Problem with "None" Group on Non-Domain Members

Larry Hall (Cygwin) reply-to-list-only-lh@cygwin.com
Mon May 5 22:09:00 GMT 2014 

On 05/05/2014 05:57 PM, Chris J. Breisch wrote:
> Larry Hall (Cygwin) wrote:
>> On 05/05/2014 02:56 PM, Chris J. Breisch wrote:
>>> Corinna Vinschen wrote:
>>>> On May 5 12:17, Chris J. Breisch wrote:
>>>>> Corinna Vinschen wrote:
>>>>>> An strace of `chmod 400 bar' might sched some light on this issue,
>>>>>> but I
>>>>>> have a gut feeling the underlying WIndows call will not even return an
>>>>>> error code...
>>>>> Attached. Your gut seems to be working today...
>>>>
>>>> There *is* something weird here. Look at this:
>>>>
>>>>> 151 36702 [main] chmod 5536 alloc_sd: uid 1001, gid 513, attribute
>>>>> 0x2190
>>>>> 65 36767 [main] chmod 5536 cygsid::debug_print: alloc_sd: owner SID
>>>>> = S-1-5-21-3514886939-1786686319-3519756147-1001 (+)
>>>>> 70 36837 [main] chmod 5536 cygsid::debug_print: alloc_sd: group SID
>>>>> = S-1-5-21-3514886939-1786686319-3519756147-1001 (+)
>>>>
>>>> alloc_sd (the underlying function creating a security descriptor) gets
>>>> a uid 1001 and gid 513 as input, as usual. But the owner *and* group
>>>> SIDs of the file's existing security descriptor is
>>>> S-1-5-21-3514886939-1786686319-3519756147-1001, the SID of your user
>>>> account.
>>>>
>>>> Why is your user account the primary group of the file, even though
>>>> your user token definitely has "None" (513) as its primary group?
>>>> How did it get there?
>>>>
>>> I don't have a clue. You're the expert. :)
>>>
>>
>> I'm wondering if we're getting the user id as the group for the MS
>> Account because there is no group id. Chris, what does 'id' for
>> each of these accounts look like and is the group id (assuming they
>> are different that the user id) in there?
>>
>>
>
> Well, I hope I'm not comparing apples and oranges, because now I'm at home.
> However, I have duplicated the scenario and results on this machine. It was
> actually where I noticed it first.
>
> id produces expected results:
>
> MS account:
> $ id
> uid=1001(Chris) gid=513(None) groups=513(None),545(Users),1003(HomeUsers)
>
> Local account:
> $ id
> uid=1007(cjb) gid=513(None) groups=513(None),545(Users),1003(HomeUsers)

<snip>

OK, thanks.  That answers my question but doesn't give any insight into
the original issue. :-(

-- 
Larry

_____________________________________________________________________

A: Yes.
 > Q: Are you sure?
 >> A: Because it reverses the logical flow of conversation.
 >>> Q: Why is top posting annoying in email?

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list