This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Testers needed: New passwd/group handling in Cygwin
- From: Achim Gratz <Stromeko at nexgo dot de>
- To: cygwin at cygwin dot com
- Date: Mon, 10 Mar 2014 19:28:59 +0100
- Subject: Re: Testers needed: New passwd/group handling in Cygwin
- Authentication-results: sourceware.org; auth=none
- References: <20140213143849 dot GH2246 at calimero dot vinschen dot de> <87fvn7cb68 dot fsf at Rainer dot invalid> <20140225200414 dot GA4238 at calimero dot vinschen dot de> <loom dot 20140310T181432-804 at post dot gmane dot org> <20140310181339 dot GF28681 at calimero dot vinschen dot de>
Corinna Vinschen writes:
>> (\??\X:\install\x86, 0x800390D0) st_size=0, st_mode=0x4000, st_ino=-197262732544
> ^^^^^^^^^^^^^^
> This is the important snippet, but I don't see how this could have been
> different before my patches. The mode is S_IFDIR and 000 permissions.
I've run the same on Cygwin64 (where I don't use the snapshot yet) and
it does indeed produce the same line. It still correctly determines
that I do have permission to change into (and write in) the directory,
but I don't know how.
> That usually means:
>
> - The owner of the file, here S-1-5-21-2052111302-842925246-682003330-75441,
> has no ACCESS_ALLOWED_ACE in the ACL, or the owner has no FILE_READ_DATA,
> FILE_WRITE_DATA, and FILE_EXECUTE permissions on the file.
>
> - The group of the file, here S-1-5-21-2052111302-842925246-682003330-513
> (Domain Users, apparently) has no ACCESS_ALLOWED_ACE in the ACL, or
> the owner has no FILE_READ_DATA, FILE_WRITE_DATA, and FILE_EXECUTE
> permissions on the file.
>
> - The Everyone group S-1-1-0 has no ACCESS_ALLOWED_ACE in the ACL, or
> the owner has no FILE_READ_DATA, FILE_WRITE_DATA, and FILE_EXECUTE
> permissions on the file.
>
> This stuff is entirely independent of the new passwd/group code, unless
> the owner and group are Samba Unix Users/Groups (S-1-22-[...]), in which
> case I made some changes in this area on 2014-02-27.
The owner is me and the primary group is indeed Domain Users. As I
said, the whole share (a NetApp filer) is set up to not forbid access to
anyone except via extended security settings that enable access for a
certain AD group (and administrative access for another). These
settings are forced upon all new files via inheritance, plus if I
managed to change this (there was such a loophole once, but it likely
has been closed) there'd be a script to periodically remove all extra
permissions.
The owner and groups are not Samba Unix as far as I can tell.
> The uid and gid values point to the fact that you're still using a
> passwd and group file. How are your /etc/nsswitch.conf settings and
> does switching to db-only make a difference?
The same test without an /etc/passwd file produces a different uid (the
original one in /etc/passwd was actually 85441 and I just changed it to
see where it came from), I haven't yet checked if the nsswitch.conf
settings make a difference.
Regards,
Achim.
--
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
SD adaptations for KORG EX-800 and Poly-800MkII V0.9:
http://Synth.Stromeko.net/Downloads.html#KorgSDada
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple