X-Recipient: archive-cygwin AT delorie DOT com X-SWARE-Spam-Status: No, hits=-1.3 required=5.0 tests=AWL,BAYES_00,J_CHICKENPOX_13,SARE_MSGID_LONG40,SPF_PASS X-Spam-Check-By: sourceware.org MIME-Version: 1.0 In-Reply-To: <20090322192205.GH9322@calimero.vinschen.de> References: <20090321101004 DOT GU9322 AT calimero DOT vinschen DOT de> <20090322100907 DOT GA9322 AT calimero DOT vinschen DOT de> <20090322192205 DOT GH9322 AT calimero DOT vinschen DOT de> Date: Mon, 23 Mar 2009 14:35:02 +0000 Received: by 10.239.137.16 with SMTP id j16mr135065hbj.20.1237818917275; Mon, 23 Mar 2009 07:35:17 -0700 (PDT) Message-ID: Subject: Re: [1.7] passwd: useless if used with a logged on domain user From: =?UTF-8?B?SsO6bGlvIENvc3Rh?= To: cygwin AT cygwin DOT com Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-IsSubscribed: yes Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com On Sun, Mar 22, 2009 at 19:22, Corinna Vinschen wrote: > On Mar 22 17:34, J?lio Costa wrote: >> ~ $ # Just typed Ctrl-C. Not in the mood right now :) >> ~ $ # And now for the interesting part: >> ~ $ ./my_passwd.exe -S SYSTEM >> my_passwd: unknown user SYSTEM > > The SYSTEM user is not in the user database. =C2=A0So that's an expected > result. > It is in mine: ~ $ grep system /etc/passwd system:*:18:544:,S-1-5-18:: >> ~ $ # Ooops. And what about >> ~ $ ./my_passwd.exe -S Administrator >> You have no maintenance privileges. > > I can't reproduce this one, but maybe that's just a different case of > the same as this one: > No. Actually this is the core of the problem. More on this below. >> ~ $ # Ouch. If I may insist: >> ~ $ ./my_passwd.exe -d $HOSTNAME -S Administrator >> my_passwd: unknown user security > > I applied another fix to passwd to decouple the logonserver for fetching > the user info for the running user account from the user info for the > user account which is going to be manipulated by passwd. > Ok. I've tested the last CVS version and things are still bad: ~/passwd $ ./my_passwd_117.exe -v my_passwd_117 (cygwin) 1.5 Password Utility Copyright 1999, 2000, 2001, 2002, 2003 Red Hat, Inc. Compiled on Mar 23 2009 ~/passwd $ ./my_passwd_117.exe -S Administrator You have no maintenance privileges. ~/passwd $ ./my_passwd_117.exe -S cyg_server my_passwd_117: unknown user cyg_server ~/passwd $ # But this should really work: ~/passwd $ ./my_passwd_117.exe -S -d $HOSTNAME cyg_server You have no maintenance privileges. I've come to some conclusions in this process. Here they are: #1 li -> usri3_priv (line 552, 587 and 594) will only tell you if the logged on user is (isn't) admin in his/her LOGON domain! But what is needed here is to know if the logged on user is (isn't) admin in the TARGET domain/server, where is the TARGET account! #2 Just querying (-S) the account characteristics does not need Admin priviledges, so the test in 552 should be done instead inside the if AT 576; And should be a different test, from what is said in #1; #3 Generally, commands in Windows without providing additional information defaults to the local machine. So should passwd. Currently, I'm forced to say '-d $HOSTNAME' to ensure that the target user is really on the local machine. This is not coherent behaviour because it depends or not on if the current logged on user cames from a domain or is local. Currently the csih script breaks in his call to passwd due to this. Which breaks sshd-host-config (and maybe others?) I think the most coherent behaviour should be: 'if '-d' is not supplied, the TARGET domain is always LOCAL; otherwise, follow supplied domain'. It is precisely how NET USER and friends works, with the '/DOMAIN' parameter, with the added tweak that you don't even have to name the logon domain (although it could be done like this in passwd also, i think...) Changes #2 and #3 are trivial, and are in the patch below: ~/passwd $ diff -u passwd_117.c passwd_118.c --- passwd_117.c 2009-03-23 14:14:20.564919200 +0000 +++ passwd_118.c 2009-03-23 14:28:53.431014000 +0000 @@ -524,8 +524,6 @@ if (len > 0 && len !=3D (size_t) -1) mbstowcs (my_server =3D alloca ((len + 1) * sizeof (wchar_t)), logonserver, len + 1); - if (!server) - server =3D my_server; } if (Larg >=3D 0 || xarg >=3D 0 || narg >=3D 0 || iarg >=3D 0) @@ -549,8 +547,6 @@ { USER_INFO_1008 uif; - if (li->usri3_priv !=3D USER_PRIV_ADMIN) - return eprint (0, "You have no maintenance privileges."); uif.usri1008_flags =3D ui->usri3_flags; if (lopt) { @@ -575,6 +571,8 @@ if (lopt || uopt || copt || Copt || eopt || Eopt || popt || Popt) { + if (li->usri3_priv !=3D USER_PRIV_ADMIN) + return eprint (0, "You have no maintenance privileges."); ret =3D NetUserSetInfo (server, ui->usri3_name, 1008, (LPBYTE) &= uif, NULL); return EvalRet (ret, NULL); Change #1 is not so trivial, because I'm a little 'rusty' about C and Windows Functions... and I'm having trouble linking with the CheckTokenMembership API function... ~ $ gcc -g passwd.c -o my_passwd -lnetapi32 -ladvapi32 /cygdrive/c/DOCUME~1/security/LOCALS~1/Temp/ccpUixM2.o: In function `IsUserAdmin': /home/security/passwd.c:164: undefined reference to `_CheckTokenMembership' collect2: ld returned 1 exit status But I'll keep trying to achieve a stable version. Unless, of course, you think that this is not "the way"(tm) to do it... Stay tuned. ___________ Julio Costa Phyllis Diller - "Never go to bed mad. Stay up and fight." -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/