This is the mail archive of the cygwin-apps mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: New Cygwin 1.7.0-18 in release-2


On Jul 18 14:09, Corinna Vinschen wrote:
> > > > On Jul 17 18:18, Eric Blake wrote:
> > > > > Somewhere between setting obcaseinsensitive to 0 yesterday and upgrading
> > > > > to the new cygwin1.dll today, I'm now suffering from an inability to
> > > > > modify files on a shared drive on my work machine.  I can create empty
> > > > > files and remove existing files just fine, but get access denied on any
> > > > > attempt to change contents.  The -1 for owner and group looks fishy as 
> > > > > well.
> [...]
> The real problem is exactly what I describe in the comment in
> fhandler_base::open().  Apparently, creating the file and sending the
> security descriptor to the server is a two step approach.  So Samba
> creates the file first, and then, afterwards, Windows sends the request
> to change the security descriptor of the file.  Now Samba can't map
> SID->uid and returns STATUS_ACCESS_DENIED.  But there seems to be no
> knowledge that the two actions are actually one system call in Windows.
> So Samba doesn't remove the file, but still, NtCreateFile failed.
> Bummer.
> 
> I have a local workaround which I'll apply in a minute.
> 
> However, I never really understood why the mapping from the Windows
> SID to the UNIX user fails, even though the user has been successfully
> authenticated before.  I have written a clueless mail to the samba
> developers list.  Maybe they can enlighten me.

They don't so far.  However, as a side note, with "acl" on, you currently
don't see user/group info in `ls -l', if your machines are not in fully
Windows domain integrated.  With the latest incarnation of
mkpasswd and mkgroup (from CVS, not fully functional in 1.7.0-20), you can
now ask your Samba machine for their passwd and group information:

$ mkpasswd -L samba-machine >> /etc/passwd
$ mkgroup -L samba-machine >> /etc/group

At least this works for me.  Unfortunately Samba doesn't enumerate the
UNIX user and group information from its own /etc/passwd and /etc/group
files.  For instance the user "root" is S-1-22-1-0, the group "root" is
S-1-22-2-0.  That's what you see in the Windows Explorer Security tab 
as "Unix User\root" and "Unix Group\root".  Apparently these are never
enumerated, only returned in calls to LookupAccountSid and
LookupAccountName.


HTH,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]