X-Recipient: archive-cygwin@delorie.com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:cc
	:subject:references:in-reply-to:content-type
	:content-transfer-encoding; q=dns; s=default; b=gPYKBD0lItBjuG/V
	SAA7lYR9ieSXVFD7vnrpIwH7yg7lYc99D3XbeFWf9IlWJdZ2rklIFhRhmvwZa8U0
	luHHN2OeJaNqgBY05srodqLLMC2szriwVIQ8iwcrhIzIQIsoAWi8GYH+Lwm8lMpN
	O/Y1aKoKYwT1th40P34HitrcEPk=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:mime-version:to:cc
	:subject:references:in-reply-to:content-type
	:content-transfer-encoding; s=default; bh=vpxnFLS6GGyN/fH7e6L7qg
	x7Z98=; b=h2SdvskhXb/SIDBBomW98pA9wESoKabzapAKW82WWvzbVrbfgU546+
	0F08DvtL23Nd0d58Vax/a83Ut3/aRb9ocUfkZMJBAkc3p7tmhD0AyXhGXKsyHHgn
	8unAB8kExsLfbJTmtUB2jID9u3hxMdvoMdx1CEyZsxog7qs1h5Y/8=
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Delivered-To: mailing list cygwin@cygwin.com
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-6.2 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_2 autolearn=ham version=3.3.1 spammy=linda, Win, Media, Login
X-HELO: Ishtar.sc.tlinx.org
Message-ID: <5D58ABB7.9000303@tlinx.org>
Date: Sat, 17 Aug 2019 18:36:55 -0700
From: L A Walsh <cygwin@tlinx.org>
User-Agent: Thunderbird
MIME-Version: 1.0
To: David Karr <davidmichaelkarr@gmail.com>
CC: "cygwin@cygwin.com" <cygwin@cygwin.com>
Subject: Re: Win7 system update hosed something in Cygwin
References: <CAA5t8VocmswTXD4Y7QLxe1NkbZ0Jj+Nt40dFXjHF+9cTP8zW3A@mail.gmail.com> <5D571D62.5040104@tlinx.org> <CAA5t8VqUViA6Ztx+5U-kcjTebXZ2QkvQnJcRkUGZF2irBdineQ@mail.gmail.com> <CAA5t8VoyaUfCef0dQ4cCwQimcJA-vCDvoDz8u9vPy5CPP5xKWg@mail.gmail.com>
In-Reply-To: <CAA5t8VoyaUfCef0dQ4cCwQimcJA-vCDvoDz8u9vPy5CPP5xKWg@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes



On 2019/08/16 18:44, David Karr wrote:
>
> 
>     I would most like to understand what changed to make this suddenly
>     start happening.
----
	You really need to read the cygwin section on nt-security.
in the user manual @ https://www.cygwin.com/cygwin-ug-net/ntsec.html.

	If you are into things appearing a certain way -- I think you
will really find this invaluable.  It also gives background and why
things changed.  

	As for how or why a windows update changed a behavior
in cygwin -- MS doesn't released documentation in that detail.

	I came up with my mappings on my linux/samba box because
I have a pretty simple setup.  But I wanted the common well-known
ID's in there so they would also make some sense:
From the very generic sids:

Null Authority:x:10010:S-1-0,builtin:
Nobody:x:10100:S-1-0-0,builtin:
World Authority:x:10101:S-1-1,builtin:
Everyone:x:11100:S-1-1-0,builtin:
Local Authority:x:10102:S-1-2,builtin:
...
to my domain id's:
Domain Administrator:x::S-1-5-21-33333-77777-33333-500,domain:
Domain Admins:x::S-1-5-21-33333-77777-33333-512,domain:
Domain Users:x::S-1-5-21-33333-77777-33333-513,domain:
...
to local roles:
Administrators:x::S-1-5-32-544,builtin:
Users:x::S-1-5-32-545,builtin:
Backup Operators:x::S-1-5-32-551,builtin:
...
and authentication + trust labels:
NTLM Authentication:x::S-1-5-64-10,builtin:
Schannel Authentication:x::S-1-5-64-10,builtin:
NT Service:x::S-1-5-80,builtin
Untrusted Mandatory Level:x::S-1-16-0,builtin:
Low Mandatory Level:x:11604096:S-1-16-4096,builtin:
High Mandatory Level:x:11612288:S-1-16-12288,builtin:
System Mandatory Level:x:11616384:S-1-16-16384,builtin:

	So in cygwin, when I display my 'id' output, I see the various
groups and labels on my userid:
 
uid=5013(Bliss\law) gid=201(Bliss\lawgroup) groups=201(Bliss\lawgroup), 1015(lawgroup), 1018(Netmon Users), 1017(pulse-access), 1016(pulse-rt), 1023(WinRMRemoteWMIUsers__), 544(Administrators), 555(Remote Desktop Users), 559(Performance Log Users), 545(Users), 11504(Interactive), 11201(Console Login), 11511(Authenticated Users), 4095(CurrentSession), 66048(LOCAL), 260(Bliss\Media), 512(Bliss\Domain Admins), 513(Bliss\Domain Users), 1053(Bliss\Trusted Local Net Users), 1156410(NTLM Athentication), 11612288(High Mandatory Level)

If you look at your security blob using something like 'processhacker' (goog),
you can see all those labels on your login.  Setup right, you also see them
in your cygwin shell, which I thought was cool (being a computer scientist).

Sorry if this was too much, I can't say my setup is necessarily
recommended, BUT, I wanted my Win+linux machines to be joined as
1 machine (all my docs & content is on the linux box, with progs on
my Win Desktop box) joined by a 10gbit ethernet cable:



> I've been running this Cygwin installation for a long time on this
> laptop without any problem like this.


Yeah, you get used to a well tuned setup (though mine does often
have problems because of the weird things I've tried).

-linda



--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple