From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jon.turney@dronecode.org.uk>
Received: from sa-prd-fep-041.btinternet.com (mailomta18-sa.btinternet.com
 [213.120.69.24])
 by sourceware.org (Postfix) with ESMTPS id 183693858C50
 for <cygwin-apps@cygwin.com>; Tue, 12 Jul 2022 12:55:06 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 183693858C50
Authentication-Results: sourceware.org; dmarc=none (p=none dis=none)
 header.from=dronecode.org.uk
Authentication-Results: sourceware.org; spf=none smtp.mailfrom=dronecode.org.uk
Received: from sa-prd-rgout-001.btmx-prd.synchronoss.net ([10.2.38.4])
 by sa-prd-fep-041.btinternet.com with ESMTP id
 <20220712125505.NGEZ3213.sa-prd-fep-041.btinternet.com@sa-prd-rgout-001.btmx-prd.synchronoss.net>;
 Tue, 12 Jul 2022 13:55:05 +0100
Authentication-Results: btinternet.com; none
X-SNCR-Rigid: 613006A930AA1AE0
X-Originating-IP: [86.144.41.14]
X-OWM-Source-IP: 86.144.41.14 (GB)
X-OWM-Env-Sender: jonturney@btinternet.com
X-VadeSecure-score: verdict=clean score=0/300, class=clean
X-RazorGate-Vade: gggruggvucftvghtrhhoucdtuddrgedvfedrudejhedggeekucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuueftkffvkffujffvgffngfevqffopdfqfgfvnecuuegrihhlohhuthemuceftddunecunecujfgurhephffvvefufffkofgjfhgggfestdekredtredttdenucfhrhhomheplfhonhcuvfhurhhnvgihuceojhhonhdrthhurhhnvgihsegurhhonhgvtghouggvrdhorhhgrdhukheqnecuggftrfgrthhtvghrnhepleeitdejhfdtveekheeugeffgeevfedtjeejveefhfeiffefkedtvdetheehieejnecukfhppeekiedrudeggedrgedurddugeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhephhgvlhhopehlohgtrghlhhhoshhtrdhlohgtrghlughomhgrihhnpdhinhgvthepkeeirddugeegrdeguddrudegpdhmrghilhhfrhhomhepjhhonhdrthhurhhnvgihsegurhhonhgvtghouggvrdhorhhgrdhukhdpnhgspghrtghpthhtohepvddprhgtphhtthhopegthihgfihinhdqrghpphhssegthihgfihinhdrtghomhdprhgtphhtthhopehjohhnrdhtuhhrnhgvhiesughrohhnvggtohguvgdrohhrghdruhhk
X-RazorGate-Vade-Verdict: clean 0
X-RazorGate-Vade-Classification: clean
Received: from localhost.localdomain (86.144.41.14) by
 sa-prd-rgout-001.btmx-prd.synchronoss.net (5.8.716.04) (authenticated as
 jonturney@btinternet.com)
 id 613006A930AA1AE0; Tue, 12 Jul 2022 13:55:05 +0100
From: Jon Turney <jon.turney@dronecode.org.uk>
To: cygwin-apps@cygwin.com
Cc: Jon Turney <jon.turney@dronecode.org.uk>
Subject: [PATCH setup 1/2] Drop group change while running postinstall scripts
Date: Tue, 12 Jul 2022 13:54:48 +0100
Message-Id: <20220712125449.14050-2-jon.turney@dronecode.org.uk>
X-Mailer: git-send-email 2.36.1
In-Reply-To: <20220712125449.14050-1-jon.turney@dronecode.org.uk>
References: <20220712125449.14050-1-jon.turney@dronecode.org.uk>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-1200.2 required=5.0 tests=BAYES_00, FORGED_SPF_HELO,
 GIT_PATCH_0, KAM_DMARC_STATUS, KAM_LAZY_DOMAIN_SECURITY, RCVD_IN_DNSWL_NONE,
 RCVD_IN_MSPIKE_H2, SPF_HELO_PASS, SPF_NONE, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: cygwin-apps@cygwin.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Cygwin package maintainer discussion list <cygwin-apps.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin-apps>,
 <mailto:cygwin-apps-request@cygwin.com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin-apps/>
List-Post: <mailto:cygwin-apps@cygwin.com>
List-Help: <mailto:cygwin-apps-request@cygwin.com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin-apps>,
 <mailto:cygwin-apps-request@cygwin.com?subject=subscribe>
X-List-Received-Date: Tue, 12 Jul 2022 12:55:08 -0000

Drop group change while running postinstall scripts.  This was only for
the benefit of mkgroup/mkpasswd being run by the postinstall script,
which we don't do any more.
---
 postinstall.cc | 13 -------------
 win32.cc       |  6 +-----
 2 files changed, 1 insertion(+), 18 deletions(-)

diff --git a/postinstall.cc b/postinstall.cc
index e990f52..32bc401 100644
--- a/postinstall.cc
+++ b/postinstall.cc
@@ -249,11 +249,6 @@ do_postinstall_reflector (void *p)
     // Tell the postinstall results page the results string
     PostInstallResults.SetResultsString(s);
 
-    /* Revert primary group to admins group.  This allows to create all the
-       state files written by setup as admin group owned. */
-    if (root_scope == IDC_ROOT_SYSTEM)
-      nt_sec.setAdminGroup ();
-
     // Tell the progress page that we're done running scripts
     Progress.PostMessageNow (WM_APP_POSTINSTALL_THREAD_COMPLETE, 0,
                           s.empty() ? IDD_DESKTOP : IDD_POSTINSTALL);
@@ -268,14 +263,6 @@ static HANDLE context[2];
 void
 do_postinstall (HINSTANCE h, HWND owner)
 {
-  /* Switch back to original primary group.  Otherwise we end up with a
-     broken passwd entry for the current user.
-     FIXME: Unfortunately this has the unfortunate side-effect that *all*
-     files created via postinstall are group owned by the original primary
-     group of the user.  Find a way to avoid this at one point. */
-  if (root_scope == IDC_ROOT_SYSTEM)
-    nt_sec.resetPrimaryGroup ();
-
   context[0] = h;
   context[1] = owner;
 
diff --git a/win32.cc b/win32.cc
index 55072a9..62ae4eb 100644
--- a/win32.cc
+++ b/win32.cc
@@ -350,11 +350,7 @@ NTSecurity::setDefaultSecurity (bool isAdmin)
       NoteFailedAPI ("SetTokenInformation(owner)");
       return;
     }
-  /* Get original primary group.  The token's primary group will be reset
-     to the original group right before we call the postinstall scripts.
-     This is necessary, otherwise, if the installing user is a domain user,
-     the group information created by the postinstall calls to `mkpasswd -c,
-     mkgroup -c' will be plain wrong. */
+  /* Get original primary group */
   if (!GetTokenInformation (token.theHANDLE (), TokenPrimaryGroup,
 			    &primaryGroupSID, sizeof primaryGroupSID, &size))
     {
-- 
2.36.1