Re: Installer cannot write to Cygwin's /usr/local/etc

public inbox for cygwin@cygwin.com
 help / color / mirror / Atom feed

From: Gerry Reno <greno@verizon.net>
To: cygwin@cygwin.com
Subject: Re: Installer cannot write to Cygwin's /usr/local/etc
Date: Sun, 16 Feb 2014 17:39:00 -0000	[thread overview]
Message-ID: <5300F7A2.5080601@verizon.net> (raw)
In-Reply-To: <53006573.9080301@gmail.com>

On 02/16/2014 02:14 AM, Marco Atzeri wrote:
> On 16/02/2014 03:12, Gerry Reno wrote:
>> I have a Windows MSI installer that first loads Cygwin and then has a deferred copy of some files into /usr/local/bin
>> and /usr/local/etc.
>>
>> The copies into /usr/local/bin succeed fine.
>>
>> The copies into /usr/local/etc always get Access denied.
>>
>> I've tried swapping them and same behavior.  The files that would copy into /usr/local/bin now would not copy into
>> /usr/local/etc.
>>
>> I'm seeing this behavior on Windows 7 and Windows 2008R2 w/UAC.
>>
>> The installer prompts the user for elevated privileges to deal with UAC.
>>
>> Is there some underlying difference in the way that /usr/local/bin and /usr/local/etc are configured in Cygwin?
>
>
> it should be no difference.
> However you can check the Windows ACL with
>
> $ cd /usr/local
>
> /usr/local
> $ getfacl bin
> # file: bin
> # owner: marco
> # group: Administrators
> user::rwx
> group::r-x
> mask:rwx
> other:r-x
> default:user::rwx
> default:group::r-x
> default:other:r-x
>
> $ getfacl etc
> # file: etc
> # owner: marco
> # group: Administrators
> user::rwx
> group::r-x
> mask:rwx
> other:r-x
> default:user::rwx
> default:group::r-x
> default:other:r-x
>
> however, I will not be surprised if setup run by a MSI have additional
> limitation.
>
> Can you install the same "package" by setup alone to compare ?
>
>

I ran the acl checks and can find no difference between them which leads to this being yet another WiX/MSI installer
issue which doesn't surprise me.

Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
$ getfacl bin
# file: bin
# owner: Administrator
# group: Domain Users
user::rwx
group::r-x
mask:rwx
other:r-x
default:user::rwx
default:group::r-x
default:other:r-x


Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
$ getfacl etc
# file: etc
# owner: Administrator
# group: Domain Users
user::rwx
group::r-x
mask:rwx
other:r-x
default:user::rwx
default:group::r-x
default:other:r-x


Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
$ cacls bin
C:\cygwin\usr\local\bin SECRET\Administrator:F
                                      SECRET\Domain Users:R
                                      Everyone:R
                                      CREATOR OWNER:(OI)(CI)(IO)F
                                      CREATOR GROUP:(OI)(CI)(IO)R
                                      Everyone:(OI)(CI)(IO)R


Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
$ cacls etc
C:\cygwin\usr\local\etc SECRET\Administrator:F
                                      SECRET\Domain Users:R
                                      Everyone:R
                                      CREATOR OWNER:(OI)(CI)(IO)F
                                      CREATOR GROUP:(OI)(CI)(IO)R
                                      Everyone:(OI)(CI)(IO)R


Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
$ Icacls bin
bin SECRET\Administrator:(F)
    SECRET\Domain Users:(RX)
    Everyone:(RX)
    CREATOR OWNER:(OI)(CI)(IO)(F)
    CREATOR GROUP:(OI)(CI)(IO)(RX)
    Everyone:(OI)(CI)(IO)(RX)

Successfully processed 1 files; Failed processing 0 files

Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
$ Icacls etc
etc SECRET\Administrator:(F)
    SECRET\Domain Users:(RX)
    Everyone:(RX)
    CREATOR OWNER:(OI)(CI)(IO)(F)
    CREATOR GROUP:(OI)(CI)(IO)(RX)
    Everyone:(OI)(CI)(IO)(RX)

Successfully processed 1 files; Failed processing 0 files


Thanks for your help.



--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

next prev parent reply	other threads:[~2014-02-16 17:39 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-02-16  2:35 Gerry Reno
2014-02-16  4:51 ` Andrey Repin
2014-02-16  5:40   ` Gerry Reno
2014-02-16  6:17     ` Andrey Repin
2014-02-16  8:46       ` Marco Atzeri
2014-02-16 17:09       ` Christopher Faylor
2014-02-16  7:35 ` Marco Atzeri
2014-02-16  7:35   ` Andrey Repin
2014-02-16  9:05     ` Marco Atzeri
2014-02-16  9:09       ` Andrey Repin
2014-02-16 10:31         ` Marco Atzeri
2014-02-16 17:39   ` Gerry Reno [this message]
2014-02-16 18:25     ` Gerry Reno

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5300F7A2.5080601@verizon.net \
    --to=greno@verizon.net \
    --cc=cygwin@cygwin.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).