Mail Archives: cygwin/2014/07/23/05:14:33
--7cm2iqirTL37Ot+N
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Jul 23 10:06, D. Boland wrote:
> Hi Cygwin lovers,
>=20
> After some weeks of serious compiling, researching, understanding, fixing=
, testing
> and compiling again, I managed to get the Sendmail source code compiled a=
nd working.
>=20
> But I had to compromise in some critical areas. One of them is the uid is=
sue.
>=20
> * sendmail, procmail, mail.local assume that the id of the privileged use=
r is '0'.
>=20
> Within the current Cygwin DLL, this is '18'. So the maintainer of, let's =
say, the
> procmail code has to change a constant, named ROOT_uid to be 18 if compil=
ed in
> cygwin. I had to do the same in Sendmails' own Mail Delivery Agent, 'mail=
.local'.
The port of procmail is old (2004), and not changed ever since.
This patch is old and wrong.
> But that's no real fix. That's a work-around. Cygwin is supposed to emula=
te Linux,
> so why not change the 'getuid' function to return '0' if the uid is '18'?=
This is
> exactly what all Linux source code expects, so we would never have to wor=
ry about it
> again.
>=20
> Instead, maintainers constantly have to "correct" this "bug" in every new=
version of
> their source code.
>=20
> The general idea behind this is "never to break user space", where the pr=
ograms are
> seen as the users. Actually, it's Linus Torwalds's first rule of kernel p=
rogramming
> and one can read here how serious he is about this:
>=20
> https://lkml.org/lkml/2012/12/23/75
Doesn't work well with systemd...
> Isn't it about time to make this our First Directive also?
Not in relation to the uid. In contrast to Linux we don't have the one
single root user. We have potentially endless numbers of them, and one
of them, not necessarily SYSTEM, is used to run the service. Keep in
mind that there may also be company policy in place which disallows
installing services under specific accounts unless absolutely necessary.
Therefore, while we mostly strive to make Cygwin accommodate user
space, we're not able to do it related to the root uid.
The right thing to do is to add Cygwin-required tweaks in the most
unobtrusive way you can come up with and send them upstream. Cygwin is
by far not the only platform which requires upstream patches. Most
portable projects have platform-specifc code. Think of using pam for
authentication, socket options only available on some platforms and
more. There is nothing inherently bad or wrong with that and upstream
maintainers striving for portability will take platform-specific changes
if they are nicely written and the maintainer can be convinced of the
necessity.
As for the root checks, if you *must* check for an administrative user
account, check if the group 544 is in the user token (getgroups(3),
getgrouplist(3)).
Other than that, there's often code checking file ownership, along
the lines of
if (stat.st_uid !=3D 0)
...
For Cygwin, convert these checks to something along the lines of
if (stat.st_uid !=3D getuid ())
...
Because it's basically the same thing, while allowing to run the
service under any account.
Even better, try to convince the upstream maintainer to change these
tests into a platform-specific function call, for instance:
if (is_admin (stat.st_uid !=3D 0))
...
int
is_admin (uid_t uid)
{
#ifdef __CYGWIN__
return [getgrouplist(uid, ...) contains group 544];
#else [other platform]
return [different test];
#else
return uid =3D=3D 0;
#endif
}
Corinna
--=20
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
--7cm2iqirTL37Ot+N
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJTz3zhAAoJEPU2Bp2uRE+gNIQP/jVUWekpb3yaEqTP/hi3bx7m
0TfZkbVtYp3nh6xpUT771q1gi1Maf39zj5jaH8y2iXTEVIyEDtbqSx6ve9btffm9
RXSK42U91xYFEeVTsPTTyvqz7mDy4ScCaBxzvSHJqwK2DC5CUrDKm4/gwE4BsiFT
oZm58PUMXNhylX0X8HI5kCwnroB7iB8NtFPXAk4G9iQJiC6myUHN6CacjTEWojKZ
MLqvhvHQ2/4CdskwqCTYTqYl20D93dr2I061vnWF/6dClLhoVEML2rYz34mYSkc+
E/WWM3KjI/OsBGWk2J+lpLL7EAoSd1rpZdYcSFt1NorP9mUZ6+Q3oTduxnDu2bn0
8AsPZwgx7RYhlFS5V+VMiqfU5/LSvZpOfLgadpAo6f3PBY/WQsKyr+E8Fb11RprU
QyVcniOxm/KuDgOcYDAqOOESrXpV71BBb/8gn+D0tBXucIyjxp1tcpfubm/nfkZy
WoxXahMl51L3Yw+J429ZvrYTpEsY/iTmrHdJ1qz4ogcXEZNbOKuKFFof1rp7iYty
DKX6vKoRi9Zgq4F17crS3JUpQzMLL6g2eS61boqDQ+pL6IdbBiCynWW4fPJC0TW5
9XJmCu1H/NUkeqHM4BqgRG2m8OjK0wov8PdOImO8t+wUbI8s2T2Hnul3r6zFEzg6
EJIFJAlIdLV8fi0iTOO7
=VBg/
-----END PGP SIGNATURE-----
--7cm2iqirTL37Ot+N--
- Raw text -