This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Challenge: a VERY strange problem with command substitution in bash


Hello,
  I apologize for not responding earlier - but a project kept me overly
busy, so extra cycles to reply here were not available.

The winner is: Richard Beels. Yes, you are right. Comodo was the source
of my problems.

What's funny is that when I migrated to Win10, I ran into this before
and had it fixed using some magic settings in Comodo. Magic because the
way the setting needed to be made to really work was against logic.

Now, just prior to my posting, the problem re-occurred, so I naturally
did not think of Comodo again causing this.
As it turns out, the culprit was a Windows Update that somehow undid the
settings in Comodo that I had carefully made before.
In the meantime, I had another run of Windows Update that influenced the
function of the Comodo firewall - resulting in rendering it partially
ineffective until reboot.

So, thanks for the quick feedback to all... yes, I managed to fix it again.

And for the record:
- Comodo Antivirus has not caused any problems.
- Comodo Auto-containment is fine, you may just want to exclude Cygwin
from the applications that may be contained. Not essential, though.
- Comodo HIPS I have on paranoid mode, anyway, just don't suppress any
pop-ups.
- Comodo VirusScope should only affect contained applications.
- Comodo Website Filterings is not really relevant, but I have it OFF,
anyway.
- Comodo Firewall has not caused any problems.
So, that's it? No. in the settings of Comodo, there is another section
"Advanced Protection" with the ominous title "Miscellanous".
- Heuristics: can cause issues with some scripts, I have it turned off.
- Detection of shellcode injections breaks some Cygwin mechanisms, turn
it off.
So, that's it? No. The shellcode injections option actually has a list
of exclusions.
If you simply turn the feature off, it won't help making Cygwin work.
You have to explicitly enable it, add all applications to the exclusion
list, then disable it.
Et voilá! Cygwin works.

Cheers,
--Jürgen


On 12.07.2017 01:22, Richard Beels via cygwin wrote:
> At 07/11/2017 at 15:12, Shakespearean monkeys danced on Jürgen
> Wagner's keyboard and said:
>> ...
>> Using backquotes instead of the command substitution with $(...) does
>> not change the results. I could swear this did work in an earlier
>> version of Cygwin on my Windows 7 machine.
>>
>> I tried this to see if the code in the parentheses is executed at all:
>>
>> $ value="$( date 2> foo | cat )"; echo "$? <$value>"
>>
>> The file "foo" was not created, i.e., it seems the commands don't
>> really get executed.
>>
>> $ value="$( date && pwd )"; echo "$? <$value>"
>> 0 <Tue Jul 11 20:49:09 CEST 2017
>> /home/juergen>
>>
>> $ value="$( date || pwd )"; echo "$? <$value>"
>> 0 <Tue Jul 11 20:32:27 CEST 2017>
>>
>> both work, so some control structures seem to be permissible... just
>> not a pipe.
>>
>> What is going on? Some misconfiguration? A Cygwin bug? Some
>> interaction with something weird in Windows 10? I am at loss to
>> understand what could be wrong... and am now most curious whether
>> anybody has an idea what is causing this. Does it work/not work in
>> the same way in your Cygwin installation?
>>
>> I came across this effect because ssh-host-config did not recognize
>> me as administrator anymore. It's due to a check for a certain user
>> group that uses a command substitution with a pipe. Replacing this
>> with an equivalent command works. The original line used "id -G" and
>> then a "grep -Eq" to check whether a certain group is on that list.
>>
>> I am VERY curious now! I've rarely been puzzled that much by such a
>> very elementary shell expression (looking back at 34 years of Unix
>> experience).
>
>
> Hi Jurgen.
>
> 90% chance it's what is called bloda in these parts.  It's in the FAQ
> on cygwin.com.  I'll go out on a limb and say you might have just
> installed/changed your AV/Firewall software.
>
> And if I want to be super-psychic, can I guess comodo?  Because I just
> changed to comodo a couple weeks ago and had the same subshell/command
> substitution/pipeline errors you're mentioning.
>
> If so, you need to exclude your cygwin folder from AV scanning.
> AND...  if the software does whitelisting or host intrusion protection
> (HIPS) or "run unknown executables in a container/sandbox" or
> something similar, you also need to trust all the executables, too. 
> Or switch to something else that doesn't trip cygwin's trigger.
>
> After doing that and a rebaseall, I haven't had a fork error in a
> week.  I can't wait to run setup and come up with an update process,
> though...
>
> Cheers!
>
>
> -- 
> Problem reports:       http://cygwin.com/problems.html
> FAQ:                   http://cygwin.com/faq/
> Documentation:         http://cygwin.com/docs.html
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
>
>


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]