[PATCH v2 2/2] Respect `db_home` setting even for the SYSTEM account
Johannes Schindelin
Johannes.Schindelin@gmx.de
Wed Sep 21 12:00:17 GMT 2022
Hi Corinna,
On Thu, 17 Dec 2015, Corinna Vinschen wrote:
> On Dec 17 19:05, Johannes Schindelin wrote:
> > We should not blindly set the home directory of the SYSTEM account to
> > /home/SYSTEM, especially not when that value disagrees with what is
> > configured via the `db_home` line in the `/etc/nsswitch.conf` file.
> >
> > This fixes https://github.com/git-for-windows/git/issues/435
> >
> > Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
> > ---
> > winsup/cygwin/uinfo.cc | 6 +++++-
> > 1 file changed, 5 insertions(+), 1 deletion(-)
> >
> > diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc
> > index a5d6270..8c51b82 100644
> > --- a/winsup/cygwin/uinfo.cc
> > +++ b/winsup/cygwin/uinfo.cc
> > @@ -2129,7 +2129,11 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
> > it to a well-known group here. */
> > if (acc_type == SidTypeUser
> > && (sid_sub_auth_count (sid) <= 3 || sid_id_auth (sid) == 11))
> > - acc_type = SidTypeWellKnownGroup;
> > + {
> > + acc_type = SidTypeWellKnownGroup;
> > + home = cygheap->pg.get_home (pldap, sid, dom, domain, name,
> > + fully_qualified_name);
>
> Uhm, that's a bit over the top, isn't it? It will affect all S-1-5-X
> accounts as well as the S-1-5-11 Windows account SIDs. Is that really
> what you want?
Yes, it was really what I want because it's about respecting `db_home:
env`, and there _are_ apparently SIDs a user can have that fall into the
category "Microsoft account" where we want that to be respected, too ;-)
> Using pldap here may SEGV in cygheap_pwdgrp::get_home, btw, because
> it may be NULL. cygheap_pwdgrp::get_home doesn't check pldap for
> validity, it expects a valid pointer. You could either use cldap, or
> cygheap_pwdgrp::get_home would have to check pldap before using it.
>
> However, either way there's another problem: Independently of the
> configured db_home schemes, you don't want to ask the DC for info on
> these builtin accounts. The better approach might be to call the
> PUSER_INFO_3 variant of cygheap_pwdgrp::get_home with a NULL ui
> pointer and just check for ui in the NSS_SCHEME_DESC case. The other
> called functions fetch_windows_home and fetch_from_path both can
> live with both pointers, pldap and ui being NULL.
Excellent, I used the `PUSER_INFO_3` method.
Thank you,
Dscho
More information about the Cygwin-patches
mailing list