From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 8319 invoked by alias); 26 Apr 2011 21:26:06 -0000 Received: (qmail 8296 invoked by uid 22791); 26 Apr 2011 21:26:05 -0000 X-SWARE-Spam-Status: No, hits=0.1 required=5.0 tests=AWL,BAYES_50,RCVD_IN_DNSWL_NONE,T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY X-Spam-Check-By: sourceware.org Received: from mailout02.t-online.de (HELO mailout02.t-online.de) (194.25.134.17) by sourceware.org (qpsmtpd/0.43rc1) with ESMTP; Tue, 26 Apr 2011 21:25:50 +0000 Received: from fwd02.aul.t-online.de (fwd02.aul.t-online.de ) by mailout02.t-online.de with smtp id 1QEplf-0008S3-9r; Tue, 26 Apr 2011 23:25:59 +0200 Received: from [192.168.2.100] (GQfFWrZQYhUYPk6Bbobx8tvHqwCjzMiPb9le5ryMvWkSu6hmccvxUWeUdYO0YhawPc@[79.224.114.238]) by fwd02.aul.t-online.de with esmtp id 1QEplQ-1A82Nc0; Tue, 26 Apr 2011 23:25:44 +0200 Message-ID: <4DB73858.8070401@t-online.de> Date: Wed, 27 Apr 2011 06:41:00 -0000 From: Christian Franke User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.17) Gecko/20110123 SeaMonkey/2.0.12 MIME-Version: 1.0 To: cygwin@cygwin.com Subject: Re: [PATCH] base-files-4.0.6: Change prompt if running with admin rights References: <4D964392.6080809@t-online.de> <4DB45230.4080106@t-online.de> <4DB49339.9030909@gmail.com> In-Reply-To: <4DB49339.9030909@gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-IsSubscribed: yes Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com X-SW-Source: 2011-04/txt/msg00375.txt.bz2 Daniel Colascione wrote: > On 4/24/11 9:39 AM, Christian Franke wrote: > >> On 2011-04-01, Christian Franke wrote: >> >>> The attached patch for /etc/profile and /etc/bash.bashrc sets a root >>> prompt ('#' instead of '$' or '%') if the shell runs with admin rights >>> (local or domain admin group). >>> >>> >> Any comment so far? Wrong list ? >> > > I like the idea, but your patch adds two subprocess invocations to the > shell startup path. Each one takes ~200ms, and we can't afford to add > any more. > > Agree. > Instead of examining the group list, you can use something like > > local isadmin=0 > [[ -w / ]]&& isadmin=1 > > False positive if same user installed Cygwin by running setup.exe with admin rights. [[...]] does not work with posh and dash. But all shells apparently have a builtin '[' command. > or > > local isadmin=0 > [[ -w /cygdrive/c ]]&& isadmin=1 > > False positive if /cygdrive is mounted with 'noacl' option. > Of course, that test assumes that only "administrators" can write to the > drive root, and that's an imperfect proxy for administrative rights. You > get the idea though: try to perform the test in pure bash code. > > Using a read access test on a registry key with SYSTEM only access might work in most cases: [ -r /proc/registry/HKEY_LOCAL_MACHINE/SECURITY ] && isadmin=1 Test succeeds if SeBackupPrivilege is enabled which is the case for Cygwin processes if user is in admin group or another group with this privilege. A test script for all shells is attached. Run with admin rights. Requires cygdrop from cygutils package. Script produces a false negative only from dash. Not really an issue, as dash is normally not used interactively. Christian -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple