X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-1.6 required=5.0	tests=AWL,BAYES_50,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,KHOP_RCVD_TRUST,RCVD_IN_DNSWL_LOW,RCVD_IN_HOSTKARMA_YE
X-Spam-Check-By: sourceware.org
MIME-Version: 1.0
Date: Tue, 14 Aug 2012 20:33:57 -0400
Message-ID: <CAG9p0OTFaLUp7c8zpOtVQ=4zt-=fAqPvURJw758FS+d2rPOtgw@mail.gmail.com>
Subject: Question about UAC and bash/cygwin
From: Lord Laraby <lord DOT laraby AT gmail DOT com>
To: Cygwin Mailing List <cygwin AT cygwin DOT com>
Content-Type: text/plain; charset=ISO-8859-1
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Hi Folks,

I've scanned months of the mailing list archives for an answers and
searched until I've run out of ideas.

What I want to figure out is this. When I run bash --login -i in an
elevated command prompt, or I use "elevate bash --login -i" or any
other variation, I don't get any sign of being root or having
privileges. But, I can invoke privileged operations and use chmod,
chown, etc. on files and read, write,delete in Administrator only
directories from bash. These are places you can only change in a
raised privilege state.

My /etc/passwd and /etc/group have been automatically created and
updated to have user "root" connected to the S-1-5-32-544 sid as I
think I saw in one of the guides. My local administrator account has
the username "admin".

Problems

1) Example, "id" still shows my normal userid and default group of
'"none" even though I am a member of root's (Administrators) group.
None of the scripts that check for administrator level seem to work.
Am i doing it wrong?

2) I can't ssh into the box as "root" because there is no group
password in Windows 7. Should there be a way to assign own?

3) If I use the local administrators account, none of the files or
directories has "root" as user or group. But shouldn't they?

4) There is no newgrp command so I can't join any of my other assigned
groups. So, "umask" doesn't do as I want. If there a better way to
change to the root group?

5) When I ran sshd-host-config I get a slew of warnings about not
being able to do that (on both .\Administrator and on elevated normal
login). However, the service is created and the users cyg_server and
sshd are as well with the proper groups and privileges. Howver, it
fails to set the owner or access rights on /etc/ssh* or /var/log/sshd
or /var/log/lastlog. What is the proper way to have done this on
WIndows 7 Ultimate Edition 64-bit Service Pack I?

6) Cygwin is a great package and works better than SFU/SUA which I
also have installed. Is there any way I can help make the security
stuff more unixy?

Thanks in advance for any answers or replies.

-- 
Lord Laraby

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple