From: ASSI <Stromeko@nexgo.de>
To: cygwin@cygwin.com
Subject: Re: Test for Windows Administrator permissions from Cygwin terminal|script?
Date: Sat, 19 Aug 2023 10:14:54 +0200 [thread overview]
Message-ID: <87cyzj4fep.fsf@Rainer.invalid> (raw)
In-Reply-To: <CANH4o6OpsvT99AeJ2uTcqyajWQHmffYJqV=RR4HBxoFaveR7sQ@mail.gmail.com> (Martin Wege via Cygwin's message of "Fri, 18 Aug 2023 04:01:01 +0200")
Martin Wege via Cygwin writes:
> How can I find out whether the current Cygwin terminal has
> Administrator rights? I want to safeguard our admin scripts with a
> simple test and bail out with an error if someone wants to do admin
> stuff (say: regtool) without admin privileges.
Windows really doesn't have a defined notion of what is or is not an
"administrator". Each particular definition will be insufficient or
invalid in certain contexts. When you're dealing with hardened
installations (via group policies or otherwise), large windows domains
and/or server administration you may have to be way more specific than
just looking at one simple indication.
That said, most commonly the presence of SID S-1-5-32-544 in your user
token (in Cygwin: gid=544, unless you override it in the group config)
will be the best simple approximation. Incidentally, this is what tcsh
is using on Cygwin to define the "superuser" for the purpose of setting
the prompt with "%#":
https://github.com/tcsh-org/tcsh/blob/d075ab5b4155ebff9d30e765733c030c3da5e362/tc.prompt.c#L212
For (ba)sh scripts you can parse the output from id along the lines of
id -G | grep -q '\<544\>' && echo admin || echo "not admin"
should be most workable.
Regards,
Achim.
--
+<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+
SD adaptation for Waldorf rackAttack V1.04R1:
http://Synth.Stromeko.net/Downloads.html#WaldorfSDada
next prev parent reply other threads:[~2023-08-19 8:15 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-18 2:01 Martin Wege
2023-08-18 2:18 ` Backwoods BC
2023-08-18 8:49 ` Mark Geisert
2023-08-18 8:59 ` Mark Geisert
2023-08-18 22:00 ` Doug Henderson
2023-08-19 8:14 ` ASSI [this message]
2023-08-19 17:33 ` Bill Stewart
2023-08-24 16:24 ` Martin Wege
2023-08-25 9:42 ` Corinna Vinschen
2023-08-24 13:01 ` Andrew Schulman
2023-08-24 14:52 ` Bill Stewart
2023-08-24 18:46 ` Bill Stewart
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87cyzj4fep.fsf@Rainer.invalid \
--to=stromeko@nexgo.de \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).