This is the mail archive of the
cygwin-apps@cygwin.com
mailing list for the Cygwin project.
RE: Postinstall scripts and file access issues
- From: "Morrison, John" <John dot Morrison at uk dot experian dot com>
- To: cygwin-apps at cygwin dot com
- Date: Fri, 13 Aug 2004 08:36:16 +0100
- Subject: RE: Postinstall scripts and file access issues
Pierre A. Humblet wrote:
> Christopher Faylor wrote:
>>
>> On Thu, Aug 12, 2004 at 11:04:29AM -0400, Pierre A. Humblet wrote:
>>> Those of you that do not follow the Cygwin list should look at
>>> the thread <http://cygwin.com/ml/cygwin/2004-08/msg00354.html>
>>> <http://cygwin.com/ml/cygwin/2004-08/msg00280.html>
>>>
>>> In brief, postinstall scripts can produce unreadable files,
>>> due to interactions between the Windows and POSIX security
>>> models. This is particularly the case for scripts using "cp",
>>> e.g. man.sh and base-files-profile.sh (among others?).
>>> It is probably the root cause of several complaints to the list.
>>>
>>> As a maintainer, the easy way out is to "export CYGWIN=nontsec".
>>> Your script will then produce files with the same permissions as
>>> what setup itself does, so you are off the hook.
>>>
>>> If you don't do that, then you should either "touch" the destination
>>> file before copying into it, or "chmod" after the copy.
>>>
>>> This should probably go into
> <http://cygwin.com/setup.html#postinstall>
>>
>> Should we just have setup.exe set CYGWIN=nontsec and have any
>> postinstall script which needs it set it explicitly?
>
> That would be much better, but setup updates are not frequent.
> We need a relatively quick fix for man.sh and base-files-profile.sh
>
> If we update setup, then perhaps passwd-grp.sh should explicitly give
> read access to world on /etc/passwd and /etc/group, so that services
> (SYSTEM) can use them. Or the -config scripts for the services should
> do that.
Pierre, I'll do the chmod 777(?) on /etc/passwd and /etc/group and
"touch" the destination files before copy.
I've got some other changes in the line, but when I build the package
on my Debian box the resulting /etc/profile doesn't work for reasons I
seem unable to determine. I'll make an effort this weekend to do the
changes and do a 'build' from a windows machine and fix the linux
problem later.
J.
This e-mail has come from Experian International: winner of the UK's National Business of the Year Award 2003.
==========================================================================
Information in this e-mail and any attachments are confidential, and may
not be copied or used by anyone other than the addressee, nor disclosed
to any third party without our permission. There is no intention to
create any legally binding contract or other binding commitment through
the use of this electronic communication unless it is issued in accordance
with the Experian Limited standard terms and conditions of purchase or
other express written agreement between Experian Limited and the recipient
Experian Limited (registration number 653331) Registered office:
Talbot House, Talbot Street, Nottingham NG80 1TH
Although Experian has taken reasonable steps to ensure that this communication
and any attachments are free from computer virus, you are advised to take
your own steps to ensure that they are actually virus free.