From: "Chris J. Breisch" <chris.ml@breisch.org>
To: cygwin@cygwin.com
Subject: Re: Problem with "None" Group on Non-Domain Members
Date: Mon, 05 May 2014 21:57:00 -0000 [thread overview]
Message-ID: <5368094E.7040806@breisch.org> (raw)
In-Reply-To: <5367EA1F.3060800@cygwin.com>
Larry Hall (Cygwin) wrote:
> On 05/05/2014 02:56 PM, Chris J. Breisch wrote:
>> Corinna Vinschen wrote:
>>> On May 5 12:17, Chris J. Breisch wrote:
>>>> Corinna Vinschen wrote:
>>>>> An strace of `chmod 400 bar' might sched some light on this issue,
>>>>> but I
>>>>> have a gut feeling the underlying WIndows call will not even return an
>>>>> error code...
>>>> Attached. Your gut seems to be working today...
>>>
>>> There *is* something weird here. Look at this:
>>>
>>>> 151 36702 [main] chmod 5536 alloc_sd: uid 1001, gid 513, attribute
>>>> 0x2190
>>>> 65 36767 [main] chmod 5536 cygsid::debug_print: alloc_sd: owner SID
>>>> = S-1-5-21-3514886939-1786686319-3519756147-1001 (+)
>>>> 70 36837 [main] chmod 5536 cygsid::debug_print: alloc_sd: group SID
>>>> = S-1-5-21-3514886939-1786686319-3519756147-1001 (+)
>>>
>>> alloc_sd (the underlying function creating a security descriptor) gets
>>> a uid 1001 and gid 513 as input, as usual. But the owner *and* group
>>> SIDs of the file's existing security descriptor is
>>> S-1-5-21-3514886939-1786686319-3519756147-1001, the SID of your user
>>> account.
>>>
>>> Why is your user account the primary group of the file, even though
>>> your user token definitely has "None" (513) as its primary group?
>>> How did it get there?
>>>
>> I don't have a clue. You're the expert. :)
>>
>
> I'm wondering if we're getting the user id as the group for the MS
> Account because there is no group id. Chris, what does 'id' for
> each of these accounts look like and is the group id (assuming they
> are different that the user id) in there?
>
>
Well, I hope I'm not comparing apples and oranges, because now I'm at
home. However, I have duplicated the scenario and results on this
machine. It was actually where I noticed it first.
id produces expected results:
MS account:
$ id
uid=1001(Chris) gid=513(None) groups=513(None),545(Users),1003(HomeUsers)
Local account:
$ id
uid=1007(cjb) gid=513(None) groups=513(None),545(Users),1003(HomeUsers)
Actually, it's not quite what I expected. Chris is in the Administrators
group, and that's not shown.
$ net user Chris
User name Chris
Full Name Chris Breisch
Comment
User's comment
Country/region code 001 (United States)
Account active Yes
Account expires Never
[snip PW stuff for Cygwin filter]
Workstations allowed All
Logon script
User profile
Home directory
Last logon 5/1/2014 8:39:44 PM
Logon hours allowed All
Local Group Memberships *Administrators *HomeUsers
*Users
Global Group memberships *None
The command completed successfully.
$ net user cjb
User name cjb
Full Name cjb
Comment
User's comment
Country/region code 000 (System Default)
Account active Yes
Account expires Never
[snip]
Workstations allowed All
Logon script
User profile
Home directory
Last logon 5/5/2014 5:40:39 PM
Logon hours allowed All
Local Group Memberships *HomeUsers *Users
Global Group memberships *None
The command completed successfully.
--
Chris J. Breisch
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
next prev parent reply other threads:[~2014-05-05 21:57 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-05 13:49 Chris J. Breisch
2014-05-05 13:59 ` Corinna Vinschen
2014-05-05 14:17 ` Chris J. Breisch
2014-05-05 14:47 ` Corinna Vinschen
2014-05-05 15:23 ` Chris J. Breisch
2014-05-05 15:42 ` Corinna Vinschen
2014-05-05 16:17 ` Chris J. Breisch
2014-05-05 16:57 ` Corinna Vinschen
2014-05-05 18:52 ` Robert Pendell
2014-05-06 13:02 ` Corinna Vinschen
2014-05-05 18:56 ` Chris J. Breisch
2014-05-05 19:44 ` Larry Hall (Cygwin)
2014-05-05 21:57 ` Chris J. Breisch [this message]
2014-05-05 22:07 ` Chris J. Breisch
2014-05-05 22:29 ` Larry Hall (Cygwin)
2014-05-05 22:39 ` Chris J. Breisch
2014-05-06 0:43 ` Larry Hall (Cygwin)
2014-05-06 12:23 ` Chris J. Breisch
2014-05-05 22:09 ` Larry Hall (Cygwin)
2014-05-06 12:52 ` Microsoft Accounts (was Re: Problem with "None" Group on Non-Domain Members) Corinna Vinschen
2014-05-06 12:55 ` Corinna Vinschen
2014-05-06 13:01 ` Corinna Vinschen
2014-05-07 12:26 ` vlado99
2014-05-07 12:43 ` Corinna Vinschen
2014-05-06 17:01 ` Chris J. Breisch
2014-05-06 17:16 ` Corinna Vinschen
2014-05-06 18:22 ` Chris J. Breisch
2014-05-07 11:57 ` Corinna Vinschen
2014-05-07 12:40 ` Corinna Vinschen
2014-05-07 14:09 ` Chris J. Breisch
2014-05-07 14:46 ` Corinna Vinschen
2014-05-08 20:09 ` Corinna Vinschen
2014-05-08 23:18 ` Robert Pendell
2014-05-09 0:12 ` Ken Brown
2014-05-09 1:34 ` Robert Pendell
2014-05-09 6:11 ` Achim Gratz
2014-05-09 7:42 ` Corinna Vinschen
2014-05-07 14:05 ` Chris J. Breisch
2014-05-07 14:35 ` Corinna Vinschen
2014-05-07 14:05 ` Andrey Repin
2014-05-07 14:20 ` Corinna Vinschen
2014-05-07 14:43 ` Corinna Vinschen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5368094E.7040806@breisch.org \
--to=chris.ml@breisch.org \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).