Still testing needed: New passwd/group AD/SAM integration
Corinna Vinschen
corinna-cygwin@cygwin.com
Fri Apr 11 12:19:00 GMT 2014
On Apr 10 14:20, Eric Blake wrote:
> On 04/10/2014 01:04 PM, Corinna Vinschen wrote:
> > A local cygwin user told me that the users in their company would
> > probably be confused by the '+ or, FWIW, any other non-backslash char,
> > because they were drilled to see and use usernames always in domain\name
> > form, or even in domain\\user form when logging in to Linux.
> >
> > I like slashes a lot more for obvious reasons. But maybe, and that
> > wouldn't be too hard to implement, we could accept account names with
> > slash and with backslash, just as we do with pathnames. Output of
> > usernames would be with slashes, of course.
>
> POSIX says:
> [...]
> In short, in POSIX systems, user names are solely from the set
> [-_.a-zA-Z0-9]; which excludes +, \, or any other separator we come up
> with. I'm fine with using a non-portable character (this is, after all,
> a cygwin extension of how to map Windows user names to a Linux emulation
> environment). But keeping in mind the rules on tilde expansion,
>
> ~a+b/file
>
> can undergo tilde expansion for username 'a+b', but
>
> ~a\\b/file
>
> cannot do so, because the \ is necessarily always quoted. There is no
> way to get tilde expansion to work for a username containing a shell
> metacharacter, which frowns on quite a few otherwise useful characters,
> including \.
>
> Worse, the thought of using / as the separator gives me the willies - it
> is BOUND to go wrong. The expression
>
> ~a/b/file
>
> is NOT requesting 'file' within user 'a/b's home, but 'b/file' within
> user 'a's home.
This is a really good point. This effectively eliminates slash from
the picture and the backslash reduces usability a lot, it seems.
So we might actually be better off by sticking to a configurable
separator char and default '+'?
What bugs me a bit is what this means for applications which expect
fixed usernames. Sshd, for instance, expects the fixed username
"sshd" right now when using privilege separation. I discussed this
with the OpenSSH devs, and they understand the problem, but they think
this should be handled by a Cygwin-specific function. So there's some
extra work in it for me to get OpenSSH up to speed with this change,
but I fear I'm not the only one. The more configurable stuff like this
is, the more complicated it gets maintaining some packages.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20140411/cb6cdb58/attachment.sig>
More information about the Cygwin
mailing list