From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 29556 invoked by alias); 23 Jul 2014 09:14:14 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 29546 invoked by uid 89); 23 Jul 2014 09:14:13 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 X-HELO: calimero.vinschen.de Received: from aquarius.hirmke.de (HELO calimero.vinschen.de) (217.91.18.234) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 23 Jul 2014 09:14:12 +0000 Received: by calimero.vinschen.de (Postfix, from userid 500) id A713A8E1528; Wed, 23 Jul 2014 11:14:09 +0200 (CEST) Date: Wed, 23 Jul 2014 09:14:00 -0000 From: Corinna Vinschen To: cygwin@cygwin.com Subject: Re: The eternal uid issue Message-ID: <20140723091409.GH27005@calimero.vinschen.de> Reply-To: cygwin@cygwin.com Mail-Followup-To: cygwin@cygwin.com References: <53CF6CEC.6D68E485@boland.nl> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="7cm2iqirTL37Ot+N" Content-Disposition: inline In-Reply-To: <53CF6CEC.6D68E485@boland.nl> User-Agent: Mutt/1.5.23 (2014-03-12) X-SW-Source: 2014-07/txt/msg00277.txt.bz2 --7cm2iqirTL37Ot+N Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-length: 3577 On Jul 23 10:06, D. Boland wrote: > Hi Cygwin lovers, >=20 > After some weeks of serious compiling, researching, understanding, fixing= , testing > and compiling again, I managed to get the Sendmail source code compiled a= nd working. >=20 > But I had to compromise in some critical areas. One of them is the uid is= sue. >=20 > * sendmail, procmail, mail.local assume that the id of the privileged use= r is '0'. >=20 > Within the current Cygwin DLL, this is '18'. So the maintainer of, let's = say, the > procmail code has to change a constant, named ROOT_uid to be 18 if compil= ed in > cygwin. I had to do the same in Sendmails' own Mail Delivery Agent, 'mail= .local'. The port of procmail is old (2004), and not changed ever since. This patch is old and wrong. > But that's no real fix. That's a work-around. Cygwin is supposed to emula= te Linux, > so why not change the 'getuid' function to return '0' if the uid is '18'?= This is > exactly what all Linux source code expects, so we would never have to wor= ry about it > again. >=20 > Instead, maintainers constantly have to "correct" this "bug" in every new= version of > their source code. >=20 > The general idea behind this is "never to break user space", where the pr= ograms are > seen as the users. Actually, it's Linus Torwalds's first rule of kernel p= rogramming > and one can read here how serious he is about this: >=20 > https://lkml.org/lkml/2012/12/23/75 Doesn't work well with systemd... > Isn't it about time to make this our First Directive also? Not in relation to the uid. In contrast to Linux we don't have the one single root user. We have potentially endless numbers of them, and one of them, not necessarily SYSTEM, is used to run the service. Keep in mind that there may also be company policy in place which disallows installing services under specific accounts unless absolutely necessary. Therefore, while we mostly strive to make Cygwin accommodate user space, we're not able to do it related to the root uid. The right thing to do is to add Cygwin-required tweaks in the most unobtrusive way you can come up with and send them upstream. Cygwin is by far not the only platform which requires upstream patches. Most portable projects have platform-specifc code. Think of using pam for authentication, socket options only available on some platforms and more. There is nothing inherently bad or wrong with that and upstream maintainers striving for portability will take platform-specific changes if they are nicely written and the maintainer can be convinced of the necessity. As for the root checks, if you *must* check for an administrative user account, check if the group 544 is in the user token (getgroups(3), getgrouplist(3)). Other than that, there's often code checking file ownership, along the lines of if (stat.st_uid !=3D 0) ... For Cygwin, convert these checks to something along the lines of if (stat.st_uid !=3D getuid ()) ... Because it's basically the same thing, while allowing to run the service under any account. Even better, try to convince the upstream maintainer to change these tests into a platform-specific function call, for instance: if (is_admin (stat.st_uid !=3D 0)) ... int is_admin (uid_t uid) { #ifdef __CYGWIN__ return [getgrouplist(uid, ...) contains group 544]; #else [other platform] return [different test]; #else return uid =3D=3D 0; #endif } Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --7cm2iqirTL37Ot+N Content-Type: application/pgp-signature Content-length: 819 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJTz3zhAAoJEPU2Bp2uRE+gNIQP/jVUWekpb3yaEqTP/hi3bx7m 0TfZkbVtYp3nh6xpUT771q1gi1Maf39zj5jaH8y2iXTEVIyEDtbqSx6ve9btffm9 RXSK42U91xYFEeVTsPTTyvqz7mDy4ScCaBxzvSHJqwK2DC5CUrDKm4/gwE4BsiFT oZm58PUMXNhylX0X8HI5kCwnroB7iB8NtFPXAk4G9iQJiC6myUHN6CacjTEWojKZ MLqvhvHQ2/4CdskwqCTYTqYl20D93dr2I061vnWF/6dClLhoVEML2rYz34mYSkc+ E/WWM3KjI/OsBGWk2J+lpLL7EAoSd1rpZdYcSFt1NorP9mUZ6+Q3oTduxnDu2bn0 8AsPZwgx7RYhlFS5V+VMiqfU5/LSvZpOfLgadpAo6f3PBY/WQsKyr+E8Fb11RprU QyVcniOxm/KuDgOcYDAqOOESrXpV71BBb/8gn+D0tBXucIyjxp1tcpfubm/nfkZy WoxXahMl51L3Yw+J429ZvrYTpEsY/iTmrHdJ1qz4ogcXEZNbOKuKFFof1rp7iYty DKX6vKoRi9Zgq4F17crS3JUpQzMLL6g2eS61boqDQ+pL6IdbBiCynWW4fPJC0TW5 9XJmCu1H/NUkeqHM4BqgRG2m8OjK0wov8PdOImO8t+wUbI8s2T2Hnul3r6zFEzg6 EJIFJAlIdLV8fi0iTOO7 =VBg/ -----END PGP SIGNATURE----- --7cm2iqirTL37Ot+N--