Re: [Bug] setup regression #2

[Achim Gratz <Stromeko@nexgo.de>]

Jon Turney writes:
> On 08/10/2022 17:56, Achim Gratz wrote:
>> I think that setup was essentially treating the install as "for this
>> user only" since it was created and maintained by a script that can't
>> affect that option and the fact it was also in group Adminsitroators
>> didn't actually register until now.
>
> Yeah, that seems possible, since some of these changes fix what are
> arguably bugs in how that works (i.e. I suspect that previously, even
> when elevated, if only the registry key
> HKEY_CURRENT_USER\\Software\\Cygwin\\setup\rootdir exists (and not the
> same key under HKLM), we're going to install for "Just Me",
> irrespective of what the UI says)

I've checked some old logs and even though the install was identified as
"system", there was no line "Changing gid to Administrators" for the
main install until setup version 2.921.

> I wrote some code for this option (attached), but I have a hard time
> seeing how it's functionally different from using '-B/'--no-admin'.

This option does nothing to prevent the use of Administrator group when
the install is identified as "system" and those rights are actually
available (which they are as the scripting needs those rights in other
places).

> So, I guess a question is, does running with that option work as
> expected in your problematic instance?

No, it does not, see above.

The problem is actually a more knotty than you seem to think:
prominently ca-certificates and man-db get their knickers in a twist
when the group during post-install is different from the group of the
installed files and I suspect some other packages will run into similar
problems depending on how fussy they are with the group permissions.
The symptom is that you see failures from chmod (for whatever reason
"Invalid argument") when these programs try to swap the existing with
the newly gerenated (temporary) files.  In the case of man-db that
results in the /var/cache/man/index.db file getting removed (and
depending on the version the PID temporaries getting left in place), for
update-ca-trust the mkstemp temporaries will be left over and the
original files left in place.

So all installs from before the change to setup are affected if the
installation wasn't done via the GUI at least.

I think it would be best to have an option to directly specify a desired
group for both the installed files and running the post-install (which
already must be in the user token).  The default should be the primary
group of the user doing the installation.  I don't think the
installation should be group-owned by "Administrators" on Windows.  If
anything it makes it much more difficult to administer the installation
from within Cygwin as there doesn't seem to be a way to change to a
different than the primary group for domain accounts yet.


Regards,
Achim.
-- 
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+

SD adaptations for KORG EX-800 and Poly-800MkII V0.9:
http://Synth.Stromeko.net/Downloads.html#KorgSDada