Mail Archives: cygwin/2018/05/23/17:33:51

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2018/05/23/17:33:51

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:reply-to:subject:to:references:from:message-id

:date:mime-version:in-reply-to:content-type

:content-transfer-encoding; q=dns; s=default; b=yoNNUqOJorNRNeZ+

tf2rW+vFoeESYFGep1jMqKCsqIDzvMKJnWRmPjmHdNUB33cfuxSi/hllj7Hpszmt

xlLleEfoMz5JtxrtUpRRTufdV3OCHAIOC+PZMVfEQZt+Ut+Ms9YFtomVzZwOuoUT

HJnKDbuIkBnZ4QDQIjL9fAY0GzY=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:reply-to:subject:to:references:from:message-id

:date:mime-version:in-reply-to:content-type

:content-transfer-encoding; s=default; bh=WsrM/un2vnWpy14ByFoXQj

/wf90=; b=xjpiOOL8hnw6Tz2cHFXJ+ymyD59gaj2P0ia1mqxVissWreZcPOth3J

6OeHz2Gxs+suwGg6kuzPlaqT7g9PnBvzDF5XRBPi99LTKYPt8Dw3P+SGdgOr44WZ

/KP+91k9VCKfXJwv9X7UxfNRRZ4jMTFD1nUABmhGC2dxzpl1Pf/kU=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_LOW autolearn=no version=3.3.2 spammy=UD:aspx, H*RU:!192.168.1.100!, Hx-spam-relays-external:!192.168.1.100!, H*r:ip*192.168.1.100

X-HELO: smtp-out-so.shaw.ca

X-Authority-Analysis: v=2.3 cv=SJtsqtnH c=1 sm=1 tr=0 a=MVEHjbUiAHxQW0jfcDq5EA==:117 a=MVEHjbUiAHxQW0jfcDq5EA==:17 a=IkcTkHD0fZMA:10 a=w_pzkKWiAAAA:8 a=yMhMjlubAAAA:8 a=8pif782wAAAA:8 a=JWonx_0VPbRZ-9Z5DWIA:9 a=QEXdDO2ut3YA:10 a=9c8rtzwoRDUA:10 a=OO2XiV6ZNdAA:10 a=x1UnPZeJ2b0A:10 a=sRI3_1zDfAgwuvI8zelB:22

Reply-To: Brian DOT Inglis AT SystematicSw DOT ab DOT ca

Subject: Re: Numeric group IDs for system groups

To: cygwin AT cygwin DOT com

References: <9aea99de-91ae-7d1e-5633-bfc551af4e81 AT baur-itcs DOT de>

From: Brian Inglis <Brian DOT Inglis AT SystematicSw DOT ab DOT ca>

Openpgp: preference=signencrypt

Autocrypt: addr=Brian DOT Inglis AT SystematicSw DOT ab DOT ca; prefer-encrypt=mutual; keydata= xsBNBFg15Q0BCADc1LTYJN/oVKOJoXpIo+5yy+sBv535qYNRh5CFqp3pPZwIy6oILNKprWph 8J+sXMqYd5H0G1jMDlXendiQbn9SiORuqI7xkV8vzguoFEMhNTxnO1pOQjqRnEnG/W7/5Yy+ DkcCv+Y4O3NX3wol8yP+FaEx4EEEifaO5ZhC1U/ilvHvxE0wjNhRG6AqlvqX6J09bxkJC8Xd 00MZWotDHtiq/wnd8YqyDmf0aJceGxSetHnqn/Cs3WiylEEUy2x/FqKbsBxUJHGQeeRTFAW1 ii08djCemxdE+romE/M9J9CVisSZImbXMSilX6Z2Qtz0lYPkY0EqbiKo8o9zlkIPhaqJABEB AAHNREJyaWFuIEluZ2xpcyAoU3lzdGVtYXRpYyBTb2Z0d2FyZSkgPEJyaWFuLkluZ2xpc0BT eXN0ZW1hdGljU1cuYWIuY2E+wsCVBBMBAgA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIX gBYhBEy/sJ49FaN/AfIQJjY9ewCxhxqTBQJai9F5BQkNRMzsAAoJEDY9ewCxhxqThnAH/Rau 2+nxwRYdOHDkvMJSyJZUxowkxxzfttQVfxrZIhooF99LGqd3ANltSidybJAbKDLoH+5jRvWF fobzOs93Uw73/52Rurv0nY40mnCAw2vE3JNYgWm8V09Ff4J64ElylrAAU60XoUxMD8Tbflby fVu3LO74pR/hCByNGK019TXJhIPfSU51hXQwLgqAKT4FRGw5gYyqCSS5zoRpa/zNENAPKG/g 5H8ar58eJB9QyJA4iNTLa/3rPF/kO9MqfRLlBLvmyveyYOcGs5wOgjt/RT2eA3Zun18l7EIE 2L2J1tbqLmSpswSW3URnW3KsfgILNC9pAVR00xvO09ulrUXiOX7OwE0EWDXlDQEIAM5GX98w WEzP1jyuWGfNI0s2lUJDTVH1WLpg1N+lQ9sjwCVBeJEdhtZYU7VsgmjPj+H0tkBFYe2olAkk BAmdP7yrqUTK5zw12kf5BJeF94cikGcFRCvdGVk9/uSfy3HZePvr8NV5LPCxLIE6bJCS8L5A CgdNkrD3CLM1zePyiQ0dQ3+6Bjq27b3Y1UauiyKlOquCVkfrDk/y3OfFhbiJX8pwM0mICyls 8p9iM7yg+g1PbdoA99OrFc7JKllHRGDLQ0B/HKAPgNnLCenzDuV/d+N1RDbbpa0c/uvmoptR Aejlq3HszXYQ9wTmu8OwVSITSkzgP1lKzyDPZS9SGvlrQp8AEQEAAcLAZQQYAQIADwIbDAUC Wn5HFgUJBCmViQAKCRA2PXsAsYcakzi/B/9kps3abVY7dZuyFbHzZthm5RPEepFWjyONTtMj fyhfhKVel+NJP12DOEPTQPa+8jmL33BqxDeATqvAyieHEfCvuuOXulnrQ5LKNBLn1iU2JRZJ /v4ZoUID5lYg8vQASOfryjSao47+sJNy6KpRTXhKHK6oL1Lg+2muuDhw3atGRJWKUrt01r6+ mZol3ZyQbF6Defv2/Uxf7cC0R7t9FIYQZPqblOh5G0csLWTrUrVFS51W2ePmhZnv6PzUnWe0 qJH2CydPVI4xLwX/YzVm4ld1t4BePiW9VRM9hH3JBYVwt9YU+IIcH7jWh2D7Z34oj2lETzjs MenYTiZxRm/jRp44wsB8BBgBAgAmAhsMFiEETL+wnj0Vo38B8hAmNj17ALGHGpMFAlqL0acF CQ1EzRoACgkQNj17ALGHGpO4vwf+K/DRVdeVBbhz07xewxp8NwTJXbcwfh91kAKyz5laW51r vEhGjvwYItfEBEfAl04T0mT3798NA5Nl3iYpbS2ssJ9a8mfA0l84tuqx7t7J2+B2PZStOnLg M7/n6YDD+KWBmkQaDAzDKpv/aQWIortDrgE0qXxjaRFeW1qJd+rK8bZT82ITgY48DfJmBezg zN3WnNX+eQQjMaSd5p4TlYYRaP/x0KefprfMi6rQvn1AifEqxN23XQ5CJShEqXw3HS8MI7Mz LTCUlzfj2AltAEIBly6a0EEGoDMICYncntPt7DyHOcASY7Cv4uRI51cXMSN19NqvKE3UCxEt hVQ2WgRY0A==

Message-ID: <f134f86e-eb5e-b941-47e0-a48d2a8eddca@SystematicSw.ab.ca>

Date: Wed, 23 May 2018 15:33:35 -0600

User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0

MIME-Version: 1.0

In-Reply-To: <9aea99de-91ae-7d1e-5633-bfc551af4e81@baur-itcs.de>

X-CMAE-Envelope: MS4wfO5GH7Ztt87hadC/cu77p9XOKsxbvElomH3ns7bIfQ/c0je90ySjigFbUfijgXHsLKEhmGyXGQhjQn72NUdjLXzoDbqqypgA8KM8UBJUxcYw8WyILAZg A2aLGsRORX5BfleGm7DBuLQ7FgEVYAQlXN6n6+DnKuqCjY3NDNOdzprOG15R22lM/4ZNctpl4MF4eQ==

X-IsSubscribed: yes

On 2018-05-23 13:44, Stefan Baur wrote:
> I am the community manager of X2Go, an open-source remote desktop and
> remote application solution for Linux servers.  While our server
> component only runs on Linux, our client software is available for macOS
> and Windows as well.  The Windows version of X2GoClient relies on some
> executables available through Cygwin.
> On Windows 10, we are encountering the issue mentioned here in the FAQ:
> <https://cygwin.com/faq/faq.html#faq.using.ssh-pubkey-stops-working>
> Especially, we're getting hit by the fact that Microsoft has changed the
> default group for %USERPROFILE% (and all files and directories created
> in it) from "None" to <Username>.
> This is why the second-to-last suggestion in that FAQ item doesn't help:
> chgrp `id -g` ~/.ssh/*
> will simply set the default group to the value it already has, and that
> doesn't fix the issue.
> The last suggestion in that FAQ item suggests using
> chgrp None ~/.ssh/*
> but also notes that the group name will vary depending on the operating
> system language.
> chgrp does work with numeric group identifiers, and it seems the "None"
> group always gets the numeric id 197121 - so
> chgrp 197121 ~/.ssh/*
> would fix the issue regardless of the operating system language.
> (In our case, it would be
> chgrp 197121 %USERPROFILE%/.x2go/etc/ssh_host_key*
> because it actually affects the host keys of an sshd running on the
> Windows side, which we need for file sharing via sshfs, but you get the
> idea.)
> Can anyone with authority on the issue confirm that 197121 always
> corresponds to the "None" group (whatever it may be called due to the
> language setting - in German, it is "Kein", for example)?
> Or is this a faulty assumption and merely coincidence that we got that
> result on the handful of machines we used for testing?
> I'm seriously hoping this id is always the same, similar to the
> well-known SIDs in Windows, but would really like a confirmation from
> someone knowledgeable before we make the corresponding change in our
> code and hose a large percentage of our users' systems once they deploy
> the update.
> In case it is of relevance, we are calling the executables (ssh-keygen,
> sshd, and now chgrp and possibly setfacl as well) directly from a native
> Windows application written in Qt and C++, not from a Cygwin bash window
> or similar.  In fact, there is no cygwin installation, it's just the
> required executables and dlls residing in our own installation
> directory.  I can provide more detail or get you in contact with one of
> our developers, if needed.

Cygwin id 197121 == RID 513 == 0x201 - in range of reserved RIDs < 1000.
See:
	https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-how
	https://msdn.microsoft.com/en-us/library/aa379649.aspx
	https://en.wikipedia.org/wiki/Security_Identifier

-- 
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:reply-to:subject:to:references:from:message-id
	:date:mime-version:in-reply-to:content-type
	:content-transfer-encoding; q=dns; s=default; b=yoNNUqOJorNRNeZ+
	tf2rW+vFoeESYFGep1jMqKCsqIDzvMKJnWRmPjmHdNUB33cfuxSi/hllj7Hpszmt
	xlLleEfoMz5JtxrtUpRRTufdV3OCHAIOC+PZMVfEQZt+Ut+Ms9YFtomVzZwOuoUT
	HJnKDbuIkBnZ4QDQIjL9fAY0GzY=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:reply-to:subject:to:references:from:message-id
	:date:mime-version:in-reply-to:content-type
	:content-transfer-encoding; s=default; bh=WsrM/un2vnWpy14ByFoXQj
	/wf90=; b=xjpiOOL8hnw6Tz2cHFXJ+ymyD59gaj2P0ia1mqxVissWreZcPOth3J
	6OeHz2Gxs+suwGg6kuzPlaqT7g9PnBvzDF5XRBPi99LTKYPt8Dw3P+SGdgOr44WZ
	/KP+91k9VCKfXJwv9X7UxfNRRZ4jMTFD1nUABmhGC2dxzpl1Pf/kU=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-1.8 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_LOW autolearn=no version=3.3.2 spammy=UD:aspx, HRU:!192.168.1.100!, Hx-spam-relays-external:!192.168.1.100!, Hr:ip*192.168.1.100
X-HELO:	smtp-out-so.shaw.ca
X-Authority-Analysis:	v=2.3 cv=SJtsqtnH c=1 sm=1 tr=0 a=MVEHjbUiAHxQW0jfcDq5EA==:117 a=MVEHjbUiAHxQW0jfcDq5EA==:17 a=IkcTkHD0fZMA:10 a=w_pzkKWiAAAA:8 a=yMhMjlubAAAA:8 a=8pif782wAAAA:8 a=JWonx_0VPbRZ-9Z5DWIA:9 a=QEXdDO2ut3YA:10 a=9c8rtzwoRDUA:10 a=OO2XiV6ZNdAA:10 a=x1UnPZeJ2b0A:10 a=sRI3_1zDfAgwuvI8zelB:22
Reply-To:	Brian DOT Inglis AT SystematicSw DOT ab DOT ca
Subject:	Re: Numeric group IDs for system groups
To:	cygwin AT cygwin DOT com
References:	<9aea99de-91ae-7d1e-5633-bfc551af4e81 AT baur-itcs DOT de>
From:	Brian Inglis <Brian DOT Inglis AT SystematicSw DOT ab DOT ca>
Openpgp:	preference=signencrypt
Autocrypt:	addr=Brian DOT Inglis AT SystematicSw DOT ab DOT ca; prefer-encrypt=mutual; keydata= xsBNBFg15Q0BCADc1LTYJN/oVKOJoXpIo+5yy+sBv535qYNRh5CFqp3pPZwIy6oILNKprWph 8J+sXMqYd5H0G1jMDlXendiQbn9SiORuqI7xkV8vzguoFEMhNTxnO1pOQjqRnEnG/W7/5Yy+ DkcCv+Y4O3NX3wol8yP+FaEx4EEEifaO5ZhC1U/ilvHvxE0wjNhRG6AqlvqX6J09bxkJC8Xd 00MZWotDHtiq/wnd8YqyDmf0aJceGxSetHnqn/Cs3WiylEEUy2x/FqKbsBxUJHGQeeRTFAW1 ii08djCemxdE+romE/M9J9CVisSZImbXMSilX6Z2Qtz0lYPkY0EqbiKo8o9zlkIPhaqJABEB AAHNREJyaWFuIEluZ2xpcyAoU3lzdGVtYXRpYyBTb2Z0d2FyZSkgPEJyaWFuLkluZ2xpc0BT eXN0ZW1hdGljU1cuYWIuY2E+wsCVBBMBAgA/AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIX gBYhBEy/sJ49FaN/AfIQJjY9ewCxhxqTBQJai9F5BQkNRMzsAAoJEDY9ewCxhxqThnAH/Rau 2+nxwRYdOHDkvMJSyJZUxowkxxzfttQVfxrZIhooF99LGqd3ANltSidybJAbKDLoH+5jRvWF fobzOs93Uw73/52Rurv0nY40mnCAw2vE3JNYgWm8V09Ff4J64ElylrAAU60XoUxMD8Tbflby fVu3LO74pR/hCByNGK019TXJhIPfSU51hXQwLgqAKT4FRGw5gYyqCSS5zoRpa/zNENAPKG/g 5H8ar58eJB9QyJA4iNTLa/3rPF/kO9MqfRLlBLvmyveyYOcGs5wOgjt/RT2eA3Zun18l7EIE 2L2J1tbqLmSpswSW3URnW3KsfgILNC9pAVR00xvO09ulrUXiOX7OwE0EWDXlDQEIAM5GX98w WEzP1jyuWGfNI0s2lUJDTVH1WLpg1N+lQ9sjwCVBeJEdhtZYU7VsgmjPj+H0tkBFYe2olAkk BAmdP7yrqUTK5zw12kf5BJeF94cikGcFRCvdGVk9/uSfy3HZePvr8NV5LPCxLIE6bJCS8L5A CgdNkrD3CLM1zePyiQ0dQ3+6Bjq27b3Y1UauiyKlOquCVkfrDk/y3OfFhbiJX8pwM0mICyls 8p9iM7yg+g1PbdoA99OrFc7JKllHRGDLQ0B/HKAPgNnLCenzDuV/d+N1RDbbpa0c/uvmoptR Aejlq3HszXYQ9wTmu8OwVSITSkzgP1lKzyDPZS9SGvlrQp8AEQEAAcLAZQQYAQIADwIbDAUC Wn5HFgUJBCmViQAKCRA2PXsAsYcakzi/B/9kps3abVY7dZuyFbHzZthm5RPEepFWjyONTtMj fyhfhKVel+NJP12DOEPTQPa+8jmL33BqxDeATqvAyieHEfCvuuOXulnrQ5LKNBLn1iU2JRZJ /v4ZoUID5lYg8vQASOfryjSao47+sJNy6KpRTXhKHK6oL1Lg+2muuDhw3atGRJWKUrt01r6+ mZol3ZyQbF6Defv2/Uxf7cC0R7t9FIYQZPqblOh5G0csLWTrUrVFS51W2ePmhZnv6PzUnWe0 qJH2CydPVI4xLwX/YzVm4ld1t4BePiW9VRM9hH3JBYVwt9YU+IIcH7jWh2D7Z34oj2lETzjs MenYTiZxRm/jRp44wsB8BBgBAgAmAhsMFiEETL+wnj0Vo38B8hAmNj17ALGHGpMFAlqL0acF CQ1EzRoACgkQNj17ALGHGpO4vwf+K/DRVdeVBbhz07xewxp8NwTJXbcwfh91kAKyz5laW51r vEhGjvwYItfEBEfAl04T0mT3798NA5Nl3iYpbS2ssJ9a8mfA0l84tuqx7t7J2+B2PZStOnLg M7/n6YDD+KWBmkQaDAzDKpv/aQWIortDrgE0qXxjaRFeW1qJd+rK8bZT82ITgY48DfJmBezg zN3WnNX+eQQjMaSd5p4TlYYRaP/x0KefprfMi6rQvn1AifEqxN23XQ5CJShEqXw3HS8MI7Mz LTCUlzfj2AltAEIBly6a0EEGoDMICYncntPt7DyHOcASY7Cv4uRI51cXMSN19NqvKE3UCxEt hVQ2WgRY0A==
Message-ID:	<f134f86e-eb5e-b941-47e0-a48d2a8eddca@SystematicSw.ab.ca>
Date:	Wed, 23 May 2018 15:33:35 -0600
User-Agent:	Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0
MIME-Version:	1.0
In-Reply-To:	<9aea99de-91ae-7d1e-5633-bfc551af4e81@baur-itcs.de>
X-CMAE-Envelope:	MS4wfO5GH7Ztt87hadC/cu77p9XOKsxbvElomH3ns7bIfQ/c0je90ySjigFbUfijgXHsLKEhmGyXGQhjQn72NUdjLXzoDbqqypgA8KM8UBJUxcYw8WyILAZg A2aLGsRORX5BfleGm7DBuLQ7FgEVYAQlXN6n6+DnKuqCjY3NDNOdzprOG15R22lM/4ZNctpl4MF4eQ==
X-IsSubscribed:	yes