Testers needed: New passwd/group handling in Cygwin

Achim Gratz Stromeko@nexgo.de
Mon Mar 10 19:21:00 GMT 2014 

Corinna Vinschen writes:
>> (\??\X:\install\x86, 0x800390D0) st_size=0, st_mode=0x4000, st_ino=-197262732544
>                                               ^^^^^^^^^^^^^^
> This is the important snippet, but I don't see how this could have been
> different before my patches.  The mode is S_IFDIR and 000 permissions.

I've run the same on Cygwin64 (where I don't use the snapshot yet) and
it does indeed produce the same line.  It still correctly determines
that I do have permission to change into (and write in) the directory,
but I don't know how.

> That usually means:
>
> - The owner of the file, here S-1-5-21-2052111302-842925246-682003330-75441,
>   has no ACCESS_ALLOWED_ACE in the ACL, or the owner has no FILE_READ_DATA,
>   FILE_WRITE_DATA, and FILE_EXECUTE permissions on the file.
>
> - The group of the file, here S-1-5-21-2052111302-842925246-682003330-513
>   (Domain Users, apparently) has no ACCESS_ALLOWED_ACE in the ACL, or
>   the owner has no FILE_READ_DATA, FILE_WRITE_DATA, and FILE_EXECUTE
>   permissions on the file.
>
> - The Everyone group S-1-1-0 has no ACCESS_ALLOWED_ACE in the ACL, or
>   the owner has no FILE_READ_DATA, FILE_WRITE_DATA, and FILE_EXECUTE
>   permissions on the file.
>
> This stuff is entirely independent of the new passwd/group code, unless
> the owner and group are Samba Unix Users/Groups (S-1-22-[...]), in which
> case I made some changes in this area on 2014-02-27.

The owner is me and the primary group is indeed Domain Users.  As I
said, the whole share (a NetApp filer) is set up to not forbid access to
anyone except via extended security settings that enable access for a
certain AD group (and administrative access for another).  These
settings are forced upon all new files via inheritance, plus if I
managed to change this (there was such a loophole once, but it likely
has been closed) there'd be a script to periodically remove all extra
permissions.

The owner and groups are not Samba Unix as far as I can tell.

> The uid and gid values point to the fact that you're still using a
> passwd and group file.  How are your /etc/nsswitch.conf settings and
> does switching to db-only make a difference?

The same test without an /etc/passwd file produces a different uid (the
original one in /etc/passwd was actually 85441 and I just changed it to
see where it came from), I haven't yet checked if the nsswitch.conf
settings make a difference.


Regards,
Achim.
-- 
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

SD adaptations for KORG EX-800 and Poly-800MkII V0.9:
http://Synth.Stromeko.net/Downloads.html#KorgSDada

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list