This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: new Info on File Permission Problems on Windows XP, cygwin 1.3.22


Larry,

Yes, the permissions problem only occurs for members of the cvs group that
are not also in the Administrators group.  Users that are members of the cvs
group, but not the Administrators group, can only commit files when they are
the current owner of the RCS file in the repository.  Members of cvs that
are in the Administrators group can commit files regardless of whether they
currently own the RCS file.

I should mention that it does not matter whether the /etc/group file
indicates that the cvs user is in the Administrator group or not.  It works
as long as the /etc/group file shows that the user is in the cvs group.  The
only thing that seems to matter is whether or not the user is a member of
the Administrator group as far as Windows is concerned.

Interestingly, if I try to use the cp, mv, or rm commands to overwrite or
delete the RCS file manually in a Cygwin (or DOS) command window I cannot do
it unless I own that file even if I am in the Administrator group.  I
thought this is what cvs is doing for a commit operation so I am not sure
why I can't do it on the command line myself as the same user.

Thanks,
Mark

----- Original Message -----
From: "Larry Hall" <cygwin-lh@cygwin.com>
To: "Mark Priest" <mpriest@erols.com>
Cc: <cygwin@cygwin.com>
Sent: Friday, July 04, 2003 12:33 PM
Subject: Re: new Info on File Permission Problems on Windows XP, cygwin
1.3.22


> Hi Mark,
>
> OK, I'll take your word for it.  I had a quick look at the User's Guide
> for the sections discussing 'ntsec' and didn't see anything obviously
> referring to a 'patch', with the possible exception of the discussion of
> 'setuid'.  But that doesn't mean that the document doesn't use this
> terminology in reference to the 'ntsec' functionality.  My main reason
> for asking was that 'patch' indicates to me something that is at least
> a recent change, which 'ntsec' is not.  I wanted to make sure I understood
> that you were talking about this long-standing functionality and not
> something new/different.
>
> I agree that you shouldn't need to set the group to 'Administrators' to
> get this working.  It may well indicate that there is a bug somewhere in
> cvs or in cygwin's permissions code.  I suppose you could try running with
> your CYGWIN environment variable set to 'nontsec' as a rough cut.  BTW,
> 'ntsec' is the default setting for a while now, so it's not necessary
> that you set it in your CYGWIN environment variable.
>
> Just curious, are any of the users in the 'cvs' group also in the
> 'Administrators' group?  If so, are your permissions problems only
> evident between the 'have' and 'have-not' users?
>
> Larry
>
>
> Mark Priest wrote:
>
> > Larry,
> >
> > I am referring to the ntsec setting for the CYGWIN environment variable.
It
> > is described as the ntsec patch in the user document so I thought that
was
> > the name people were familiar with.
> >
> > Thanks,
> > Mark
> >
> > ----- Original Message -----
> > From: "Larry Hall" <cygwin-lh@cygwin.com>
> > To: "Mark Priest" <mpriest@erols.com>
> > Cc: <cygwin@cygwin.com>
> > Sent: Thursday, July 03, 2003 5:31 PM
> > Subject: Re: new Info on File Permission Problems on Windows XP, cygwin
> > 1.3.22
> >
> >
> >
> >>Just curious.  What "ntsec patch" are you referring to?
> >>
> >>Larry
> >>
> >>Mark Priest wrote:
> >>
> >>
> >>>Hello,
> >>>
> >>>I was able to fix the problem with file permissions by adding the cvs
> >
> > users
> >
> >>>into the Administrators group.  This should not be necessary from my
> >>>understanding of Cygwin and the ntsec patch.  This is a bit of a
> >
> > security
> >
> >>>hole since these users have no reason to be Administrators on my
Windows
> >
> > XP
> >
> >>>Professional server.  I think that the permission problem I am
> >
> > experiencing
> >
> >>>in the cvs repository is some kind of bug in the ntsec patch.
> >>>
> >>>----- Original Message -----
> >>>From: "Mark Priest" <mpriest@erols.com>
> >>>To: <cygwin@cygwin.com>
> >>>Sent: Thursday, July 03, 2003 3:33 AM
> >>>Subject: File Permission Problems on Windows XP, cygwin 1.3.22
> >>>
> >>>
> >>>
> >>>
> >>>>Hello,
> >>>>
> >>>>I am serving a cvs repository from a Windows XP Professional machine
> >
> > under
> >
> >>>>Cygwin 1.3.22 and I believe that I am having a file permissions
problem
> >
> > in
> >
> >>>>the cvs repository.  My repository is located at /cvs and all cvs
users
> >>>>belong to the "cvs" group as their primary group.  All directories in
> >
> > the
> >
> >>>>repository have rwx permissions for this group as well as for the
owner.
> >>>>Therefore, I should be able to replace the ,v files with a new version
> >
> > as
> >
> >>>>part of a commit for any users in the cvs group.  However, only the
> >
> > owner
> >
> >>>of
> >>>
> >>>
> >>>>each ,v file (i.e. the developer that added or last modified the file)
> >
> > can
> >
> >>>>successfully commit.  The CYGWIN environment variable is set to
'ntsec'.
> >>>>
> >>>>When I commit files from a user that is not the owner of the file the
> >>>
> >>>commit
> >>>
> >>>
> >>>>fails as follows:
> >>>>
> >>>>cvs -t commit -m "try commit" readme.txt (in directory C:\dev\bar)
> >>>>cvs commit: notice: main loop with
CVSROOT=:ext:markp@192.168.2.105:/cvs
> >>>>-> Starting server: plink.exe 192.168.2.105 -i
> >>>>C:\keys\mpriest_private.PPK -l markp cvs server
> >>>>-> Sending file `readme.txt' to server
> >>>>S-> write_lock(/cvs/bar)
> >>>>S-> checkout (/cvs/bar/readme.txt,v, 1.1.1.1, , (function))
> >>>>S-> Parse_Info (/cvs/CVSROOT/commitinfo, bar, ALL)
> >>>>Checking in readme.txt;
> >>>>/cvs/bar/readme.txt,v  <--  readme.txt
> >>>>S-> Parse_Info (/cvs/CVSROOT/verifymsg, bar, not ALL)
> >>>>S-> checkout (/cvs/bar/readme.txt,v, 1.1, -ko, /tmp/cvs003472)
> >>>>new revision: 1.2; previous revision: 1.1
> >>>>S-> rename(/cvs/bar/,readme.txt,,/cvs/bar/readme.txt,v)
> >>>>cvs [server aborted]: cannot rename file /cvs/bar/,readme.txt, to
> >>>>/cvs/bar/readme.txt,v: Permission denied
> >>>>S-> unlink_file(/cvs/bar/,readme.txt,)
> >>>>S-> Lock_Cleanup()
> >>>>
> >>>>I have seen this error message discussed on the cvs mailing list
> >
> > archives
> >
> >>>>but those discussion were only relevant for cases where people hosted
> >
> > the
> >
> >>>>repository on a network share.  My /cvs repository is in a local hard
> >
> > disk
> >
> >>>>directory.
> >>>>
> >>>>When I try to emulate a file move as this same user, markp, directly
in
> >>>
> >>>the
> >>>
> >>>
> >>>>repository at the cygwin command prompt I experience the same
permission
> >>>>error as follows:
> >>>>
> >>>>markp@markonius /cvs/bar
> >>>>$ id
> >>>>uid=1019(markp) gid=1015(cvs) groups=513(None),545(Users),1015(cvs)
> >>>>
> >>>>markp@markonius /cvs/bar
> >>>>$ pwd
> >>>>/cvs/bar
> >>>>
> >>>>markp@markonius /cvs/bar
> >>>>$ ls -alF
> >>>>total 3
> >>>>drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:48 ./
> >>>>drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
> >>>>-r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
> >>>>-r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
> >>>>-r--r--r--    1 cvsuser  cvs           423 Jun 30 17:33 readme.txt,v
> >>>>
> >>>>markp@markonius /cvs/bar
> >>>>$ cp readme.txt,v tmp
> >>>>
> >>>>markp@markonius /cvs/bar
> >>>>$ ls -alF
> >>>>total 4
> >>>>drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:50 ./
> >>>>drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
> >>>>-r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
> >>>>-r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
> >>>>-r--r--r--    1 cvsuser  cvs           423 Jun 30 17:33 readme.txt,v
> >>>>-r--r--r--    1 markp    cvs           423 Jul  3 02:50 tmp
> >>>>
> >>>>markp@markonius /cvs/bar
> >>>>$ mv tmp readme.txt,v
> >>>>mv: cannot move `tmp' to `readme.txt,v': Permission denied
> >>>>
> >>>>markp@markonius /cvs/bar
> >>>>$ echo $CYGWIN
> >>>>ntsec
> >>>>
> >>>>markp@markonius /cvs/bar
> >>>>
> >>>>
> >>>>When I perform this same operation as the file owner the attempt
> >
> > succeeds
> >
> >>>>(and so does a regular CVS commit operation) as follows:
> >>>>
> >>>>cvsuser@markonius /cvs/bar
> >>>>$ id
> >>>>uid=1016(cvsuser) gid=1015(cvs) groups=513(None),545(Users),1015(cvs)
> >>>>
> >>>>cvsuser@markonius /cvs/bar
> >>>>$ echo $CYGWIN
> >>>>ntsec
> >>>>
> >>>>cvsuser@markonius /cvs/bar
> >>>>$ pwd
> >>>>/cvs/bar
> >>>>
> >>>>cvsuser@markonius /cvs/bar
> >>>>$ ls -alF
> >>>>total 3
> >>>>drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:53 ./
> >>>>drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
> >>>>-r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
> >>>>-r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
> >>>>-r--r--r--    1 cvsuser  cvs           423 Jun 30 17:33 readme.txt,v
> >>>>
> >>>>cvsuser@markonius /cvs/bar
> >>>>$ cp readme.txt,v tmp
> >>>>
> >>>>cvsuser@markonius /cvs/bar
> >>>>$ ls -alF
> >>>>total 4
> >>>>drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:53 ./
> >>>>drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
> >>>>-r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
> >>>>-r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
> >>>>-r--r--r--    1 cvsuser  cvs           423 Jun 30 17:33 readme.txt,v
> >>>>-r--r--r--    1 cvsuser  cvs           423 Jul  3 02:53 tmp
> >>>>
> >>>>cvsuser@markonius /cvs/bar
> >>>>$ mv tmp readme.txt,v
> >>>>
> >>>>cvsuser@markonius /cvs/bar
> >>>>$ ls -alF
> >>>>total 3
> >>>>drwxrwxr-x+   2 cvs      cvs             0 Jul  3 02:53 ./
> >>>>drwxrwxr-x+   7 cvs      cvs             0 Jun 30 17:16 ../
> >>>>-r--r--r--    1 markp    cvs           542 Jun 30 17:27 bar.c,v
> >>>>-r--r--r--    1 markp    cvs           406 Jun 30 17:16 bar.h,v
> >>>>-r--r--r--    1 cvsuser  cvs           423 Jul  3 02:53 readme.txt,v
> >>>>
> >>>>I have attached the results of cygcheck to this email and I have the
> >>>
> >>>CYGWIN
> >>>
> >>>
> >>>>environment variable set to 'ntsec'.
> >>>>
> >>>>Please help me understand what is wrong with my repository file
> >>>
> >>>permissions.
> >>>
> >>>
> >>>>Thanks,
> >>>>Mark
> >>
> >>
> >>--
> >>Larry Hall                              http://www.rfk.com
> >>RFK Partners, Inc.                      (508) 893-9779 - RFK Office
> >>838 Washington Street                   (508) 893-9889 - FAX
> >>Holliston, MA 01746
> >>
>
>



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]