This is the mail archive of the cygwin-apps@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Postinstall scripts and file access issues



Christopher Faylor wrote:
> 
> On Thu, Aug 12, 2004 at 11:04:29AM -0400, Pierre A. Humblet wrote:
> >Those of you that do not follow the Cygwin list should look at
> >the thread <http://cygwin.com/ml/cygwin/2004-08/msg00354.html>
> ><http://cygwin.com/ml/cygwin/2004-08/msg00280.html>
> >
> >In brief, postinstall scripts can produce unreadable files,
> >due to interactions between the Windows and POSIX security
> >models. This is particularly the case for scripts using "cp",
> >e.g. man.sh and base-files-profile.sh (among others?).
> >It is probably the root cause of several complaints to the list.
> >
> >As a maintainer, the easy way out is to "export CYGWIN=nontsec".
> >Your script will then produce files with the same permissions as
> >what setup itself does, so you are off the hook.
> >
> >If you don't do that, then you should either "touch" the destination
> >file before copying into it, or "chmod" after the copy.
> >
> >This should probably go into  <http://cygwin.com/setup.html#postinstall>
> 
> Should we just have setup.exe set CYGWIN=nontsec and have any postinstall
> script which needs it set it explicitly?

That would be much better, but setup updates are not frequent.
We need a relatively quick fix for man.sh and base-files-profile.sh 

If we update setup, then perhaps passwd-grp.sh should explicitly give
read access to world on /etc/passwd and /etc/group, so that services
(SYSTEM) can use them. Or the -config scripts for the services should
do that. 

Pierre


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]