www.delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2014/02/16/13:16:08

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:message-id:date:from:mime-version:to:subject
:references:in-reply-to:content-type:content-transfer-encoding;
q=dns; s=default; b=VYUmphVPK+F7OyzTCrk2YCrTMDNotpwX4anglJeO5yB
s0BiViz3DmV2Epd6VTH8r6lzsnrM62iVp5vPDjgxmVQaop4MADkqxmdYmeiu0hXw
iiKXs6oHaln4gg9FQywZglPd/eGCxgjSyHhD6R/DtsNBy92GNQXO2Ppp7S2ZQY2k
=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:message-id:date:from:mime-version:to:subject
:references:in-reply-to:content-type:content-transfer-encoding;
s=default; bh=VsrCJF3t63GriuiLrCCy9dLInfI=; b=uRobOqlSVR3Cah4bn
NvrQReE6d0WNL9pGueawsWTJWagjAyVFFeZvX3Aa3R13oX8+5nsgCgdYmcxIwm85
XJzD/oz48C4TFO1eaqlzmv65xfWdd95A7nNYApljPImi+Lxw0e5eTD37+ACaBFrW
WMLuwwN+PQyUlU7HWSFxKU4Bmk=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=0.6 required=5.0 tests=AWL,BAYES_50,RCVD_IN_DNSWL_NONE,RP_MATCHES_RCVD,SPF_PASS,UNSUBSCRIBE_BODY autolearn=no version=3.3.2
X-HELO: vms173025pub.verizon.net
Message-id: <5301004C.1050203@verizon.net>
Date: Sun, 16 Feb 2014 13:15:40 -0500
From: Gerry Reno <greno AT verizon DOT net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130625 Thunderbird/17.0.7
MIME-version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: Installer cannot write to Cygwin's /usr/local/etc
References: <53001E78 DOT 8060706 AT verizon DOT net> <53006573 DOT 9080301 AT gmail DOT com> <5300F7A2 DOT 5080601 AT verizon DOT net>
In-reply-to: <5300F7A2.5080601@verizon.net>
X-IsSubscribed: yes 

On 02/16/2014 12:38 PM, Gerry Reno wrote:
>
> I ran the acl checks and can find no difference between them which leads to this being yet another WiX/MSI installer
> issue which doesn't surprise me.
>
> Administrator AT WIN-SERVER /cygdrive/c/cygwin/usr/local
> $ getfacl bin
> # file: bin
> # owner: Administrator
> # group: Domain Users
> user::rwx
> group::r-x
> mask:rwx
> other:r-x
> default:user::rwx
> default:group::r-x
> default:other:r-x
>
>
> Administrator AT WIN-SERVER /cygdrive/c/cygwin/usr/local
> $ getfacl etc
> # file: etc
> # owner: Administrator
> # group: Domain Users
> user::rwx
> group::r-x
> mask:rwx
> other:r-x
> default:user::rwx
> default:group::r-x
> default:other:r-x
>
>
> Administrator AT WIN-SERVER /cygdrive/c/cygwin/usr/local
> $ cacls bin
> C:\cygwin\usr\local\bin SECRET\Administrator:F
>                                       SECRET\Domain Users:R
>                                       Everyone:R
>                                       CREATOR OWNER:(OI)(CI)(IO)F
>                                       CREATOR GROUP:(OI)(CI)(IO)R
>                                       Everyone:(OI)(CI)(IO)R
>
>
> Administrator AT WIN-SERVER /cygdrive/c/cygwin/usr/local
> $ cacls etc
> C:\cygwin\usr\local\etc SECRET\Administrator:F
>                                       SECRET\Domain Users:R
>                                       Everyone:R
>                                       CREATOR OWNER:(OI)(CI)(IO)F
>                                       CREATOR GROUP:(OI)(CI)(IO)R
>                                       Everyone:(OI)(CI)(IO)R
>
>
> Administrator AT WIN-SERVER /cygdrive/c/cygwin/usr/local
> $ Icacls bin
> bin SECRET\Administrator:(F)
>     SECRET\Domain Users:(RX)
>     Everyone:(RX)
>     CREATOR OWNER:(OI)(CI)(IO)(F)
>     CREATOR GROUP:(OI)(CI)(IO)(RX)
>     Everyone:(OI)(CI)(IO)(RX)
>
> Successfully processed 1 files; Failed processing 0 files
>
> Administrator AT WIN-SERVER /cygdrive/c/cygwin/usr/local
> $ Icacls etc
> etc SECRET\Administrator:(F)
>     SECRET\Domain Users:(RX)
>     Everyone:(RX)
>     CREATOR OWNER:(OI)(CI)(IO)(F)
>     CREATOR GROUP:(OI)(CI)(IO)(RX)
>     Everyone:(OI)(CI)(IO)(RX)
>
> Successfully processed 1 files; Failed processing 0 files
>
>
> Thanks for your help.
>

In case anyone else runs into this I found the problem, which was that on both these machines there was an already
existing install of Cygwin.

I removed these existing installations and then reran the installer which called out and ran Cygwin setup which created
a whole new Cygwin installation.

This time the installer had no problem copying files into the Cygwin installation.

For completeness here are the acls from the new Cygwin installations.  As you can see the installer uses SYSTEM as the
user account due to perMachine scope and elevated privileges required by UAC.

Administrator AT WIN-SERVER /cygdrive/c/cygwin/usr/local
$ getfacl bin
# file: bin
# owner: SYSTEM
# group: SYSTEM
user::rwx
group::rwx
mask:rwx
other:r-x
default:user::rwx
default:group::r-x
default:other:r-x


Administrator AT WIN-SERVER /cygdrive/c/cygwin/usr/local
$ getfacl etc
# file: etc
# owner: SYSTEM
# group: SYSTEM
user::rwx
group::rwx
mask:rwx
other:r-x
default:user::rwx
default:group::r-x
default:other:r-x


Administrator AT WIN-SERVER /cygdrive/c/cygwin/usr/local
$ cacls bin
C:\cygwin\usr\local\bin NT AUTHORITY\SYSTEM:F
                                      NT AUTHORITY\SYSTEM:R
                                      Everyone:R
                                      CREATOR OWNER:(OI)(CI)(IO)F
                                      CREATOR GROUP:(OI)(CI)(IO)R
                                      Everyone:(OI)(CI)(IO)R


Administrator AT WIN-SERVER /cygdrive/c/cygwin/usr/local
$ cacls etc
C:\cygwin\usr\local\etc NT AUTHORITY\SYSTEM:F
                                      NT AUTHORITY\SYSTEM:R
                                      Everyone:R
                                      CREATOR OWNER:(OI)(CI)(IO)F
                                      CREATOR GROUP:(OI)(CI)(IO)R
                                      Everyone:(OI)(CI)(IO)R


Administrator AT WIN-SERVER /cygdrive/c/cygwin/usr/local
$ Icacls bin
bin NT AUTHORITY\SYSTEM:(F)
    NT AUTHORITY\SYSTEM:(RX)
    Everyone:(RX)
    CREATOR OWNER:(OI)(CI)(IO)(F)
    CREATOR GROUP:(OI)(CI)(IO)(RX)
    Everyone:(OI)(CI)(IO)(RX)

Successfully processed 1 files; Failed processing 0 files

Administrator AT WIN-SERVER /cygdrive/c/cygwin/usr/local
$ Icacls etc
etc NT AUTHORITY\SYSTEM:(F)
    NT AUTHORITY\SYSTEM:(RX)
    Everyone:(RX)
    CREATOR OWNER:(OI)(CI)(IO)(F)
    CREATOR GROUP:(OI)(CI)(IO)(RX)
    Everyone:(OI)(CI)(IO)(RX)

Successfully processed 1 files; Failed processing 0 files

I don't know if there are any other ramifications of Cygwin being installed under SYSTEM account but so far everything seems to work.

Again, thanks for the help tracking this down.


Gerry



--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019