DMARC-Filter: OpenDMARC Filter v1.4.2 delorie.com 4AIGRVLE2719950
Authentication-Results: delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com
Authentication-Results: delorie.com; spf=pass smtp.mailfrom=cygwin.com
DKIM-Filter: OpenDKIM Filter v2.11.0 delorie.com 4AIGRVLE2719950
Authentication-Results: delorie.com;
	dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=unniH4Ny
X-Recipient: archive-cygwin AT delorie DOT com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 278E1385772C
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1731947249;
	bh=M6o9lZSEJjRH6tIwzsVEkJm6bpkZO4Q4V8VPqg3qbuc=;
	h=Date:To:Subject:References:In-Reply-To:List-Id:List-Unsubscribe:
	 List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:
	 From;
	b=unniH4NyiV9BSJIc1PFMlMHW7zOY03+EyY9U4mErwDN2zZ4+MNb7cIAwtde+9nX9Z
	 +xEzafRsdd1zP7sUr2xi+8eaNRgJMMLy+MxPwHH/lMOQvej28R2vjw6nsdm/z9SJvw
	 R7mjKpKkeluAk+7y3OxgxnnoiWOyDjnbdTDtYMBQ=
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 6E3983858D35
Date: Mon, 18 Nov 2024 17:26:12 +0100
To: cygwin AT cygwin DOT com
Subject: Re: SMBFS mount's file cannot be made executable
Message-ID: <ZztqpBESgcTXcd3d@calimero.vinschen.de>
Mail-Followup-To: cygwin AT cygwin DOT com
References: <ZzIIO2NxmdYpox2A AT calimero DOT vinschen DOT de>
 <20241112042937 DOT 740185a42d476993b4b1e31c AT nifty DOT ne DOT jp>
 <20241112175427 DOT 750ae77a8086594a765862c5 AT nifty DOT ne DOT jp>
 <ZzNCXz3o9k40U9zA AT calimero DOT vinschen DOT de>
 <20241113181755 DOT 02289e8e8d9af7e19e8f4387 AT nifty DOT ne DOT jp>
 <CANV9t=SvYedzG-LmECwdT7kjipOyhgwsZ1yucnTm8mWMnNkJVw AT mail DOT gmail DOT com>
 <20241114003740 DOT e573d7ec79d35da76225c9f1 AT nifty DOT ne DOT jp>
 <CANV9t=TLh8xD7KBsF-MucZWNjP-L0KE04xUv2-2e=Z5fXTjk=w AT mail DOT gmail DOT com>
 <20241114010807 DOT 99f46760b2240d472440c329 AT nifty DOT ne DOT jp>
 <20241116002122 DOT 3f4fd325a497eb4261ad80f4 AT nifty DOT ne DOT jp>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <20241116002122.3f4fd325a497eb4261ad80f4@nifty.ne.jp>
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From: Corinna Vinschen via Cygwin <cygwin AT cygwin DOT com>
Reply-To: cygwin AT cygwin DOT com
Cc: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com
Sender: "Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com>

On Nov 16 00:21, Takashi Yano via Cygwin wrote:
> I built a test program, whose important part is:
> 
>   AUTHZ_RESOURCE_MANAGER_HANDLE hManager = NULL;
>   AUTHZ_CLIENT_CONTEXT_HANDLE hClient = NULL;
>   AUTHZ_ACCESS_REQUEST AccessRequest = {0};
>   AUTHZ_ACCESS_REPLY AccessReply = {0};
> 
>   AUTHZ_RPC_INIT_INFO_CLIENT authzRpcInitInfoClient = {0};
> 
>   WCHAR ObjectUuid[] = L"9a81c2bd-a525-471d-a4ed-49907c0b23da";
>   WCHAR ProtSeq[] = L"ncacn_ip_tcp";
>   WCHAR NetworkAddr[] = L"localhost";
>   WCHAR Endpoint[] = L"135";
> 
>   authzRpcInitInfoClient.version = AUTHZ_INIT_INFO_VERSION_V1;
>   authzRpcInitInfoClient.ObjectUuid = ObjectUuid;
>   authzRpcInitInfoClient.ProtSeq = ProtSeq;
>   authzRpcInitInfoClient.NetworkAddr = NetworkAddr;
>   authzRpcInitInfoClient.Endpoint = Endpoint;
> 
>   AuthzInitializeRemoteResourceManager (&authzRpcInitInfoClient, &hManager);
> 
>   char buf[1024];
>   PTOKEN_USER pTokenUser = (PTOKEN_USER) buf;
>   DWORD len;
> 
>   GetTokenInformation(hToken, TokenUser, pTokenUser, 1024, &len);
> 
>   LUID luid = {0,};
>   AuthzInitializeContextFromSid(0, pTokenUser->User.Sid, hManager,
>                                 NULL, luid, NULL, &hClient);
> 
> 
> This test code fails at AuthzInitializeContextFromSid() with
> RPC_S_UNKNOWN_IF. If AuthzInitializeRemoteResourceManager()
> is replaced with AuthzInitializeResourceManager(), the error
> does not occur.
> 
> I searched the combination of AuthzInitializeContextFromSid()
> and RPC_S_UNKNOWN_IF, however nothing was found.

RPC_S_UNKNOWN_IF means "unknown interface".  I assume this error has
nothing to do with AuthzInitializeContextFromSid(), but with the
AuthzInitializeRemoteResourceManager() call.

What I failed, though, is to find a working example for
AuthzInitializeRemoteResourceManager().

> Any suggestion would be appreciated.

As I said in my previous posting, maybe we don't really need
AuthzInitializeRemoteResourceManager().

We can safely assume that the current user is already authorized on the
SMB server.  So... shouldn't AuthzInitializeResourceManager be
sufficient and the code from class authz_ctx already does what we want?
We may just have to use in in place of calling NtCheckAccess(),
maybe with a tweak or two...


Corinna

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple