[PATCH setup 1/2] Drop group change while running postinstall scripts
Jon Turney
jon.turney@dronecode.org.uk
Tue Jul 12 12:54:48 GMT 2022
Drop group change while running postinstall scripts. This was only for
the benefit of mkgroup/mkpasswd being run by the postinstall script,
which we don't do any more.
---
postinstall.cc | 13 -------------
win32.cc | 6 +-----
2 files changed, 1 insertion(+), 18 deletions(-)
diff --git a/postinstall.cc b/postinstall.cc
index e990f52..32bc401 100644
--- a/postinstall.cc
+++ b/postinstall.cc
@@ -249,11 +249,6 @@ do_postinstall_reflector (void *p)
// Tell the postinstall results page the results string
PostInstallResults.SetResultsString(s);
- /* Revert primary group to admins group. This allows to create all the
- state files written by setup as admin group owned. */
- if (root_scope == IDC_ROOT_SYSTEM)
- nt_sec.setAdminGroup ();
-
// Tell the progress page that we're done running scripts
Progress.PostMessageNow (WM_APP_POSTINSTALL_THREAD_COMPLETE, 0,
s.empty() ? IDD_DESKTOP : IDD_POSTINSTALL);
@@ -268,14 +263,6 @@ static HANDLE context[2];
void
do_postinstall (HINSTANCE h, HWND owner)
{
- /* Switch back to original primary group. Otherwise we end up with a
- broken passwd entry for the current user.
- FIXME: Unfortunately this has the unfortunate side-effect that *all*
- files created via postinstall are group owned by the original primary
- group of the user. Find a way to avoid this at one point. */
- if (root_scope == IDC_ROOT_SYSTEM)
- nt_sec.resetPrimaryGroup ();
-
context[0] = h;
context[1] = owner;
diff --git a/win32.cc b/win32.cc
index 55072a9..62ae4eb 100644
--- a/win32.cc
+++ b/win32.cc
@@ -350,11 +350,7 @@ NTSecurity::setDefaultSecurity (bool isAdmin)
NoteFailedAPI ("SetTokenInformation(owner)");
return;
}
- /* Get original primary group. The token's primary group will be reset
- to the original group right before we call the postinstall scripts.
- This is necessary, otherwise, if the installing user is a domain user,
- the group information created by the postinstall calls to `mkpasswd -c,
- mkgroup -c' will be plain wrong. */
+ /* Get original primary group */
if (!GetTokenInformation (token.theHANDLE (), TokenPrimaryGroup,
&primaryGroupSID, sizeof primaryGroupSID, &size))
{
--
2.36.1
More information about the Cygwin-apps
mailing list