X-Recipient: archive-cygwin AT delorie DOT com X-Spam-Check-By: sourceware.org Date: Wed, 9 Apr 2008 18:12:04 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1 Message-ID: <20080409161204.GJ23852@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <1207752935 DOT 9233 DOT 1246948379 AT webmail DOT messagingengine DOT com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1207752935.9233.1246948379@webmail.messagingengine.com> User-Agent: Mutt/1.5.16 (2007-06-09) Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com On Apr 9 10:55, Charles Wilson wrote: > On Wed, 9 Apr 2008 14:09:56 +0200, Corinna Vinschen wrote: > >Looks ok, but I have a few questions/comments. > > > >- When the script starts, the following text appears: > [snip verbose output] > >However, I think the whole message is too noisy and confusing for > >non-admins. > > That is odd. That particular text was mostly taken from ssh-host-config, > and should only appear if your script calls > csih_select_privileged_username() with no arguments (or if you are using > csih-0.1.3, instead of CVS csih) -- that is, the way ssh-host-config > calls it. The older version of csih_select_privileged_username ignores > its arguments; the newer one honors the '-q' option that [my] > ssh-user-config gives it. In which case, what you should see is > something like the following (but only if nt2003 or > csih_FORCE_PRIVILEGED_USER): > > *** Info: The following privileged accounts were found: .... > *** Info: This script will assume that ${opt_servicename} will run under > the" > *** Info: '${username}' account." > *** Query: Will ${opt_servicename} run under a different account?" > [yes/no], if yes, then: > *** Query: Enter the user name used by ${opt_servicename}: > > Hopefully, that's more acceptable for ssh-user-config? My bad, I didn't update csih to CVS. I still think that's too much for ssh-user-config. But since we don't need the setfacl anymore, that's a moot point now. > >Additionally, given that Cygwin opens > >files always with BACKUP_INTENT for a while anyway, and given that the > >service account is a member of the administrators group, which has > >backup user rights, there's not much reason anymore to add the service > >account to the ACL. I fear that's just old cruft in the ssh-user-script. > > Well, that's up to you. I wanted to do something that was as close to > equivalent as the existing ssh-[host|user]-config, with only those > changes necessary to support a common service account whose name might > not be 'sshd_service'. And that was really very nice. I'm not trying to critizise the general approach. I just think we (that is: I) should get rid of the entire message and the setfacl in ssh-user-config. > >The query "Do you want to use different name?" is a bit upside down, > >IMHO. The query should be rather phrased positively "Do you want to use > >t name?" > > I already addressed this: > http://cygwin.com/ml/cygwin/2008-03/msg00447.html > > Phrasing that question in the opposite sense breaks postinstall scripts, > where auto_answer="no". That is: > > Do you want to use this name? > Enter the name you want to use: > > ...and that would be bad. Now, the openssh package does not invoke its > config scripts from /etc/postinstall, but others do. So I need to take > care that the auto_answer="no" case never hangs. Ok, agreed. > > svc_user=$(regtool get '/HKLM/SYSTEM/CurrentControlSet/Services/$1/ObjectName') > > svc_user="${svc_user/\.\\/$COMPUTERNAME}" > > svc_user=$([ "$svc_user" = "LocalSystem" ] && echo "SYSTEM" || echo $(fgrep "${svc_user}" /etc/passwd | cut -d: -f 1)) > > (a) csih_select_privileged_username (in CVS) already optionally accepts > the service name in addition to the -q option. Currently it is only used > to customize the Info: messages (see ${opt_servicename}, above). So > this is even easier to add than you imagine -- if it is truly desirable > to do so. > > (b) You could also do 'foo=$(cygrunsrv -V -L ${service} | sed -n > '/Account/p' | awk '{print $NF}'); foo=$(basename $foo)' which amounts > to the same thing. Urgh! Isn't it embarassing that *I* missed to use cygrunsrv for that? > (c) But what if ${service} has not yet been installed, even though [a] > common service account exists [perhaps used by some other installed > cygwin service]? Then you'd still need the existing logic... Right, but that should probably be a fallback. If the service exists, it could run under *any* account. It might be interesting for csih to check always for the user running the service, not only on 2k3 and above. > Furthermore, remember that these routines are shared between (the more > common) install-a-service config scripts, and (less common) user config > scripts like ssh-user-config. In the former [common] case, assuming > ${service} is not installed, you will always need the existing logic. For the ssh-user-config script you won't need it anymore. I have a hard time to see that a normal user should know or decide about stuff like that. Nothing of that is actually helpful or informative for a "just-a-user" user. And except for setting permissions (which isn't necessary!) I really think we should not call this function from pure user config scripts. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Project Co-Leader cygwin AT cygwin DOT com Red Hat -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/