OK, I'll take your word for it. I had a quick look at the User's Guide for the sections discussing 'ntsec' and didn't see anything obviously referring to a 'patch', with the possible exception of the discussion of 'setuid'. But that doesn't mean that the document doesn't use this terminology in reference to the 'ntsec' functionality. My main reason for asking was that 'patch' indicates to me something that is at least a recent change, which 'ntsec' is not. I wanted to make sure I understood that you were talking about this long-standing functionality and not something new/different.
I agree that you shouldn't need to set the group to 'Administrators' to get this working. It may well indicate that there is a bug somewhere in cvs or in cygwin's permissions code. I suppose you could try running with your CYGWIN environment variable set to 'nontsec' as a rough cut. BTW, 'ntsec' is the default setting for a while now, so it's not necessary that you set it in your CYGWIN environment variable.
Just curious, are any of the users in the 'cvs' group also in the 'Administrators' group? If so, are your permissions problems only evident between the 'have' and 'have-not' users?
Larry
Mark Priest wrote:
Larry,
I am referring to the ntsec setting for the CYGWIN environment variable. It is described as the ntsec patch in the user document so I thought that was the name people were familiar with.
Thanks, Mark
----- Original Message ----- From: "Larry Hall" <[EMAIL PROTECTED]> To: "Mark Priest" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, July 03, 2003 5:31 PM Subject: Re: new Info on File Permission Problems on Windows XP, cygwin 1.3.22
Just curious. What "ntsec patch" are you referring to?
Larry
Mark Priest wrote:
Hello,
I was able to fix the problem with file permissions by adding the cvs
users
into the Administrators group. This should not be necessary from my understanding of Cygwin and the ntsec patch. This is a bit of a
security
hole since these users have no reason to be Administrators on my Windows
XP
Professional server. I think that the permission problem I am
experiencing
in the cvs repository is some kind of bug in the ntsec patch.
----- Original Message ----- From: "Mark Priest" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, July 03, 2003 3:33 AM Subject: File Permission Problems on Windows XP, cygwin 1.3.22
Hello,
I am serving a cvs repository from a Windows XP Professional machine
under
Cygwin 1.3.22 and I believe that I am having a file permissions problem
in
the cvs repository. My repository is located at /cvs and all cvs users belong to the "cvs" group as their primary group. All directories in
the
repository have rwx permissions for this group as well as for the owner. Therefore, I should be able to replace the ,v files with a new version
as
part of a commit for any users in the cvs group. However, only the
owner
of
each ,v file (i.e. the developer that added or last modified the file)
can
successfully commit. The CYGWIN environment variable is set to 'ntsec'.
When I commit files from a user that is not the owner of the file the
commit
fails as follows:
cvs -t commit -m "try commit" readme.txt (in directory C:\dev\bar) cvs commit: notice: main loop with CVSROOT=:ext:[EMAIL PROTECTED]:/cvs -> Starting server: plink.exe 192.168.2.105 -i C:\keys\mpriest_private.PPK -l markp cvs server -> Sending file `readme.txt' to server S-> write_lock(/cvs/bar) S-> checkout (/cvs/bar/readme.txt,v, 1.1.1.1, , (function)) S-> Parse_Info (/cvs/CVSROOT/commitinfo, bar, ALL) Checking in readme.txt; /cvs/bar/readme.txt,v <-- readme.txt S-> Parse_Info (/cvs/CVSROOT/verifymsg, bar, not ALL) S-> checkout (/cvs/bar/readme.txt,v, 1.1, -ko, /tmp/cvs003472) new revision: 1.2; previous revision: 1.1 S-> rename(/cvs/bar/,readme.txt,,/cvs/bar/readme.txt,v) cvs [server aborted]: cannot rename file /cvs/bar/,readme.txt, to /cvs/bar/readme.txt,v: Permission denied S-> unlink_file(/cvs/bar/,readme.txt,) S-> Lock_Cleanup()
I have seen this error message discussed on the cvs mailing list
archives
but those discussion were only relevant for cases where people hosted
the
repository on a network share. My /cvs repository is in a local hard
disk
directory.
When I try to emulate a file move as this same user, markp, directly in
the
repository at the cygwin command prompt I experience the same permission error as follows:
[EMAIL PROTECTED] /cvs/bar $ id uid=1019(markp) gid=1015(cvs) groups=513(None),545(Users),1015(cvs)
[EMAIL PROTECTED] /cvs/bar $ pwd /cvs/bar
[EMAIL PROTECTED] /cvs/bar $ ls -alF total 3 drwxrwxr-x+ 2 cvs cvs 0 Jul 3 02:48 ./ drwxrwxr-x+ 7 cvs cvs 0 Jun 30 17:16 ../ -r--r--r-- 1 markp cvs 542 Jun 30 17:27 bar.c,v -r--r--r-- 1 markp cvs 406 Jun 30 17:16 bar.h,v -r--r--r-- 1 cvsuser cvs 423 Jun 30 17:33 readme.txt,v
[EMAIL PROTECTED] /cvs/bar $ cp readme.txt,v tmp
[EMAIL PROTECTED] /cvs/bar $ ls -alF total 4 drwxrwxr-x+ 2 cvs cvs 0 Jul 3 02:50 ./ drwxrwxr-x+ 7 cvs cvs 0 Jun 30 17:16 ../ -r--r--r-- 1 markp cvs 542 Jun 30 17:27 bar.c,v -r--r--r-- 1 markp cvs 406 Jun 30 17:16 bar.h,v -r--r--r-- 1 cvsuser cvs 423 Jun 30 17:33 readme.txt,v -r--r--r-- 1 markp cvs 423 Jul 3 02:50 tmp
[EMAIL PROTECTED] /cvs/bar $ mv tmp readme.txt,v mv: cannot move `tmp' to `readme.txt,v': Permission denied
[EMAIL PROTECTED] /cvs/bar $ echo $CYGWIN ntsec
[EMAIL PROTECTED] /cvs/bar
When I perform this same operation as the file owner the attempt
succeeds
(and so does a regular CVS commit operation) as follows:
[EMAIL PROTECTED] /cvs/bar $ id uid=1016(cvsuser) gid=1015(cvs) groups=513(None),545(Users),1015(cvs)
[EMAIL PROTECTED] /cvs/bar $ echo $CYGWIN ntsec
[EMAIL PROTECTED] /cvs/bar $ pwd /cvs/bar
[EMAIL PROTECTED] /cvs/bar $ ls -alF total 3 drwxrwxr-x+ 2 cvs cvs 0 Jul 3 02:53 ./ drwxrwxr-x+ 7 cvs cvs 0 Jun 30 17:16 ../ -r--r--r-- 1 markp cvs 542 Jun 30 17:27 bar.c,v -r--r--r-- 1 markp cvs 406 Jun 30 17:16 bar.h,v -r--r--r-- 1 cvsuser cvs 423 Jun 30 17:33 readme.txt,v
[EMAIL PROTECTED] /cvs/bar $ cp readme.txt,v tmp
[EMAIL PROTECTED] /cvs/bar $ ls -alF total 4 drwxrwxr-x+ 2 cvs cvs 0 Jul 3 02:53 ./ drwxrwxr-x+ 7 cvs cvs 0 Jun 30 17:16 ../ -r--r--r-- 1 markp cvs 542 Jun 30 17:27 bar.c,v -r--r--r-- 1 markp cvs 406 Jun 30 17:16 bar.h,v -r--r--r-- 1 cvsuser cvs 423 Jun 30 17:33 readme.txt,v -r--r--r-- 1 cvsuser cvs 423 Jul 3 02:53 tmp
[EMAIL PROTECTED] /cvs/bar $ mv tmp readme.txt,v
[EMAIL PROTECTED] /cvs/bar $ ls -alF total 3 drwxrwxr-x+ 2 cvs cvs 0 Jul 3 02:53 ./ drwxrwxr-x+ 7 cvs cvs 0 Jun 30 17:16 ../ -r--r--r-- 1 markp cvs 542 Jun 30 17:27 bar.c,v -r--r--r-- 1 markp cvs 406 Jun 30 17:16 bar.h,v -r--r--r-- 1 cvsuser cvs 423 Jul 3 02:53 readme.txt,v
I have attached the results of cygcheck to this email and I have the
CYGWIN
environment variable set to 'ntsec'.
Please help me understand what is wrong with my repository file
permissions.
Thanks, Mark
-- Larry Hall http://www.rfk.com RFK Partners, Inc. (508) 893-9779 - RFK Office 838 Washington Street (508) 893-9889 - FAX Holliston, MA 01746
-- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
