This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: new Info on File Permission Problems on Windows XP, cygwin 1.3.22


Hi Mark,

OK, I'll take your word for it.  I had a quick look at the User's Guide
for the sections discussing 'ntsec' and didn't see anything obviously
referring to a 'patch', with the possible exception of the discussion of
'setuid'.  But that doesn't mean that the document doesn't use this
terminology in reference to the 'ntsec' functionality.  My main reason
for asking was that 'patch' indicates to me something that is at least
a recent change, which 'ntsec' is not.  I wanted to make sure I understood
that you were talking about this long-standing functionality and not
something new/different.

I agree that you shouldn't need to set the group to 'Administrators' to
get this working.  It may well indicate that there is a bug somewhere in
cvs or in cygwin's permissions code.  I suppose you could try running with
your CYGWIN environment variable set to 'nontsec' as a rough cut.  BTW,
'ntsec' is the default setting for a while now, so it's not necessary
that you set it in your CYGWIN environment variable.

Just curious, are any of the users in the 'cvs' group also in the
'Administrators' group?  If so, are your permissions problems only
evident between the 'have' and 'have-not' users?

Larry


Mark Priest wrote:


Larry,

I am referring to the ntsec setting for the CYGWIN environment variable.  It
is described as the ntsec patch in the user document so I thought that was
the name people were familiar with.

Thanks,
Mark

----- Original Message -----
From: "Larry Hall" <cygwin-lh@cygwin.com>
To: "Mark Priest" <mpriest@erols.com>
Cc: <cygwin@cygwin.com>
Sent: Thursday, July 03, 2003 5:31 PM
Subject: Re: new Info on File Permission Problems on Windows XP, cygwin
1.3.22



Just curious. What "ntsec patch" are you referring to?

Larry

Mark Priest wrote:


Hello,

I was able to fix the problem with file permissions by adding the cvs

users


into the Administrators group.  This should not be necessary from my
understanding of Cygwin and the ntsec patch.  This is a bit of a

security


hole since these users have no reason to be Administrators on my Windows

XP


Professional server. I think that the permission problem I am

experiencing


in the cvs repository is some kind of bug in the ntsec patch.

----- Original Message -----
From: "Mark Priest" <mpriest@erols.com>
To: <cygwin@cygwin.com>
Sent: Thursday, July 03, 2003 3:33 AM
Subject: File Permission Problems on Windows XP, cygwin 1.3.22




Hello,

I am serving a cvs repository from a Windows XP Professional machine

under


Cygwin 1.3.22 and I believe that I am having a file permissions problem

in


the cvs repository.  My repository is located at /cvs and all cvs users
belong to the "cvs" group as their primary group.  All directories in

the


repository have rwx permissions for this group as well as for the owner.
Therefore, I should be able to replace the ,v files with a new version

as


part of a commit for any users in the cvs group. However, only the

owner


of


each ,v file (i.e. the developer that added or last modified the file)

can


successfully commit. The CYGWIN environment variable is set to 'ntsec'.

When I commit files from a user that is not the owner of the file the

commit



fails as follows:

cvs -t commit -m "try commit" readme.txt (in directory C:\dev\bar)
cvs commit: notice: main loop with CVSROOT=:ext:markp@192.168.2.105:/cvs
-> Starting server: plink.exe 192.168.2.105 -i
C:\keys\mpriest_private.PPK -l markp cvs server
-> Sending file `readme.txt' to server
S-> write_lock(/cvs/bar)
S-> checkout (/cvs/bar/readme.txt,v, 1.1.1.1, , (function))
S-> Parse_Info (/cvs/CVSROOT/commitinfo, bar, ALL)
Checking in readme.txt;
/cvs/bar/readme.txt,v  <--  readme.txt
S-> Parse_Info (/cvs/CVSROOT/verifymsg, bar, not ALL)
S-> checkout (/cvs/bar/readme.txt,v, 1.1, -ko, /tmp/cvs003472)
new revision: 1.2; previous revision: 1.1
S-> rename(/cvs/bar/,readme.txt,,/cvs/bar/readme.txt,v)
cvs [server aborted]: cannot rename file /cvs/bar/,readme.txt, to
/cvs/bar/readme.txt,v: Permission denied
S-> unlink_file(/cvs/bar/,readme.txt,)
S-> Lock_Cleanup()

I have seen this error message discussed on the cvs mailing list

archives


but those discussion were only relevant for cases where people hosted

the


repository on a network share. My /cvs repository is in a local hard

disk


directory.

When I try to emulate a file move as this same user, markp, directly in

the



repository at the cygwin command prompt I experience the same permission
error as follows:

markp@markonius /cvs/bar
$ id
uid=1019(markp) gid=1015(cvs) groups=513(None),545(Users),1015(cvs)

markp@markonius /cvs/bar
$ pwd
/cvs/bar

markp@markonius /cvs/bar
$ ls -alF
total 3
drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:48 ./
drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
-r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
-r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
-r--r--r--    1 cvsuser  cvs           423 Jun 30 17:33 readme.txt,v

markp@markonius /cvs/bar
$ cp readme.txt,v tmp

markp@markonius /cvs/bar
$ ls -alF
total 4
drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:50 ./
drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
-r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
-r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
-r--r--r--    1 cvsuser  cvs           423 Jun 30 17:33 readme.txt,v
-r--r--r--    1 markp    cvs           423 Jul  3 02:50 tmp

markp@markonius /cvs/bar
$ mv tmp readme.txt,v
mv: cannot move `tmp' to `readme.txt,v': Permission denied

markp@markonius /cvs/bar
$ echo $CYGWIN
ntsec

markp@markonius /cvs/bar


When I perform this same operation as the file owner the attempt

succeeds


(and so does a regular CVS commit operation) as follows:

cvsuser@markonius /cvs/bar
$ id
uid=1016(cvsuser) gid=1015(cvs) groups=513(None),545(Users),1015(cvs)

cvsuser@markonius /cvs/bar
$ echo $CYGWIN
ntsec

cvsuser@markonius /cvs/bar
$ pwd
/cvs/bar

cvsuser@markonius /cvs/bar
$ ls -alF
total 3
drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:53 ./
drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
-r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
-r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
-r--r--r--    1 cvsuser  cvs           423 Jun 30 17:33 readme.txt,v

cvsuser@markonius /cvs/bar
$ cp readme.txt,v tmp

cvsuser@markonius /cvs/bar
$ ls -alF
total 4
drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:53 ./
drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
-r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
-r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
-r--r--r--    1 cvsuser  cvs           423 Jun 30 17:33 readme.txt,v
-r--r--r--    1 cvsuser  cvs           423 Jul  3 02:53 tmp

cvsuser@markonius /cvs/bar
$ mv tmp readme.txt,v

cvsuser@markonius /cvs/bar
$ ls -alF
total 3
drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:53 ./
drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
-r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
-r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
-r--r--r--    1 cvsuser  cvs           423 Jul  3 02:53 readme.txt,v

I have attached the results of cygcheck to this email and I have the

CYGWIN



environment variable set to 'ntsec'.

Please help me understand what is wrong with my repository file

permissions.



Thanks,
Mark


--
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
838 Washington Street                   (508) 893-9889 - FAX
Holliston, MA 01746




-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]