Mail Archives: cygwin/2010/02/11/13:52:34

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2010/02/11/13:52:34

X-Recipient: archive-cygwin AT delorie DOT com

X-Spam-Check-By: sourceware.org

Date: Thu, 11 Feb 2010 19:52:14 +0100

From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>

To: cygwin AT cygwin DOT com

Subject: Re: cron & Windows 7

Message-ID: <20100211185214.GS28659@calimero.vinschen.de>

Reply-To: cygwin AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

References: <010601caaaca$58aa1e20$7b00a8c0 AT wirelessworld DOT airvananet DOT com> <4B73894B DOT 4060306 AT tpg DOT com DOT au> <014d01caab1d$bed91720$7b00a8c0 AT wirelessworld DOT airvananet DOT com> <20100211134116 DOT GM28659 AT calimero DOT vinschen DOT de> <01a301caab2a$1c496a70$7b00a8c0 AT wirelessworld DOT airvananet DOT com> <20100211151748 DOT GN28659 AT calimero DOT vinschen DOT de> <01ef01caab42$ed7a31c0$7b00a8c0 AT wirelessworld DOT airvananet DOT com>

MIME-Version: 1.0

In-Reply-To: <01ef01caab42$ed7a31c0$7b00a8c0@wirelessworld.airvananet.com>

User-Agent: Mutt/1.5.20 (2009-06-14)

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

On Feb 11 12:52, Pierre A. Humblet wrote:
> 
> ----- Original Message ----- 
> From: "Corinna Vinschen" 
> To: <cygwin AT cygwin DOT com>
> Sent: Thursday, February 11, 2010 10:17
> | 
> | If a domain isn't involved, why fails loading user32 DLL?!?  In that
> | case there should be no issue with the user account since the local
> | SAM replies with the correct group list.  Or not?!?
> 
> The only strange output is
> get_user_local_groups: LookupAccountName(BUILTIN\Administratoren), Win32 error 1332
> but there should be other groups, like Users.

Uh oh.  Is the name of the BUILTIN group not BUILTIN on non-English
systems?  If so, the code in get_user_local_groups must be changed to
emit the correct name, rather than just storing the fixed string
"BUILTIN\\" in builtin_grp.

[...time passes...]

Can you please check if this untested(!) code is doing the right thing?

Index: sec_auth.cc
===================================================================
RCS file: /cvs/src/src/winsup/cygwin/sec_auth.cc,v
retrieving revision 1.29
diff -u -p -r1.29 sec_auth.cc
--- sec_auth.cc	6 Feb 2010 13:13:15 -0000	1.29
+++ sec_auth.cc	11 Feb 2010 18:44:05 -0000
@@ -320,20 +320,19 @@ get_user_local_groups (PWCHAR logonserve
     }
 
   WCHAR domlocal_grp[MAX_DOMAIN_NAME_LEN + GNLEN + 2];
-  WCHAR builtin_grp[sizeof ("BUILTIN\\") + GNLEN + 2];
-  PWCHAR dg_ptr, bg_ptr;
+  WCHAR builtin_grp[2 * GNLEN + 2];
+  PWCHAR dg_ptr, bg_ptr = NULL;
   SID_NAME_USE use;
 
   dg_ptr = wcpcpy (domlocal_grp, domain);
   *dg_ptr++ = L'\\';
-  bg_ptr = wcpcpy (builtin_grp, L"BUILTIN\\");
 
   for (DWORD i = 0; i < cnt; ++i)
     {
       cygsid gsid;
       DWORD glen = MAX_SID_LEN;
       WCHAR dom[MAX_DOMAIN_NAME_LEN + 1];
-      DWORD domlen = sizeof (dom);
+      DWORD domlen = MAX_DOMAIN_NAME_LEN + 1;
 
       use = SidTypeInvalid;
       wcscpy (dg_ptr, buf[i].lgrpi0_name);
@@ -348,17 +347,35 @@ get_user_local_groups (PWCHAR logonserve
       else if (GetLastError () == ERROR_NONE_MAPPED)
 	{
 	  /* Check if it's a builtin group. */
-	  wcscpy (bg_ptr, dg_ptr);
-	  if (LookupAccountNameW (NULL, builtin_grp, gsid, &glen,
-				  dom, &domlen, &use))
+	  if (!bg_ptr)
 	    {
-	      if (!legal_sid_type (use))
-		debug_printf ("Rejecting local %W. use: %d", dg_ptr, use);
+	      cygsid bgsid ("S-1-5-32");
+	      glen = 2 * GNLEN + 2;
+	      if (!LookupAccountSidW (NULL, bgsid, builtin_grp, &glen,
+				      domain, &domlen, &use))
+		debug_printf ("LookupAccountSid(BUILTIN), %E");
 	      else
-		grp_list *= gsid;
+		{
+		  bg_ptr = builtin_grp + wcslen (builtin_grp);
+		  bg_ptr = wcpcpy (builtin_grp, L"\\");
+		  glen = MAX_SID_LEN;
+		  domlen = MAX_DOMAIN_NAME_LEN + 1;
+		}
+	    }
+	  if (bg_ptr)
+	    {
+	      wcscpy (bg_ptr, dg_ptr);
+	      if (LookupAccountNameW (NULL, builtin_grp, gsid, &glen,
+				      dom, &domlen, &use))
+		{
+		  if (!legal_sid_type (use))
+		    debug_printf ("Rejecting local %W. use: %d", dg_ptr, use);
+		  else
+		    grp_list *= gsid;
+		}
+	      else
+		debug_printf ("LookupAccountName(%W), %E", builtin_grp);
 	    }
-	  else
-	    debug_printf ("LookupAccountName(%W), %E", builtin_grp);
 	}
       else
 	debug_printf ("LookupAccountName(%W), %E", domlocal_grp);

> If we want to eliminate that possibility:
> Matthias , could you edit /etc/passwd and change your gid from 513 to 545,
> or edit /etc/group and add your id (text, not uid) in the last (currently empty) 
> field of the 545 group.
> 
> | Well, in the long run I'd like to drop the chance to add groups by adding
> | users to /etc/group.  This allows overriding AD settings for no good reason.
> I would at least keep it as backup. There have been reported cases were the DC
> does not answer due to temporary network reasons.

Yeah, it's just a nightmare for Admins...

> B.t.w. I just tried mkgroup -lu on my local XP (still 1.5). It does NOT populate users
> in some groups, in particular  Users (545)

It does not populate users in *any* group.  The option has been disabled.
The group list should only be used in rare cases, if at all.

> Also when I ssh into my home XP (1.7), I get 
> mkgroup (376): [1722] The RPC server is unavailable.

For me this also occurs in a normal console window and that's to be
expected.  -l is an `optional_argument' option.  Try `mkgroup -l -u'.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
X-Spam-Check-By:	sourceware.org
Date:	Thu, 11 Feb 2010 19:52:14 +0100
From:	Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To:	cygwin AT cygwin DOT com
Subject:	Re: cron & Windows 7
Message-ID:	<20100211185214.GS28659@calimero.vinschen.de>
Reply-To:	cygwin AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
References:	<010601caaaca$58aa1e20$7b00a8c0 AT wirelessworld DOT airvananet DOT com> <4B73894B DOT 4060306 AT tpg DOT com DOT au> <014d01caab1d$bed91720$7b00a8c0 AT wirelessworld DOT airvananet DOT com> <20100211134116 DOT GM28659 AT calimero DOT vinschen DOT de> <01a301caab2a$1c496a70$7b00a8c0 AT wirelessworld DOT airvananet DOT com> <20100211151748 DOT GN28659 AT calimero DOT vinschen DOT de> <01ef01caab42$ed7a31c0$7b00a8c0 AT wirelessworld DOT airvananet DOT com>
MIME-Version:	1.0
In-Reply-To:	<01ef01caab42$ed7a31c0$7b00a8c0@wirelessworld.airvananet.com>
User-Agent:	Mutt/1.5.20 (2009-06-14)
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Unsubscribe:	<mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com