Mail Archives: cygwin/2014/03/10/14:29:28

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2014/03/10/14:29:28

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:from:to:subject:references:date:in-reply-to

:message-id:mime-version:content-type; q=dns; s=default; b=K2u4f

z/Ahp6/V3Z2tk9jU4KVOBoN8s3QpoQ+aW8wE0rIRT3cdM9Bmr/8ipYHQupvKRyJ6

d5P0wffAR+p2f1PJ2IiBcYtogUkUe3pqg98UYx5WdLB30ER001miBmAV78gabZq8

2J8s7SJgSa5Fw4p3eaPrit4c0BYLSqtauiEVZQ=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:from:to:subject:references:date:in-reply-to

:message-id:mime-version:content-type; s=default; bh=SQlZxsYEUz5

I2mUM+I/5Piz+LN8=; b=heKacy4sCFggNl8J/My+KfBvbU1nwPLab5wSd6azo2L

PXKrJSYGDD8YyRECcZDPYWxx+daGfuxhhilrmdRFUwJ2+9UWblrK6B1TxqK0XIy9

FjyRGaQr+Y7SEJspWmTTL3p053KhxylJK6+idxacEnSpcr1iVD/syNXrjtkIgiJU

=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-6.0 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2

X-HELO: mail-in-09.arcor-online.net

X-DKIM: Sendmail DKIM Filter v2.8.2 mail-in-04.arcor-online.net F3D90AA1D0

From: Achim Gratz <Stromeko AT nexgo DOT de>

To: cygwin AT cygwin DOT com

Subject: Re: Testers needed: New passwd/group handling in Cygwin

References: <20140213143849 DOT GH2246 AT calimero DOT vinschen DOT de> <87fvn7cb68 DOT fsf AT Rainer DOT invalid> <20140225200414 DOT GA4238 AT calimero DOT vinschen DOT de> <loom DOT 20140310T181432-804 AT post DOT gmane DOT org> <20140310181339 DOT GF28681 AT calimero DOT vinschen DOT de>

Date: Mon, 10 Mar 2014 19:28:59 +0100

In-Reply-To: <20140310181339.GF28681@calimero.vinschen.de> (Corinna Vinschen's message of "Mon, 10 Mar 2014 19:13:39 +0100")

Message-ID: <87mwgxsyac.fsf@Rainer.invalid>

User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)

MIME-Version: 1.0

Corinna Vinschen writes:
>> (\??\X:\install\x86, 0x800390D0) st_size=0, st_mode=0x4000, st_ino=-197262732544
>                                               ^^^^^^^^^^^^^^
> This is the important snippet, but I don't see how this could have been
> different before my patches.  The mode is S_IFDIR and 000 permissions.

I've run the same on Cygwin64 (where I don't use the snapshot yet) and
it does indeed produce the same line.  It still correctly determines
that I do have permission to change into (and write in) the directory,
but I don't know how.

> That usually means:
>
> - The owner of the file, here S-1-5-21-2052111302-842925246-682003330-75441,
>   has no ACCESS_ALLOWED_ACE in the ACL, or the owner has no FILE_READ_DATA,
>   FILE_WRITE_DATA, and FILE_EXECUTE permissions on the file.
>
> - The group of the file, here S-1-5-21-2052111302-842925246-682003330-513
>   (Domain Users, apparently) has no ACCESS_ALLOWED_ACE in the ACL, or
>   the owner has no FILE_READ_DATA, FILE_WRITE_DATA, and FILE_EXECUTE
>   permissions on the file.
>
> - The Everyone group S-1-1-0 has no ACCESS_ALLOWED_ACE in the ACL, or
>   the owner has no FILE_READ_DATA, FILE_WRITE_DATA, and FILE_EXECUTE
>   permissions on the file.
>
> This stuff is entirely independent of the new passwd/group code, unless
> the owner and group are Samba Unix Users/Groups (S-1-22-[...]), in which
> case I made some changes in this area on 2014-02-27.

The owner is me and the primary group is indeed Domain Users.  As I
said, the whole share (a NetApp filer) is set up to not forbid access to
anyone except via extended security settings that enable access for a
certain AD group (and administrative access for another).  These
settings are forced upon all new files via inheritance, plus if I
managed to change this (there was such a loophole once, but it likely
has been closed) there'd be a script to periodically remove all extra
permissions.

The owner and groups are not Samba Unix as far as I can tell.

> The uid and gid values point to the fact that you're still using a
> passwd and group file.  How are your /etc/nsswitch.conf settings and
> does switching to db-only make a difference?

The same test without an /etc/passwd file produces a different uid (the
original one in /etc/passwd was actually 85441 and I just changed it to
see where it came from), I haven't yet checked if the nsswitch.conf
settings make a difference.

Regards,
Achim.
-- 
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

SD adaptations for KORG EX-800 and Poly-800MkII V0.9:
http://Synth.Stromeko.net/Downloads.html#KorgSDada

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:subject:references:date:in-reply-to
	:message-id:mime-version:content-type; q=dns; s=default; b=K2u4f
	z/Ahp6/V3Z2tk9jU4KVOBoN8s3QpoQ+aW8wE0rIRT3cdM9Bmr/8ipYHQupvKRyJ6
	d5P0wffAR+p2f1PJ2IiBcYtogUkUe3pqg98UYx5WdLB30ER001miBmAV78gabZq8
	2J8s7SJgSa5Fw4p3eaPrit4c0BYLSqtauiEVZQ=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:subject:references:date:in-reply-to
	:message-id:mime-version:content-type; s=default; bh=SQlZxsYEUz5
	I2mUM+I/5Piz+LN8=; b=heKacy4sCFggNl8J/My+KfBvbU1nwPLab5wSd6azo2L
	PXKrJSYGDD8YyRECcZDPYWxx+daGfuxhhilrmdRFUwJ2+9UWblrK6B1TxqK0XIy9
	FjyRGaQr+Y7SEJspWmTTL3p053KhxylJK6+idxacEnSpcr1iVD/syNXrjtkIgiJU
	=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-6.0 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.2
X-HELO:	mail-in-09.arcor-online.net
X-DKIM:	Sendmail DKIM Filter v2.8.2 mail-in-04.arcor-online.net F3D90AA1D0
From:	Achim Gratz <Stromeko AT nexgo DOT de>
To:	cygwin AT cygwin DOT com
Subject:	Re: Testers needed: New passwd/group handling in Cygwin
References:	<20140213143849 DOT GH2246 AT calimero DOT vinschen DOT de> <87fvn7cb68 DOT fsf AT Rainer DOT invalid> <20140225200414 DOT GA4238 AT calimero DOT vinschen DOT de> <loom DOT 20140310T181432-804 AT post DOT gmane DOT org> <20140310181339 DOT GF28681 AT calimero DOT vinschen DOT de>
Date:	Mon, 10 Mar 2014 19:28:59 +0100
In-Reply-To:	<20140310181339.GF28681@calimero.vinschen.de> (Corinna Vinschen's message of "Mon, 10 Mar 2014 19:13:39 +0100")
Message-ID:	<87mwgxsyac.fsf@Rainer.invalid>
User-Agent:	Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux)
MIME-Version:	1.0