delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2015/02/18/08:02:13

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:date:from:to:subject:message-id:reply-to
:references:mime-version:content-type:in-reply-to; q=dns; s=
default; b=xKAkrFLbdVrotMEcE6bUaqm/+3oLKADs5RD4JxqkGoJFd7vUgcB4+
8cZSlovYfFV/arjTqsDSE5cw2A1ayp1TAwGe+g87pi/XnSdHzrTcey3xuOrzEyqZ
8cRUDsxUcorNfn1LNAsUb/W3LSmdgTdX9HsRMz1ZoHDZYCSt+kD7D0=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:date:from:to:subject:message-id:reply-to
:references:mime-version:content-type:in-reply-to; s=default;
bh=AGdR1NNWUgCbsJcng5wz8wXNyCM=; b=R6FbBTIMVtsFLKtuCj0ek5yaOfAU
e/xDWllxyw4X5TBgN/BQtjDsILF1w3pmk9LxPZmw5L0QpAGl8I4ufwNu9HcqBogy
nUdfTUYX3tiSUeRrtMvhvrskRU9swFYcE7SpSUDKbjwAlS2WIVRXLoM9UsVDuqBF
443JcJn75SGDAlQ=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2
X-HELO: calimero.vinschen.de
Date: Wed, 18 Feb 2015 14:01:52 +0100
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: ssh-host-config script sends /etc/passwd thru awk
Message-ID: <20150218130152.GO8493@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <4C148215-468D-469D-8060-B2010DF5E9A9 AT etr-usa DOT com> <20150217230230 DOT GH8493 AT calimero DOT vinschen DOT de> <62DA4A6B-8BA1-4676-B88F-42F6A3707AAD AT etr-usa DOT com> <20150218100809 DOT GK8493 AT calimero DOT vinschen DOT de> <87k2zf1lbc DOT fsf AT Rainer DOT invalid>
MIME-Version: 1.0
In-Reply-To: <87k2zf1lbc.fsf@Rainer.invalid>
User-Agent: Mutt/1.5.23 (2014-03-12) 

--A/JKaSqKPqQLCbw0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Feb 18 13:00, Achim Gratz wrote:
> Corinna Vinschen writes:
> > It's a bit confusing to talk about the Cygwin version when this is
> > only about openssh and the csih package.  I'm really busy with other
> > stuff right now.  I quickly scanned the ssh-*-config scripts again
> > and they never write a passwd entry so, if anything, it's a problem
> > in the csih helper script.  Does anybody want to inspect
> > /usr/share/csih/cygwin-service-installation-helper.sh for this?
>=20
> How about this (untested)?

Thanks for looking and the patch.  However, I seem to miss the point:

> +  if csih_old_cygwin
> +    if [ "$(/usr/bin/id -un)" =3D "mkpasswd" ]

At this point, the csih_old_cygwin test should be unnecessary because
the "mkpasswd" and "mkgroup" accounts names are not generated at all
by Cygwin >=3D 1.7.34.  So the test for the name alone should be sufficient.
OTOH, the csih_old_cygwin test won't hurt either, of course.

>  # =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> +# Routine: csih_old_cygwin
> +#   Check Cygwin version, account databases are avaiable since 1.7.34
> +#   On Cygwin versions <=3D 1.7.33 return 0
> +#   On Cygwin versions >  1.7.33 return 1
> +# =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> +csih_old_cygwin()
> +{
> +  local old_cygwin
> +
> +  /usr/bin/uname -r |
> +  /usr/bin/awk -F. '{
> +                     if ( $1 < 1 || \
> +                         ($1 =3D=3D 1 && $2 < 7) || \
> +                         ($1 =3D=3D 1 && $2 =3D=3D 7 && strtonum($3) <=
=3D 33))
> +                       exit 0;
> +                     exit 1;
> +                   }'
> +  old_cygwin=3D$?
> +  return ${old_cygwin}
> +} # =3D=3D=3D End of csih_old_cygwin() =3D=3D=3D #
> +readonly -f csih_old_cygwin
> +
> +# =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>  # Routine: csih_use_file_etc passwd|group
>  #   Check if /etc/passwd or /etc/group file is in use.
>  #   On Cygwin versions < 1.7.33, files are always used.
> @@ -2517,18 +2558,12 @@
>    then
>      csih_error 'Script error: csih_use_file_etc requires argument "passw=
d" or "group".'
>    fi
> -  /usr/bin/uname -r |
> -  /usr/bin/awk -F. '{
> -                     if ($1 < 1 || \
> -                         ($1 =3D=3D 1 && $2 < 7) || \
> -                         ($1 =3D=3D 1 && $2 =3D=3D 7 && strtonum($3) <=
=3D 33))
> -                       exit 0;
> -                     exit 1;
> -                   }'
> -  use_file=3D$?
> +  csih_old_cygwin ; use_file=3D$?
>    if [ ${use_file} -ne 0 -a -f /etc/nsswitch.conf ]
>    then
> -    grep -Eq "^${file}:[^#]*\<db\>" /etc/nsswitch.conf || use_file=3D0
> +    grep -Eq "^${file}:" /etc/nsswitch.conf &&
> +      grep -Eq "^${file}:[^#]*\<db\>" /etc/nsswitch.conf ||
> +       use_file=3D0

And here, the test for the version is moved into the csih_old_cygwin
function.  So far, so good, but... in how far does this change the
result of csih_use_file_etc?!?  Assuming the expression has a bug,
wouldn't this still be the case, and the mkpasswd calls in
csih_create_privileged_user and csih_create_unprivileged_user
would still write the entry to /etc/passwd?

Can you explain what I'm missing?


Thanks,
Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--A/JKaSqKPqQLCbw0
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJU5I1AAAoJEPU2Bp2uRE+gK/0QAIOK5kK5c6DGIv3E5zneS+CU
5UnwJ9whjU/pwjvs3ipB97mMiWE9/WcTPLOoN/Z22wFrUpxh2DMqYHyXMKNnMMtK
y50D/RB5PGxt2OXgys1O/AmwmgjswZU4N7Le7Wkk91c6oA2OL2HJJSbaaLPlQbKV
XrOyh5eJqZgeKHKnI0sqYKXO5DB3ANLSacN/BV3c87q6a3CjPanC+ZV5L+V6V/ti
Lu+PGu3O27dF2olM4gDMAcMhnaatislaoFLfXv8wWVpv7dl4M6J83SqJ1azAY6oG
yyMmGn1N5ksjiIU8E3w96ghER7tFzLn6AD/XOVJNkX1zRn9jU/58llODJroNKZvs
8PUqvn80O9QkBywZ5BBzohEcup1JEC9LpvtPGo6iLWJLLsw5CbWzmBXpkS4gDKrZ
S06opA+JoddYtiOdCjKp1qM2EfmFaS6Cwgo1EY8G3eVKmLs55o6EPco7lfXeGtEU
8+SU9PXbG6J6VrSoIRO3ovLd4kXfUq9cz77lvaUE6lk6xEJI20Va7kYhmzSu0nN9
oGfoDJmlo6+iBzQcrXn1SBSQFPbe3CS21GqxdgDz6xg76e9ODYIX6gAMr9AV+JL/
gtgtDa7TObLmGuQROl/4ruBIdQ529V8KbydjT050A2JzVMFEqkE45b7rfMNwvRMu
M7RPKQ8/tLA6uU1gf8VD
=3JUo
-----END PGP SIGNATURE-----

--A/JKaSqKPqQLCbw0--

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019