This is the mail archive of the
cygwin-apps@cygwin.com
mailing list for the Cygwin project.
Building /etc/passwd from setup.exe
- From: "Pierre A. Humblet" <Pierre dot Humblet at ieee dot org>
- To: cygwin-apps at cygwin dot com
- Date: Fri, 06 Dec 2002 16:39:16 -0500
- Subject: Building /etc/passwd from setup.exe
Domain users have had recurrent troubles with /etc/passwd.
Here is why, and a proposed remedy.
TODAY
The currently released setup.exe verifies if /etc/passwd exists.
If it doesn't, setup creates the file /etc/postinstall/passwd-grp.bat
which contains
********
bin\mkpasswd -l > etc\passwd
********
That file gets executed during postinstall, creating a passwd file
with only local users.
There is also a package "base-passwd" with one file,
/etc/postinstall/passwd-grp.sh
********
#!/bin/sh
type="-l"
# if USERDOMAIN isn't empty and
# USERDOMAIN isn't the hostname then we are in a domain
if [ ! -z "$USERDOMAIN" ] && [ "$USERDOMAIN" != "`hostname`" ] ; then
# domain user
type="-d"
fi
# Should we append rather than replace?
if [ ! -e /etc/passwd ] ; then
/bin/mkpasswd ${type} > /etc/passwd
fi
if [ ! -e /etc/group ] ; then
/bin/mkgroup ${type} > /etc/group
fi
**********
That file has no effect if it runs after passwd-grp.bat, because
then the passwd file already exists. I have observed that order,
I don't know if it's deterministic.
So that's why domain users are not included, and why they are included
if they delete /etc/passwd and rerun /etc/postinstall/passwd-grp.sh.done
after setup, as has been suggested on the list.
SOON
On 2002-11-26, setup has been modified and doesn't create passwd-grp.bat
anymore. Consequently passwd-grp.sh will have an effect if passwd doesn't
exist initially. However that will create another set of problems:
1) If the cases of $USERDOMAIN and `hostname` differ, local users will
execute mkpasswd -d
2) Domain users will not execute mkgroup -l nor mkpasswd -l, so they will
be missing the local groups (Users, ...) and future logins of local
users will see HOME = / .
3) mkpasswd -d will contact the PDC, which may or may not succeed, and which
has been reported to take hours to complete. That's dangerous in a
postinstall script.
SUGGESTION
It seems desirable to
- have local users and groups always appear in /etc/passwd and /etc/group
- avoid contacting the PDC in postinstall scripts
- insure that the user running setup.exe is always included in /etc/passwd
Thus I suggest adding a switch --current (-c) to mkpasswd and to change
passwd-grp.sh to
*******
#!/bin/sh
if [ ! -e /etc/passwd ] ; then
/bin/mkpasswd -l -c > /etc/passwd
fi
if [ ! -e /etc/group ] ; then
/bin/mkgroup -l > /etc/group
fi
*******
The -c switch would produce a line about the current user if he is a
domain user, without contacting the PDC (using only internal info).
That arrangement will guarantee that the user installing Cygwin will always
have a sane passwd file. Domain users may have group "unknown", but this has
no negative side effects. This will cover most cases.
Of course, to perfect the environment, domain users should also run
"mkgroup -l -d" while they are connected to the PDC, and run
"mkpasswd -l -d" if they need to know about other domain users.
They can do that at their leisure.
Comments? Suggestions? I volunteer to add "-c".
Pierre