Mail Archives: cygwin/2013/05/29/10:33:36

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2013/05/29/10:33:36

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:mime-version:in-reply-to:references:date

:message-id:subject:from:to:content-type; q=dns; s=default; b=sV

AdAT1HesrU6cswNxdDybKRxpqlXv9ZFJVwMaq7MLC3k+gBqOwl9spKZ/W4oOWQOs

LK1LkI2eebIbGQCBqLLON7KEM1qFObO19/01i8rJ2tl9Y/SLZ5eWdGzeI74WTaVb

KsoG5gX4JULd4CwGKrFQUQl2xDIEOb8ga4ixIuF90=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:mime-version:in-reply-to:references:date

:message-id:subject:from:to:content-type; s=default; bh=bFcKGMww

oUuo05bbNhMq3DJsqpE=; b=G4Krb7W1m1+01pEuFFACLLqtDJL9/+cblBpeNUc/

ZFqUmyicRtFt8+YLUApDGhFGjJ+wurg5s7+nEF01Ls8SieeNF4SMUEgtn4YLtmpJ

vu5+Nq3NR6Vyg2RqVJgrMo0xO82GFm24CCT096wAAvb5Sy6jZCE0DgHhGVT6w9ZZ

UrI=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

X-Spam-SWARE-Status: No, score=-3.5 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,KHOP_THREADED,RCVD_IN_DNSWL_LOW,RCVD_IN_HOSTKARMA_YE,SPF_PASS,TW_NL autolearn=ham version=3.3.1

MIME-Version: 1.0

X-Received: by 10.50.82.70 with SMTP id g6mr1358481igy.105.1369837997064; Wed, 29 May 2013 07:33:17 -0700 (PDT)

In-Reply-To: <20130529083910.GD31309@calimero.vinschen.de>

References: <CAGHJv4ftSKS6wR-Uzd9Gfvowqpn-WCQ0U01NexgCpZaYqd-Tow AT mail DOT gmail DOT com> <20130528185553 DOT GA31309 AT calimero DOT vinschen DOT de> <CAGHJv4fkvRt1gQfNTarHGUQWvdRxRsy=oAA=pjUQTLQFoNoW-g AT mail DOT gmail DOT com> <20130529083910 DOT GD31309 AT calimero DOT vinschen DOT de>

Date: Wed, 29 May 2013 10:33:16 -0400

Message-ID: <CAGHJv4cUbx_sMCwUgzTd3ZaXVgbfgPt1Fs7pOO4UtwZhFFj-uA@mail.gmail.com>

Subject: Re: Using native symlinks

From: Chris Sutcliffe <ir0nh34d AT gmail DOT com>

To: The Cygwin Mailing List <cygwin AT cygwin DOT com>

On 29 May 2013 04:39, Corinna Vinschen wrote:
> On May 28 22:23, Chris Sutcliffe wrote:
>> It works fine if I create the native symlinks in an elevated shell,
>> but does not if I create the native symlinks in a "normal" shell.  Is
>> this expected (i.e. does creating native symlinks only work in
>> elevated shells?).
>
> Welcome to the wonderful world of native NTFS symlinks!!1!11!!
>
> It's true and it works like this: Have a look into the "Local Security
> Policy" MMC Snap-in.  In the left hand tree view navigate to
> "Security Settings" -> "Local Policies" -> "User Rights Assignments".
> On the right side look for "Create symbolic links".  You will see that
> by default only members of the Administrators group are allowed to
> create symlinks.
>
> If you're running under an admin account in a non-elevated shell, your
> token has been stripped by all Admin-only user rights, so you also have
> no right to create symlinks.
>
> To workaround that, you can either add yourself to the "Create symbolic
> links" right, or you can add the "Users" group if you want to allow
> every user to create symlinks.  But this requires changing it on all
> machines manually, so alternatively you can create a domain policy which
> adds the trusted users to this user right on all machines.

I tried this approach and I'm still not having any luck with the user
being able to create native symbolic links in a non-elevated shell.
As a work around I've created a 'sudo' alias:

alias sudo='cygstart --action=runas'

which works nicely as I can launch commands elevated from a
non-elevated shell.  For running commands like winln / ln I can add
the "--hidden" option (i.e. sudo --hidden) and no cmd window will
pop-up during the execution of the command.

I figured I would pass this along in case someone else finds this useful.

Chris

--
Chris Sutcliffe
http://emergedesktop.org
http://www.google.com/profiles/ir0nh34d

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:content-type; q=dns; s=default; b=sV
	AdAT1HesrU6cswNxdDybKRxpqlXv9ZFJVwMaq7MLC3k+gBqOwl9spKZ/W4oOWQOs
	LK1LkI2eebIbGQCBqLLON7KEM1qFObO19/01i8rJ2tl9Y/SLZ5eWdGzeI74WTaVb
	KsoG5gX4JULd4CwGKrFQUQl2xDIEOb8ga4ixIuF90=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:content-type; s=default; bh=bFcKGMww
	oUuo05bbNhMq3DJsqpE=; b=G4Krb7W1m1+01pEuFFACLLqtDJL9/+cblBpeNUc/
	ZFqUmyicRtFt8+YLUApDGhFGjJ+wurg5s7+nEF01Ls8SieeNF4SMUEgtn4YLtmpJ
	vu5+Nq3NR6Vyg2RqVJgrMo0xO82GFm24CCT096wAAvb5Sy6jZCE0DgHhGVT6w9ZZ
	UrI=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
X-Spam-SWARE-Status:	No, score=-3.5 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,KHOP_THREADED,RCVD_IN_DNSWL_LOW,RCVD_IN_HOSTKARMA_YE,SPF_PASS,TW_NL autolearn=ham version=3.3.1
MIME-Version:	1.0
X-Received:	by 10.50.82.70 with SMTP id g6mr1358481igy.105.1369837997064; Wed, 29 May 2013 07:33:17 -0700 (PDT)
In-Reply-To:	<20130529083910.GD31309@calimero.vinschen.de>
References:	<CAGHJv4ftSKS6wR-Uzd9Gfvowqpn-WCQ0U01NexgCpZaYqd-Tow AT mail DOT gmail DOT com> <20130528185553 DOT GA31309 AT calimero DOT vinschen DOT de> <CAGHJv4fkvRt1gQfNTarHGUQWvdRxRsy=oAA=pjUQTLQFoNoW-g AT mail DOT gmail DOT com> <20130529083910 DOT GD31309 AT calimero DOT vinschen DOT de>
Date:	Wed, 29 May 2013 10:33:16 -0400
Message-ID:	<CAGHJv4cUbx_sMCwUgzTd3ZaXVgbfgPt1Fs7pOO4UtwZhFFj-uA@mail.gmail.com>
Subject:	Re: Using native symlinks
From:	Chris Sutcliffe <ir0nh34d AT gmail DOT com>
To:	The Cygwin Mailing List <cygwin AT cygwin DOT com>