This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

new Info on File Permission Problems on Windows XP, cygwin 1.3.22


Hello,

I was able to fix the problem with file permissions by adding the cvs users
into the Administrators group.  This should not be necessary from my
understanding of Cygwin and the ntsec patch.  This is a bit of a security
hole since these users have no reason to be Administrators on my Windows XP
Professional server.  I think that the permission problem I am experiencing
in the cvs repository is some kind of bug in the ntsec patch.

----- Original Message -----
From: "Mark Priest" <mpriest@erols.com>
To: <cygwin@cygwin.com>
Sent: Thursday, July 03, 2003 3:33 AM
Subject: File Permission Problems on Windows XP, cygwin 1.3.22


> Hello,
>
> I am serving a cvs repository from a Windows XP Professional machine under
> Cygwin 1.3.22 and I believe that I am having a file permissions problem in
> the cvs repository.  My repository is located at /cvs and all cvs users
> belong to the "cvs" group as their primary group.  All directories in the
> repository have rwx permissions for this group as well as for the owner.
> Therefore, I should be able to replace the ,v files with a new version as
> part of a commit for any users in the cvs group.  However, only the owner
of
> each ,v file (i.e. the developer that added or last modified the file) can
> successfully commit.  The CYGWIN environment variable is set to 'ntsec'.
>
> When I commit files from a user that is not the owner of the file the
commit
> fails as follows:
>
> cvs -t commit -m "try commit" readme.txt (in directory C:\dev\bar)
> cvs commit: notice: main loop with CVSROOT=:ext:markp@192.168.2.105:/cvs
>  -> Starting server: plink.exe 192.168.2.105 -i
> C:\keys\mpriest_private.PPK -l markp cvs server
>  -> Sending file `readme.txt' to server
> S-> write_lock(/cvs/bar)
> S-> checkout (/cvs/bar/readme.txt,v, 1.1.1.1, , (function))
> S-> Parse_Info (/cvs/CVSROOT/commitinfo, bar, ALL)
> Checking in readme.txt;
> /cvs/bar/readme.txt,v  <--  readme.txt
> S-> Parse_Info (/cvs/CVSROOT/verifymsg, bar, not ALL)
> S-> checkout (/cvs/bar/readme.txt,v, 1.1, -ko, /tmp/cvs003472)
> new revision: 1.2; previous revision: 1.1
> S-> rename(/cvs/bar/,readme.txt,,/cvs/bar/readme.txt,v)
> cvs [server aborted]: cannot rename file /cvs/bar/,readme.txt, to
> /cvs/bar/readme.txt,v: Permission denied
> S-> unlink_file(/cvs/bar/,readme.txt,)
> S-> Lock_Cleanup()
>
> I have seen this error message discussed on the cvs mailing list archives
> but those discussion were only relevant for cases where people hosted the
> repository on a network share.  My /cvs repository is in a local hard disk
> directory.
>
> When I try to emulate a file move as this same user, markp, directly in
the
> repository at the cygwin command prompt I experience the same permission
> error as follows:
>
> markp@markonius /cvs/bar
> $ id
> uid=1019(markp) gid=1015(cvs) groups=513(None),545(Users),1015(cvs)
>
> markp@markonius /cvs/bar
> $ pwd
> /cvs/bar
>
> markp@markonius /cvs/bar
> $ ls -alF
> total 3
> drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:48 ./
> drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
> -r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
> -r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
> -r--r--r--    1 cvsuser  cvs           423 Jun 30 17:33 readme.txt,v
>
> markp@markonius /cvs/bar
> $ cp readme.txt,v tmp
>
> markp@markonius /cvs/bar
> $ ls -alF
> total 4
> drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:50 ./
> drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
> -r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
> -r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
> -r--r--r--    1 cvsuser  cvs           423 Jun 30 17:33 readme.txt,v
> -r--r--r--    1 markp    cvs           423 Jul  3 02:50 tmp
>
> markp@markonius /cvs/bar
> $ mv tmp readme.txt,v
> mv: cannot move `tmp' to `readme.txt,v': Permission denied
>
> markp@markonius /cvs/bar
> $ echo $CYGWIN
> ntsec
>
> markp@markonius /cvs/bar
>
>
> When I perform this same operation as the file owner the attempt succeeds
> (and so does a regular CVS commit operation) as follows:
>
> cvsuser@markonius /cvs/bar
> $ id
> uid=1016(cvsuser) gid=1015(cvs) groups=513(None),545(Users),1015(cvs)
>
> cvsuser@markonius /cvs/bar
> $ echo $CYGWIN
> ntsec
>
> cvsuser@markonius /cvs/bar
> $ pwd
> /cvs/bar
>
> cvsuser@markonius /cvs/bar
> $ ls -alF
> total 3
> drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:53 ./
> drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
> -r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
> -r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
> -r--r--r--    1 cvsuser  cvs           423 Jun 30 17:33 readme.txt,v
>
> cvsuser@markonius /cvs/bar
> $ cp readme.txt,v tmp
>
> cvsuser@markonius /cvs/bar
> $ ls -alF
> total 4
> drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:53 ./
> drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
> -r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
> -r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
> -r--r--r--    1 cvsuser  cvs           423 Jun 30 17:33 readme.txt,v
> -r--r--r--    1 cvsuser  cvs           423 Jul  3 02:53 tmp
>
> cvsuser@markonius /cvs/bar
> $ mv tmp readme.txt,v
>
> cvsuser@markonius /cvs/bar
> $ ls -alF
> total 3
> drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:53 ./
> drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
> -r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
> -r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
> -r--r--r--    1 cvsuser  cvs           423 Jul  3 02:53 readme.txt,v
>
> I have attached the results of cygcheck to this email and I have the
CYGWIN
> environment variable set to 'ntsec'.
>
> Please help me understand what is wrong with my repository file
permissions.
>
> Thanks,
> Mark
>


----------------------------------------------------------------------------
----


> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Problem reports:       http://cygwin.com/problems.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/

Attachment: cygcheck_out.txt
Description: Text document

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]