This is the mail archive of the cygwin-apps@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: Postinstall scripts and file access issues


Pierre A. Humblet wrote:
> Christopher Faylor wrote:
>> 
>> On Thu, Aug 12, 2004 at 11:04:29AM -0400, Pierre A. Humblet wrote:
>>> Those of you that do not follow the Cygwin list should look at
>>> the thread <http://cygwin.com/ml/cygwin/2004-08/msg00354.html>
>>> <http://cygwin.com/ml/cygwin/2004-08/msg00280.html>
>>> 
>>> In brief, postinstall scripts can produce unreadable files,
>>> due to interactions between the Windows and POSIX security
>>> models. This is particularly the case for scripts using "cp",
>>> e.g. man.sh and base-files-profile.sh (among others?).
>>> It is probably the root cause of several complaints to the list.
>>> 
>>> As a maintainer, the easy way out is to "export CYGWIN=nontsec".
>>> Your script will then produce files with the same permissions as
>>> what setup itself does, so you are off the hook.
>>> 
>>> If you don't do that, then you should either "touch" the destination
>>> file before copying into it, or "chmod" after the copy.
>>> 
>>> This should probably go into
> <http://cygwin.com/setup.html#postinstall>
>> 
>> Should we just have setup.exe set CYGWIN=nontsec and have any
>> postinstall script which needs it set it explicitly?
> 
> That would be much better, but setup updates are not frequent.
> We need a relatively quick fix for man.sh and base-files-profile.sh
> 
> If we update setup, then perhaps passwd-grp.sh should explicitly give
> read access to world on /etc/passwd and /etc/group, so that services
> (SYSTEM) can use them. Or the -config scripts for the services should
> do that. 

Pierre, I'll do the chmod 777(?) on /etc/passwd and /etc/group and
"touch" the destination files before copy.

I've got some other changes in the line, but when I build the package
on my Debian box the resulting /etc/profile doesn't work for reasons I
seem unable to determine.  I'll make an effort this weekend to do the
changes and do a 'build' from a windows machine and fix the linux
problem later.

J.


This e-mail has come from Experian International: winner of the UK's National Business of the Year Award 2003.

==========================================================================
Information in this e-mail and any attachments are confidential, and may 
not be copied or used by anyone other than the addressee, nor disclosed 
to any third party without our permission. There is no intention to 
create any legally binding contract or other binding commitment through 
the use of this electronic communication unless it is issued in accordance 
with the Experian Limited standard terms and conditions of purchase or 
other express written agreement between Experian Limited and the recipient 
Experian Limited (registration number 653331) Registered office: 
Talbot House, Talbot Street, Nottingham NG80 1TH

Although Experian has taken reasonable steps to ensure that this communication 
and any attachments are free from computer virus, you are advised to take 
your own steps to ensure that they are actually virus free.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]