From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 10291 invoked by alias); 5 May 2014 22:29:09 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 10281 invoked by uid 89); 5 May 2014 22:29:08 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.4 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2 X-HELO: vms173019pub.verizon.net Received: from vms173019pub.verizon.net (HELO vms173019pub.verizon.net) (206.46.173.19) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 05 May 2014 22:29:07 +0000 Received: from [192.168.1.32] ([unknown] [74.104.179.122]) by vms173019.mailsrvcs.net (Sun Java(tm) System Messaging Server 7u2-7.02 32bit (built Apr 16 2009)) with ESMTPA id <0N54007S2H4DWTI0@vms173019.mailsrvcs.net> for cygwin@cygwin.com; Mon, 05 May 2014 17:29:06 -0500 (CDT) Message-id: <536810AD.4020100@cygwin.com> Date: Mon, 05 May 2014 22:29:00 -0000 From: "Larry Hall (Cygwin)" Reply-to: cygwin@cygwin.com User-Agent: Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 MIME-version: 1.0 To: cygwin@cygwin.com Subject: Re: Problem with "None" Group on Non-Domain Members References: <536796E4.2090009@breisch.org> <20140505135928.GK30918@calimero.vinschen.de> <53679D5C.5030209@breisch.org> <20140505144745.GA6993@calimero.vinschen.de> <5367ACED.40409@breisch.org> <20140505154230.GB7694@calimero.vinschen.de> <5367B990.8050907@breisch.org> <20140505165723.GM30918@calimero.vinschen.de> <5367DEE5.5010407@breisch.org> <5367EA1F.3060800@cygwin.com> <5368094E.7040806@breisch.org> <53680B9F.3010906@breisch.org> In-reply-to: <53680B9F.3010906@breisch.org> Content-type: text/plain; charset=ISO-8859-1; format=flowed Content-transfer-encoding: 7bit X-SW-Source: 2014-05/txt/msg00075.txt.bz2 On 05/05/2014 06:07 PM, Chris J. Breisch wrote: > Chris J. Breisch wrote: >> Larry Hall (Cygwin) wrote: >>> On 05/05/2014 02:56 PM, Chris J. Breisch wrote: >>>> Corinna Vinschen wrote: >>>>> On May 5 12:17, Chris J. Breisch wrote: >>>>>> Corinna Vinschen wrote: >>>>>>> An strace of `chmod 400 bar' might sched some light on this issue, >>>>>>> but I >>>>>>> have a gut feeling the underlying WIndows call will not even >>>>>>> return an >>>>>>> error code... >>>>>> Attached. Your gut seems to be working today... >>>>> >>>>> There *is* something weird here. Look at this: >>>>> >>>>>> 151 36702 [main] chmod 5536 alloc_sd: uid 1001, gid 513, attribute >>>>>> 0x2190 >>>>>> 65 36767 [main] chmod 5536 cygsid::debug_print: alloc_sd: owner SID >>>>>> = S-1-5-21-3514886939-1786686319-3519756147-1001 (+) >>>>>> 70 36837 [main] chmod 5536 cygsid::debug_print: alloc_sd: group SID >>>>>> = S-1-5-21-3514886939-1786686319-3519756147-1001 (+) >>>>> >>>>> alloc_sd (the underlying function creating a security descriptor) gets >>>>> a uid 1001 and gid 513 as input, as usual. But the owner *and* group >>>>> SIDs of the file's existing security descriptor is >>>>> S-1-5-21-3514886939-1786686319-3519756147-1001, the SID of your user >>>>> account. >>>>> >>>>> Why is your user account the primary group of the file, even though >>>>> your user token definitely has "None" (513) as its primary group? >>>>> How did it get there? >>>>> >>>> I don't have a clue. You're the expert. :) >>>> >>> >>> I'm wondering if we're getting the user id as the group for the MS >>> Account because there is no group id. Chris, what does 'id' for >>> each of these accounts look like and is the group id (assuming they >>> are different that the user id) in there? >>> >>> >> >> Well, I hope I'm not comparing apples and oranges, because now I'm at >> home. However, I have duplicated the scenario and results on this >> machine. It was actually where I noticed it first. >> >> id produces expected results: >> >> MS account: >> $ id >> uid=1001(Chris) gid=513(None) groups=513(None),545(Users),1003(HomeUsers) >> >> Local account: >> $ id >> uid=1007(cjb) gid=513(None) groups=513(None),545(Users),1003(HomeUsers) >> >> Actually, it's not quite what I expected. Chris is in the Administrators >> group, and that's not shown. >> >> $ net user Chris >> User name Chris >> Full Name Chris Breisch >> Comment >> User's comment >> Country/region code 001 (United States) >> Account active Yes >> Account expires Never >> >> [snip PW stuff for Cygwin filter] >> >> Workstations allowed All >> Logon script >> User profile >> Home directory >> Last logon 5/1/2014 8:39:44 PM >> >> Logon hours allowed All >> >> Local Group Memberships *Administrators *HomeUsers >> *Users >> Global Group memberships *None >> The command completed successfully. >> >> $ net user cjb >> User name cjb >> Full Name cjb >> Comment >> User's comment >> Country/region code 000 (System Default) >> Account active Yes >> Account expires Never >> >> [snip] >> >> Workstations allowed All >> Logon script >> User profile >> Home directory >> Last logon 5/5/2014 5:40:39 PM >> >> Logon hours allowed All >> >> Local Group Memberships *HomeUsers *Users >> Global Group memberships *None >> The command completed successfully. >> >> > Hmmm, just noticed something in /etc/group: > > Chris J. Breisch:S-1-5-21-3514886939-1786686319-3519756147-1001:11001: > > and on another machine where I can reproduce this: > Chris:S-1-5-21-1055441198-2882714470-4103286779-1001:11001: > > Oddly, mkgroup -l does not produce this line on either machine, so I'm not > sure where it came from. In both cases, the SID for the group is the same as > the my user's SID. Is 513/None in the /etc/group file too or is it missing? -- Larry _____________________________________________________________________ A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting annoying in email? -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple