_create_unprivileged_user
> > would still write the entry to /etc/passwd?
> >
> > Can you explain what I'm missing?
> The old test wrote to /etc/{passwd,group} when use_file!=1,
> /etc/nsswitch.conf existed and did not have a line for either passwd or
> group or if that line had no "db" on it.  If the line is missing
> altogether, then files should still not be used since the default is
> "files db", only when the line exists and omits "db".  I think…

Uh, the penny is dropping... in slow motion...

Hang on, let me try to rephrase what we need here, without letting
myself getting distracted by the code nor your patch.  I'm firmly
securing my blinders...

- If we have an old Cygwin version <= 1.7.33 ==> write to /etc/passwd

- Otherwise, if /etc/nsswitch.conf is missing, don't write.

- Otherwise, if /etc/nsswitch.conf is missing the "passwd:" entry,
  the default is "files db", don't write.

- Otherwise, if "passwd" contains "db", don't write.

- Otherwise, write.

Now lets' check the expression:

   csih_old_cygwin ; use_file=$?
   if [ ${use_file} -ne 0 -a -f /etc/nsswitch.conf ]
     grep -Eq "^${file}:" /etc/nsswitch.conf &&
       grep -Eq "^${file}:[^#]*\<db\>" /etc/nsswitch.conf ||

Old version?  use_file is 0
New version but /etc/nsswitch.conf is missing?  use_file = 1
/etc/nsswitch.conf does not contain a "passwd" line?  use_file = 1
/etc/nsswitch.conf contain a "passwd" line but no "db"?  use_file = 0
otherwise use_file = 1

Yup, that looks right.  Thanks for explaining.  I guess that should
help us along.  If you check this change in, I will release a new
csih version asap.

Thank you!

Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <>

More information about the Cygwin mailing list