From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 9696 invoked by alias); 9 Nov 2013 00:04:54 -0000 Mailing-List: contact cygwin-apps-help@cygwin.com; run by ezmlm Precedence: bulk Sender: cygwin-apps-owner@cygwin.com List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Mail-Followup-To: cygwin-apps@cygwin.com Received: (qmail 9685 invoked by uid 89); 9 Nov 2013 00:04:53 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-0.3 required=5.0 tests=AWL,BAYES_00,RDNS_NONE,URIBL_BLOCKED autolearn=no version=3.3.2 X-HELO: mail104.syd.optusnet.com.au Received: from Unknown (HELO mail104.syd.optusnet.com.au) (211.29.132.246) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Sat, 09 Nov 2013 00:04:50 +0000 Received: from [0.0.0.0] (c122-106-16-37.rivrw1.nsw.optusnet.com.au [122.106.16.37]) by mail104.syd.optusnet.com.au (Postfix) with ESMTP id 78A63422A32 for ; Sat, 9 Nov 2013 11:04:37 +1100 (EST) Message-ID: <527D7C12.6090204@shaddybaddah.name> Date: Sat, 09 Nov 2013 00:04:00 -0000 From: Shaddy Baddah User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20130922 Icedove/17.0.9 MIME-Version: 1.0 To: cygwin-apps@cygwin.com Subject: Re: [GOLDSTAR] Re: [PATCH] setup: allow running as non-admin References: <527AD620.2020902@shaddybaddah.name> <20131107002345.GB2334@ednor.casa.cgf.cx> <527AE157.4080107@shaddybaddah.name> <20131107131521.GA5722@calimero.vinschen.de> <20131107152342.GA3974@ednor.casa.cgf.cx> In-Reply-To: <20131107152342.GA3974@ednor.casa.cgf.cx> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Optus-CM-Score: 0 X-Optus-CM-Analysis: v=2.1 cv=bpB1Wiqi c=1 sm=1 tr=0 a=RkPObcNqpdaXDoCDBSw5Xw==:117 a=RkPObcNqpdaXDoCDBSw5Xw==:17 a=PO7r1zJSAAAA:8 a=cm-COJMw1PoA:10 a=Gt7FYl7nMNAA:10 a=8nJEP1OIZ-IA:10 a=Ti-kBoc9Q3cA:10 a=jqt3KpRPaWhpJ5JrTaIA:9 a=wPNLvfGTeEIA:10 X-IsSubscribed: yes X-SW-Source: 2013-11/txt/msg00030.txt.bz2 Hi, On Nov 08 02:23, Christopher Faylor wrote: > On Thu, Nov 07, 2013 at 02:15:21PM +0100, Corinna Vinschen wrote: >> Hi Shaddy, >> >> On Nov 7 11:39, Shaddy Baddah wrote: >>> 2013-11-06 Shaddy Baddah >>> >>> * LogFile.cc (LogFile::flushAll): New function to flush log all logging to >>> files without exiting (as LogFile::exit does). >>> * LogFile.h: Declare new method closeAll. >>> * main.cc (NoAdminOption): Add new CLI options -B/--no-admin. This option >>> allows the user to suppress privilege elevation (in tandem with >>> "asInvoker" requestedExecutionLevel changes to exe manifests). >>> (WinMain): check if setup run with Administrator privilege and if the >>> NoAdminOption has not been specified, attempt to elevate privilege to an >>> Administrator via WINAPI ShellExecuteEx(). >>> * setup.exe.manifest: Add requestedExecutionLevel of asInvoker to allow >>> suppression of privilege elevation. >>> * setup64.exe.manifest: Modify requestedExecutionLevel from >>> requireAdministrator to asInvoker to allow suppression of privilege >>> elevation. Continuity of privilege elevation attempt on startup is >>> implemented by main.cc changes to WinMain(). >>> * win32.cc (NTSecurity::isRunAsAdmin): New function to allow main.cc to >>> check if setup.exe has been run with privilege elevated to Administrator >>> level. >>> * win32.h: Declare new method isRunAsAdmin. >> >> Thanks a lot for this patch. I applied it with a few minor tweaks. >> First of all, this comment was a bit misleading now, given that the >> code doesn't run on pre-Vista anyway: >> >>> + // Note, this is necessary to avoid an infinite loop. >>> + // The understanding is that pre-Vista, the runas verb will not >>> + // result in a privilege elevated process. Therefore we need to >>> + // indicate to the forked process that it should be happy with >>> + // whatever privileges it is run with. >>> + std::string command_line_cs (command_line); >>> + command_line_cs += " -"; >>> + command_line_cs += NoAdminOption.shortOption(); >>> + sei.lpParameters = command_line_cs.c_str (); >> >> I shortened the comment to a simple one-liner: >> >> // Avoid another isRunAsAdmin check in the child. >> >> I also added a small change for the sake of starting setup from the >> command line. While the log to the logfiles has been stopped, the >> log to stdout persist up to the call of theLog->exit. I added a >> bit of code to stop printing >> >> Ending cygwin install >> >> if the elevation was successful. In that case the stdout log now prints >> >> note: Hand installation over to elevated child process. >> >> >> Thanks again for this patch, it's highly appreciated and is worth >> a gold star, I think. >> >> Chris, do your worst ;) > > The new setup's are installed. Shaddy, do you want to respond to the > Cygwin ML thread and tell them that you've fixed the problem? > > Thanks again for doing this. Done. Don't mention it. I'm delighted to give back to the Cygwin community and thank you all for what I feel is one of the best, if not the best open source project and community. I'll stick around too and help if there is any issues with the patch. I am also hoping to find time in the near future to ITP a couple of packages. -- Regards, Shaddy