Mail Archives: cygwin/2003/07/03/17:33:48
Just curious. What "ntsec patch" are you referring to?
Larry
Mark Priest wrote:
> Hello,
>
> I was able to fix the problem with file permissions by adding the cvs users
> into the Administrators group. This should not be necessary from my
> understanding of Cygwin and the ntsec patch. This is a bit of a security
> hole since these users have no reason to be Administrators on my Windows XP
> Professional server. I think that the permission problem I am experiencing
> in the cvs repository is some kind of bug in the ntsec patch.
>
> ----- Original Message -----
> From: "Mark Priest" <mpriest AT erols DOT com>
> To: <cygwin AT cygwin DOT com>
> Sent: Thursday, July 03, 2003 3:33 AM
> Subject: File Permission Problems on Windows XP, cygwin 1.3.22
>
>
>
>>Hello,
>>
>>I am serving a cvs repository from a Windows XP Professional machine under
>>Cygwin 1.3.22 and I believe that I am having a file permissions problem in
>>the cvs repository. My repository is located at /cvs and all cvs users
>>belong to the "cvs" group as their primary group. All directories in the
>>repository have rwx permissions for this group as well as for the owner.
>>Therefore, I should be able to replace the ,v files with a new version as
>>part of a commit for any users in the cvs group. However, only the owner
>
> of
>
>>each ,v file (i.e. the developer that added or last modified the file) can
>>successfully commit. The CYGWIN environment variable is set to 'ntsec'.
>>
>>When I commit files from a user that is not the owner of the file the
>
> commit
>
>>fails as follows:
>>
>>cvs -t commit -m "try commit" readme.txt (in directory C:\dev\bar)
>>cvs commit: notice: main loop with CVSROOT=:ext:markp AT 192 DOT 168 DOT 2 DOT 105:/cvs
>> -> Starting server: plink.exe 192.168.2.105 -i
>>C:\keys\mpriest_private.PPK -l markp cvs server
>> -> Sending file `readme.txt' to server
>>S-> write_lock(/cvs/bar)
>>S-> checkout (/cvs/bar/readme.txt,v, 1.1.1.1, , (function))
>>S-> Parse_Info (/cvs/CVSROOT/commitinfo, bar, ALL)
>>Checking in readme.txt;
>>/cvs/bar/readme.txt,v <-- readme.txt
>>S-> Parse_Info (/cvs/CVSROOT/verifymsg, bar, not ALL)
>>S-> checkout (/cvs/bar/readme.txt,v, 1.1, -ko, /tmp/cvs003472)
>>new revision: 1.2; previous revision: 1.1
>>S-> rename(/cvs/bar/,readme.txt,,/cvs/bar/readme.txt,v)
>>cvs [server aborted]: cannot rename file /cvs/bar/,readme.txt, to
>>/cvs/bar/readme.txt,v: Permission denied
>>S-> unlink_file(/cvs/bar/,readme.txt,)
>>S-> Lock_Cleanup()
>>
>>I have seen this error message discussed on the cvs mailing list archives
>>but those discussion were only relevant for cases where people hosted the
>>repository on a network share. My /cvs repository is in a local hard disk
>>directory.
>>
>>When I try to emulate a file move as this same user, markp, directly in
>
> the
>
>>repository at the cygwin command prompt I experience the same permission
>>error as follows:
>>
>>markp AT markonius /cvs/bar
>>$ id
>>uid=1019(markp) gid=1015(cvs) groups=513(None),545(Users),1015(cvs)
>>
>>markp AT markonius /cvs/bar
>>$ pwd
>>/cvs/bar
>>
>>markp AT markonius /cvs/bar
>>$ ls -alF
>>total 3
>>drwxrwxr-x+ 2 cvs cvs 0 Jul 3 02:48 ./
>>drwxrwxr-x+ 7 cvs cvs 0 Jun 30 17:16 ../
>>-r--r--r-- 1 markp cvs 542 Jun 30 17:27 bar.c,v
>>-r--r--r-- 1 markp cvs 406 Jun 30 17:16 bar.h,v
>>-r--r--r-- 1 cvsuser cvs 423 Jun 30 17:33 readme.txt,v
>>
>>markp AT markonius /cvs/bar
>>$ cp readme.txt,v tmp
>>
>>markp AT markonius /cvs/bar
>>$ ls -alF
>>total 4
>>drwxrwxr-x+ 2 cvs cvs 0 Jul 3 02:50 ./
>>drwxrwxr-x+ 7 cvs cvs 0 Jun 30 17:16 ../
>>-r--r--r-- 1 markp cvs 542 Jun 30 17:27 bar.c,v
>>-r--r--r-- 1 markp cvs 406 Jun 30 17:16 bar.h,v
>>-r--r--r-- 1 cvsuser cvs 423 Jun 30 17:33 readme.txt,v
>>-r--r--r-- 1 markp cvs 423 Jul 3 02:50 tmp
>>
>>markp AT markonius /cvs/bar
>>$ mv tmp readme.txt,v
>>mv: cannot move `tmp' to `readme.txt,v': Permission denied
>>
>>markp AT markonius /cvs/bar
>>$ echo $CYGWIN
>>ntsec
>>
>>markp AT markonius /cvs/bar
>>
>>
>>When I perform this same operation as the file owner the attempt succeeds
>>(and so does a regular CVS commit operation) as follows:
>>
>>cvsuser AT markonius /cvs/bar
>>$ id
>>uid=1016(cvsuser) gid=1015(cvs) groups=513(None),545(Users),1015(cvs)
>>
>>cvsuser AT markonius /cvs/bar
>>$ echo $CYGWIN
>>ntsec
>>
>>cvsuser AT markonius /cvs/bar
>>$ pwd
>>/cvs/bar
>>
>>cvsuser AT markonius /cvs/bar
>>$ ls -alF
>>total 3
>>drwxrwxr-x+ 2 cvs cvs 0 Jul 3 02:53 ./
>>drwxrwxr-x+ 7 cvs cvs 0 Jun 30 17:16 ../
>>-r--r--r-- 1 markp cvs 542 Jun 30 17:27 bar.c,v
>>-r--r--r-- 1 markp cvs 406 Jun 30 17:16 bar.h,v
>>-r--r--r-- 1 cvsuser cvs 423 Jun 30 17:33 readme.txt,v
>>
>>cvsuser AT markonius /cvs/bar
>>$ cp readme.txt,v tmp
>>
>>cvsuser AT markonius /cvs/bar
>>$ ls -alF
>>total 4
>>drwxrwxr-x+ 2 cvs cvs 0 Jul 3 02:53 ./
>>drwxrwxr-x+ 7 cvs cvs 0 Jun 30 17:16 ../
>>-r--r--r-- 1 markp cvs 542 Jun 30 17:27 bar.c,v
>>-r--r--r-- 1 markp cvs 406 Jun 30 17:16 bar.h,v
>>-r--r--r-- 1 cvsuser cvs 423 Jun 30 17:33 readme.txt,v
>>-r--r--r-- 1 cvsuser cvs 423 Jul 3 02:53 tmp
>>
>>cvsuser AT markonius /cvs/bar
>>$ mv tmp readme.txt,v
>>
>>cvsuser AT markonius /cvs/bar
>>$ ls -alF
>>total 3
>>drwxrwxr-x+ 2 cvs cvs 0 Jul 3 02:53 ./
>>drwxrwxr-x+ 7 cvs cvs 0 Jun 30 17:16 ../
>>-r--r--r-- 1 markp cvs 542 Jun 30 17:27 bar.c,v
>>-r--r--r-- 1 markp cvs 406 Jun 30 17:16 bar.h,v
>>-r--r--r-- 1 cvsuser cvs 423 Jul 3 02:53 readme.txt,v
>>
>>I have attached the results of cygcheck to this email and I have the
>
> CYGWIN
>
>>environment variable set to 'ntsec'.
>>
>>Please help me understand what is wrong with my repository file
>
> permissions.
>
>>Thanks,
>>Mark
--
Larry Hall http://www.rfk.com
RFK Partners, Inc. (508) 893-9779 - RFK Office
838 Washington Street (508) 893-9889 - FAX
Holliston, MA 01746
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -