This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: get rid of getpwent? (Was: cygwin-1.7.28 getpwent header declaration changes ?)

On Feb  7 13:09, Warren Young wrote:
> On 2/7/2014 02:49, Corinna Vinschen wrote:
> >On Feb  6 14:43, Warren Young wrote:
> >>On 2/6/2014 07:13, Corinna Vinschen wrote:
> >
> >it would, of course, be possible to implement Cygwin
> >command line tools along the lines of useradd/usermod/groupdel.  For AD,
> >they would just have to use LDAP,
> 
> If by "use LDAP" you mean the ldap_* functions in the OpenLDAP
> library, I can't recommend it.  (See my other post on LDAP books.)

You can also use the calls from wldap32.dll which is available anyway.

> Such programs need not be portable.

Never said so.

> I don't see why such programs shouldn't be written straight to the
> Windows API, even though this is naughty on Cygwin.  The Win32
> security API fills the same role as libldap does on a Linux box
> configured for LDAP.

The underlying protocol is LDAP, so why not use it, given that lots of
changes to AD cannot be done using the "High Level" Net API anyway.

> You're right that such programs are probably going to be necessary,
> if Cygwin moves to SAM/AD as primary.  Windows Home edition user
> management probably won't be powerful enough to do what Cygwin
> needs, if SAM is Cygwin's Single Point of Truth on such systems.

Again, it isn't.  We will keep the passwd and group files for users
who are more comfortable with them.

We will also have an nsswitch.conf file for configuration.  I attached
my local sandbox version below.

> I want the mkpasswd and mkgroup utilities to remain available

They will, with slight changes.  The default values generated for
uid/gid numbers should preferredly reflect the automatism when reading
from SAM/AD.

> Corinna, an earlier post of yours suggested that /etc/foo was being
> kept as primary for speed reasons, but are you comparing to SAM or
> to AD? And have you tested it lately?

Did I really write something about speed?  I think SAM/AD will be mostly
quicker but they will be especially less hassle and allow centralized
maintainance, which is a real boon for admins.

Also, the new Cygwin will only read and cache the requested entries
from the passwd/group files, not the entire file.

Also, if it turns out that AD is too slow for some reason or in some
environment, we should consider to use cygserver as a centralized local
cache.  But this is something for later.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: nsswitch.conf
Description: Text document

Attachment: pgpRikdLPO1xV.pgp
Description: PGP signature

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]