From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 2373 invoked by alias); 25 Apr 2017 16:46:48 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 2358 invoked by uid 89); 25 Apr 2017 16:46:47 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,RCVD_IN_SORBS_SPAM,RP_MATCHES_RCVD,SPF_PASS autolearn=ham version=3.3.2 spammy=educate, dislike, sk:www.cro, sk:wwwcro X-HELO: smtp-out-no.shaw.ca Received: from smtp-out-no.shaw.ca (HELO smtp-out-no.shaw.ca) (64.59.134.13) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 25 Apr 2017 16:46:45 +0000 Received: from [192.168.1.100] ([174.0.238.184]) by shaw.ca with SMTP id 33bwdHdxkBVcj33bxdLHVy; Tue, 25 Apr 2017 10:46:45 -0600 X-Authority-Analysis: v=2.2 cv=RoC1FGuK c=1 sm=1 tr=0 a=WqCeCkldcEjBO3QZneQsCg==:117 a=WqCeCkldcEjBO3QZneQsCg==:17 a=IkcTkHD0fZMA:10 a=w_pzkKWiAAAA:8 a=B5iKClONAAAA:8 a=uXHIkvRuAAAA:8 a=YpG3ig7TqzInKIJnGB8A:9 a=SX-lQNyQajwKcu_P:21 a=kRdH-IZ7kavZYC70:21 a=QEXdDO2ut3YA:10 a=pdnwLGf5Sn8A:10 a=sRI3_1zDfAgwuvI8zelB:22 a=evjc4o6CxmEmQ8o55mli:22 a=zDY1CQ7QJ_oyYkGJc_zN:22 Reply-To: Brian.Inglis@Shaw.ca Subject: Re: Another BLODA with Cylance PROTECT? Can't rebase References: <2d043cb6ffa068972fa1172350617599.squirrel@mail.panix.com> <20170421115857.GC26611@calimero.vinschen.de> To: cygwin@cygwin.com From: Brian Inglis Message-ID: <32d1e25d-7662-a35d-6d52-d55b19bdd662@Shaw.ca> Date: Wed, 26 Apr 2017 01:17:00 -0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-CMAE-Envelope: MS4wfNq3QdBCv32TC9BhSeaC4s0u8ToKi0EGn9s7CGlbJSm/qyuqosBYm4exmoeMOliuQkFWcOsdPT/qZqBUp+1t5zqQ7Lk8+WNRRPitqvxPvkQ+qCIUNtQx 09IyNCNODkZ9/bHDBDBrQ/hiMCwbEL+E1EGczG7JFGe+axd0VDqsZo7a X-SW-Source: 2017-04/txt/msg00332.txt.bz2 On 2017-04-24 23:25, Tim McDaniel wrote: > On Fri, 21 Apr 2017, Corinna Vinschen wrote: >> On Apr 19 14:25, Timothy McDaniel wrote: >>> $ ./0p_000_autorebase.dash >>> creating empty /var/cache/rebase/rebase_pkg >>> 0 [main] dash 12952 fork: child 12912 - died waiting for dll >>> loading, errno 11 >>> /bin/rebaselst: 98: /bin/rebaselst: Cannot fork >>> $ ./base-files-mketc.sh >>> 0 [main] sh 13628 fork: child 10276 - died waiting for dll loading, >>> errno 11 >>> ./base-files-mketc.sh: fork: retry: Resource temporarily unavailable >>> ... >> That's pretty bad, considering that ash only links against the Cygwin >> DLL itself. >>> Running /bin/rebaseall by hand, the old way, had no output and no >>> effect. >> No effect? How do you know? > My apologies. I later ran with the verbose option, letting it choose > an address, and later choosing a few myself. There was output saying > that it was rebasing each package. Instead of "no effect", I should > have written that the exact same error message came up when I tried to > run anything slightly complicated. (Simple commands work, but > harmless-looking things like "time" and many pipes fail.) >> If you're sure Cylance PROTECT is the culprit, > I'm not. It did not throw up any messages or log any events about > blocking anything. It's just that most BLODA appears to be antivirus > systems, and it's the only substantial change that I know of in my > work systems. (We're still on the same version of Windows.) > I have a little more information. A co-worker told me that he uses > "Babun", http://babun.github.io/. It's Cygwin, but with a larger > number of installed and configured packages and a moderately more > convenient control system. I installed it and it works fine ... but > immeidately on installation, it's an old Cygwin. (By defualt, each > day it auto-updates to the current Cygwin.) > Jun 23 2015 libcygwin.a > For example, Perl there is 5.14.4, but the current Cygwin Perl is > 5.24.1. pcre is 8.36, versus current 8.40.3. But, like I said, it > works. If I update to the latest, though, it fails in exactly the > same way as a regular Cygwin installation. > So all I can say is that it seems that there was some change to > libcygwin.a some time in the last 2 years to which my system is > allergic for some reason, which is hardly any help. > But I don't know how to proceed further, except by letting this 2015 > installation sit and never ever update it. Or install a virtual > machine with disk sharing and try to do my occasional UNIXy work with > it. Someone from the local support team has asked why I was asking > about Cygwin, and why I'm interested in "Running OSes on top of > OSes". So I may have to go the VM route. You could work with your support to run your tests on a laptop identical to yours, before and after the AV product is installed, to prove to yourself, them, and the AV vendor, that their product causes your problems, if that is in fact the case. As usual with AV products, raise an issue with the vendor, and ask them to investigate the problem, and provide a solution. This AV product is likely to cause a lot of problems, as all its detection mechanisms seem to be generic pattern based, which the major AV suites also use sometimes, but they're likely to have more problems once they start having to handle all the exceptions to their generic approach. Technical tools often have issues with enterprise products like AV, that are fine if you only ever run MS Office based apps, or download malware, but don't work well with a large variety of non-vanilla apps. Your AV may be blocking anything that spawns other processes, if apps like time cause problems, although if it is more sophisticated, it may dislike the way Cygwin works around Windows lack of a working fork, and interfere with that operation, as many AV products do. And educate your support guys: point out Cygwin allows use of thousands of open source packages, the same reason MS provides WSL, but rather than an isolated limited Ubuntu shell sandbox emulation, provides comprehensive Unix emulation, including daemons and X, full Windows integration, interop, and more up to date package releases and security patches than many Unix distros. It is your support's job to remove impediments to you doing your job for the business, rather than question the tools you choose to use. Your VM is likely to have the same problems with the same AV installed. You could try using the Cygwin Time Machine to bisect the approximate Cygwin release where your problems occur; see: http://www.crouchingtigerhiddenfruitbat.org/Cygwin/timemachine.html if you start with your babun release, take snapshots, and work mainly forwards from working snapshots. -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple