From: Shaddy Baddah <lithium-cygwin@shaddybaddah.name>
To: cygwin-apps@cygwin.com
Subject: Re: [GOLDSTAR] Re: [PATCH] setup: allow running as non-admin
Date: Sat, 09 Nov 2013 00:04:00 -0000 [thread overview]
Message-ID: <527D7C12.6090204@shaddybaddah.name> (raw)
In-Reply-To: <20131107152342.GA3974@ednor.casa.cgf.cx>
Hi,
On Nov 08 02:23, Christopher Faylor wrote:
> On Thu, Nov 07, 2013 at 02:15:21PM +0100, Corinna Vinschen wrote:
>> Hi Shaddy,
>>
>> On Nov 7 11:39, Shaddy Baddah wrote:
>>> 2013-11-06 Shaddy Baddah <lithium-cygwin at shaddybaddah dot name>
>>>
>>> * LogFile.cc (LogFile::flushAll): New function to flush log all logging to
>>> files without exiting (as LogFile::exit does).
>>> * LogFile.h: Declare new method closeAll.
>>> * main.cc (NoAdminOption): Add new CLI options -B/--no-admin. This option
>>> allows the user to suppress privilege elevation (in tandem with
>>> "asInvoker" requestedExecutionLevel changes to exe manifests).
>>> (WinMain): check if setup run with Administrator privilege and if the
>>> NoAdminOption has not been specified, attempt to elevate privilege to an
>>> Administrator via WINAPI ShellExecuteEx().
>>> * setup.exe.manifest: Add requestedExecutionLevel of asInvoker to allow
>>> suppression of privilege elevation.
>>> * setup64.exe.manifest: Modify requestedExecutionLevel from
>>> requireAdministrator to asInvoker to allow suppression of privilege
>>> elevation. Continuity of privilege elevation attempt on startup is
>>> implemented by main.cc changes to WinMain().
>>> * win32.cc (NTSecurity::isRunAsAdmin): New function to allow main.cc to
>>> check if setup.exe has been run with privilege elevated to Administrator
>>> level.
>>> * win32.h: Declare new method isRunAsAdmin.
>>
>> Thanks a lot for this patch. I applied it with a few minor tweaks.
>> First of all, this comment was a bit misleading now, given that the
>> code doesn't run on pre-Vista anyway:
>>
>>> + // Note, this is necessary to avoid an infinite loop.
>>> + // The understanding is that pre-Vista, the runas verb will not
>>> + // result in a privilege elevated process. Therefore we need to
>>> + // indicate to the forked process that it should be happy with
>>> + // whatever privileges it is run with.
>>> + std::string command_line_cs (command_line);
>>> + command_line_cs += " -";
>>> + command_line_cs += NoAdminOption.shortOption();
>>> + sei.lpParameters = command_line_cs.c_str ();
>>
>> I shortened the comment to a simple one-liner:
>>
>> // Avoid another isRunAsAdmin check in the child.
>>
>> I also added a small change for the sake of starting setup from the
>> command line. While the log to the logfiles has been stopped, the
>> log to stdout persist up to the call of theLog->exit. I added a
>> bit of code to stop printing
>>
>> Ending cygwin install
>>
>> if the elevation was successful. In that case the stdout log now prints
>>
>> note: Hand installation over to elevated child process.
>>
>>
>> Thanks again for this patch, it's highly appreciated and is worth
>> a gold star, I think.
>>
>> Chris, do your worst ;)
>
> The new setup's are installed. Shaddy, do you want to respond to the
> Cygwin ML thread and tell them that you've fixed the problem?
>
> Thanks again for doing this.
Done. Don't mention it. I'm delighted to give back to the Cygwin
community and thank you all for what I feel is one of the best, if not
the best open source project and community.
I'll stick around too and help if there is any issues with the patch.
I am also hoping to find time in the near future to ITP a couple of
packages.
--
Regards,
Shaddy
next prev parent reply other threads:[~2013-11-09 0:04 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-06 23:52 Shaddy Baddah
2013-11-07 0:23 ` Christopher Faylor
2013-11-07 0:37 ` Shaddy Baddah
2013-11-07 0:41 ` Christopher Faylor
2013-11-07 0:51 ` Shaddy Baddah
2013-11-07 3:00 ` Christopher Faylor
2013-11-07 13:15 ` [GOLDSTAR] " Corinna Vinschen
2013-11-07 15:24 ` Christopher Faylor
2013-11-09 0:04 ` Shaddy Baddah [this message]
2013-11-09 0:40 ` Christopher Faylor
2013-11-09 10:20 ` Corinna Vinschen
2013-11-09 16:43 ` Buchbinder, Barry (NIH/NIAID) [E]
2013-11-09 17:31 ` Corinna Vinschen
2013-11-10 7:28 ` Christopher Faylor
2013-11-10 12:28 ` Corinna Vinschen
2013-11-10 17:56 ` Christopher Faylor
2013-11-08 0:18 ` Andrew Schulman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=527D7C12.6090204@shaddybaddah.name \
--to=lithium-cygwin@shaddybaddah.name \
--cc=cygwin-apps@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).