This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Installer cannot write to Cygwin's /usr/local/etc


On 02/16/2014 12:38 PM, Gerry Reno wrote:
>
> I ran the acl checks and can find no difference between them which leads to this being yet another WiX/MSI installer
> issue which doesn't surprise me.
>
> Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
> $ getfacl bin
> # file: bin
> # owner: Administrator
> # group: Domain Users
> user::rwx
> group::r-x
> mask:rwx
> other:r-x
> default:user::rwx
> default:group::r-x
> default:other:r-x
>
>
> Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
> $ getfacl etc
> # file: etc
> # owner: Administrator
> # group: Domain Users
> user::rwx
> group::r-x
> mask:rwx
> other:r-x
> default:user::rwx
> default:group::r-x
> default:other:r-x
>
>
> Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
> $ cacls bin
> C:\cygwin\usr\local\bin SECRET\Administrator:F
>                                       SECRET\Domain Users:R
>                                       Everyone:R
>                                       CREATOR OWNER:(OI)(CI)(IO)F
>                                       CREATOR GROUP:(OI)(CI)(IO)R
>                                       Everyone:(OI)(CI)(IO)R
>
>
> Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
> $ cacls etc
> C:\cygwin\usr\local\etc SECRET\Administrator:F
>                                       SECRET\Domain Users:R
>                                       Everyone:R
>                                       CREATOR OWNER:(OI)(CI)(IO)F
>                                       CREATOR GROUP:(OI)(CI)(IO)R
>                                       Everyone:(OI)(CI)(IO)R
>
>
> Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
> $ Icacls bin
> bin SECRET\Administrator:(F)
>     SECRET\Domain Users:(RX)
>     Everyone:(RX)
>     CREATOR OWNER:(OI)(CI)(IO)(F)
>     CREATOR GROUP:(OI)(CI)(IO)(RX)
>     Everyone:(OI)(CI)(IO)(RX)
>
> Successfully processed 1 files; Failed processing 0 files
>
> Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
> $ Icacls etc
> etc SECRET\Administrator:(F)
>     SECRET\Domain Users:(RX)
>     Everyone:(RX)
>     CREATOR OWNER:(OI)(CI)(IO)(F)
>     CREATOR GROUP:(OI)(CI)(IO)(RX)
>     Everyone:(OI)(CI)(IO)(RX)
>
> Successfully processed 1 files; Failed processing 0 files
>
>
> Thanks for your help.
>

In case anyone else runs into this I found the problem, which was that on both these machines there was an already
existing install of Cygwin.

I removed these existing installations and then reran the installer which called out and ran Cygwin setup which created
a whole new Cygwin installation.

This time the installer had no problem copying files into the Cygwin installation.

For completeness here are the acls from the new Cygwin installations.  As you can see the installer uses SYSTEM as the
user account due to perMachine scope and elevated privileges required by UAC.

Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
$ getfacl bin
# file: bin
# owner: SYSTEM
# group: SYSTEM
user::rwx
group::rwx
mask:rwx
other:r-x
default:user::rwx
default:group::r-x
default:other:r-x


Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
$ getfacl etc
# file: etc
# owner: SYSTEM
# group: SYSTEM
user::rwx
group::rwx
mask:rwx
other:r-x
default:user::rwx
default:group::r-x
default:other:r-x


Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
$ cacls bin
C:\cygwin\usr\local\bin NT AUTHORITY\SYSTEM:F
                                      NT AUTHORITY\SYSTEM:R
                                      Everyone:R
                                      CREATOR OWNER:(OI)(CI)(IO)F
                                      CREATOR GROUP:(OI)(CI)(IO)R
                                      Everyone:(OI)(CI)(IO)R


Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
$ cacls etc
C:\cygwin\usr\local\etc NT AUTHORITY\SYSTEM:F
                                      NT AUTHORITY\SYSTEM:R
                                      Everyone:R
                                      CREATOR OWNER:(OI)(CI)(IO)F
                                      CREATOR GROUP:(OI)(CI)(IO)R
                                      Everyone:(OI)(CI)(IO)R


Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
$ Icacls bin
bin NT AUTHORITY\SYSTEM:(F)
    NT AUTHORITY\SYSTEM:(RX)
    Everyone:(RX)
    CREATOR OWNER:(OI)(CI)(IO)(F)
    CREATOR GROUP:(OI)(CI)(IO)(RX)
    Everyone:(OI)(CI)(IO)(RX)

Successfully processed 1 files; Failed processing 0 files

Administrator@WIN-SERVER /cygdrive/c/cygwin/usr/local
$ Icacls etc
etc NT AUTHORITY\SYSTEM:(F)
    NT AUTHORITY\SYSTEM:(RX)
    Everyone:(RX)
    CREATOR OWNER:(OI)(CI)(IO)(F)
    CREATOR GROUP:(OI)(CI)(IO)(RX)
    Everyone:(OI)(CI)(IO)(RX)

Successfully processed 1 files; Failed processing 0 files

I don't know if there are any other ramifications of Cygwin being installed under SYSTEM account but so far everything seems to work.

Again, thanks for the help tracking this down.


Gerry



--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]