Improve the description of Cygwin ldd utility to give a bit more detail
about how it does what it does
Also add a security warning (modelled after the one in the Linux manpage)
that it may end up executing the file it is applied to.
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
Fix an instance of the invalid <pathname> tag in Cygwin utils documentation,
by using the valid <filename> tag instead.
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
In Cygwin utils documentation, use the <example> tag at same level as
<para>, not inside it.
This improves the generated manpages.
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
Bump GPLv2+ to GPLv3+ for some files, clarify BSD 2-clause.
Everything else stays under GPLv3+.
New Linking Exception exempts resulting executables from LGPLv3 section 4.
Add CONTRIBUTORS file to keep track of licensing.
Remove 'Copyright Red Hat Inc' comments.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Cygwin_props have been invented to allow switching off the unique
installation keys in the first place, supposedly for debugging.
This never really was a good idea, after all we *want* the installations
to be independent and there's no good reason to break that, not even
for debugging purposes.
Other than that, cygwin_props were meant to be used for some other global
settings which never took place. There's just no good reason to tweak
the DLL binary invisibly where a setting could be done in a file or the
environment.
This patch removes the cygwin_props entirely, including the related
settings in cygcheck.
cygwin:
* cygprops.h: Remove file.
* globals.cc (cygwin_props): Remove.
* cygheap.cc (init_cygheap::init_installation_root): Drop removing
installation key.
utils:
* cygcheck.cc: Drop including cygprops.h. Remove now unused option
values.
(unique_object_name_opt): Remove.
(handle_unique_object_name): Remove function.
(usage): Remove text for unique-object-names options.
(longopts): Remove unique-object-names options.
(main): Drop handling unique-object-names options.
doc:
* utils.xml (cygcheck): Remove text for unique-object-names options.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* faq-using.xml (bloda): Alphabetically sort BLODA list for ease
of finding things in it.
(fixing-fork-failures): Update to suggest rebase-trigger rather
than running rebaseall via dash yourself. Mention detect_bloda
CYGWIN token.
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
* setfacl.cc (modacl): Move recomputing mask into new function.
(check_got_mask): New function checking if mask is in input.
(recompute_mask): New function to recompute mask.
(addmissing): Align mask computation to Linux setfacl.
(setfacl): Call check_got_mask and recompute_mask on Set, Delete and
Modify actions.
(usage): Rename --substitute to --set.
(longopts): Add --set option.
* utils.xml (setfacl): Rename --substitute to --set.
* new-features.xml (ov-new2.4): Rephrase setfacl changes.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* mount.cc (mount_info::from_fstab_line): Support mounting the current
user's temp folder as /tmp/. This is particularly useful a feature
when Cygwin's own files are write-protected.
* pathnames.xml: document the new usertemp file system type
Detailed explanation:
In the context of Windows, there is a per-user directory for temporary
files, by default specified via the environment variable %TEMP%. Let's
allow to use that directory for our /tmp/ directory.
With this patch, we introduce the special filesystem type "usertemp":
By specifying
none /tmp usertemp binary,posix=0 0 0
in /etc/fstab, the /tmp/ directory gets auto-mounted to the directory
specified by the %TEMP% variable.
This feature comes handy in particularly in scenarios where the
administrator might want to write-protect the entire Cygwin directory
yet still needs to allow users to write into the /tmp/ directory.
This is the case in the context of Git for Windows, where the
Cygwin (MSys2) root directory lives inside C:\Program Files and hence
/tmp/ would not be writable otherwise.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
* include/sys/cygwin.h (CCP_PROC_CYGDRIVE): New flag.
* mount.cc (mount_info::cygdrive_posix_path): Take flag values rather
than just a trailing_slash_p bool. Emit /proc/cygdrive path if
CCP_PROC_CYGDRIVE flag is given.
(mount_info::conv_to_posix_path): Take flag values rather than just
a keep_rel_p bool. Rename _p variables. Print flag value as hex in
debug_printf. Call cygdrive_posix_path with flag values.
* mount.h (mount_info::cygdrive_posix_path): Accommodate above change
in declaration.
(mount_info::conv_to_posix_path): Ditto.
* fhandler_process.cc (format_process_exename): Accommodate change to
mount_info::conv_to_posix_path.
* path.cc (cygwin_conv_path): Ditto.
* cygpath.cc (absolute_flag): Initialize to CCP_RELATIVE to simplify
expressions.
(cygdrive_flag): New global flag.
(long_options): Add --proc-cygdrive option.
(options): Add -U option.
(usage): Add description for -U option.
(do_sysfolders): Or cygdrive_flag to cygwin_conv_path call.
(do_pathconv): Simply or absolute_flag to conv_func. Or
cygdrive_flag to conv_func.
(do_options): Initalize absolute_flag to CCP_RELATIVE. Initialize new
cygdrive_flag. Set absolute_flag to CCP_ABSOLUTE on -a. Set
cygdrive_flag to CCP_PROC_CYGDRIVE on -U.
* new-features.xml (ov-new2.4): Document cygpath -U option.
* utils.xml (cygpath): Ditto.
* path.xml (func-cygwin-path): Add CCP_PROC_CYGDRIVE description.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
One more patch. MacType was observed by several users to cause `GPGME:
Invalid crypto engine` failures in MSYS2. See
<https://github.com/Alexpux/MSYS2-packages/issues/393>.
I also removed two full stops in the sake of consistency.
* faq-using.xml: Add MacType to the BLODA. Fix formatting.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
First take on how to describe dereferencing of Cygwin-only symlinks path
components when creating NTFS symlinks.
Note that I haven't tried building the documentation, so I don't know if
the added paragraph breaks anything. Hopefully not.
* pathnames.xml: Add a section describing peculiarities of how Cygwin
creates NTFS symlinks.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
A user of MSYS2 had non-deterministic segfaults when running simple
command from bash started from cmd. We've isolated the cause to
`C:\Program Files (x86)\Forefront TMG Client\FwcWsp64.dll`. See
<http://sourceforge.net/p/msys2/tickets/212/> for a little more
information.
It seems enough to include the software in BLODA, but if not, sorry for
the unsolicited patch and let's discuss.
* faq-using.xml: Add Forefront TMG to the BLODA
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* nlsfuncs.cc (setlocaleinfo): New macro calling __setlocaleinfo.
(__setlocaleinfo): New function to set a locale-specific character
to an explicit wchar_t value.
(__set_lc_numeric_from_win): Handle fa_IR and ps_AF locales to return
same decimal point and thousands separator characters as on Linux.
(__set_lc_monetary_from_win): Ditto for monetary characters.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- New, unified implementation of POSIX permission and ACL handling. The
new ACLs now store the POSIX ACL MASK/CLASS_OBJ permission mask, and
they allow to inherit the S_ISGID bit. ACL inheritance now really
works as desired, in a limited, but theoretically equivalent fashion
even for non-Cygwin processes.
To accommodate Windows default ACLs, the new code ignores SYSTEM and
Administrators group permissions when computing the MASK/CLASS_OBJ
permission mask on old ACLs, and it doesn't deny access to SYSTEM and
Administrators group based on the value of MASK/CLASS_OBJ when
creating the new ACLs.
The new code now handles the S_ISGID bit on directories as on Linux:
Setting S_ISGID on a directory causes new files and subdirs created
within to inherit its group, rather than the primary group of the user
who created the file. This only works for files and directories
created by Cygwin processes.
2015-05-29 Corinna Vinschen <corinna@vinschen.de>
Reapply POSIX ACL changes.
* utils.xml (setfacl): Show new option output.
(getfacl): Show new option output.
* sec_acl.cc (get_posix_access): Check for Cygwin "standard" ACL.
Apply umask, if so. Align comments.
* security.cc (set_created_file_access): Fix permission masking by
incoming requested file mode.
* sec_acl.cc (set_posix_access): Apply mask only in terms of execute bit
for SYSTEM and Admins group.
* sec_acl.cc (set_posix_access): Don't create DENY ACEs for USER and
GROUP entries if they are the same as USER_OBJ or GROUP_OBJ.
* fhandler.h (fhandler_pty_slave::facl): Add prototype.
* fhandler_tty.cc (fhandler_pty_slave::facl): New method.
(fhandler_pty_slave::fchown): Fix uid/gid handling.
* sec_acl.cc (set_posix_access): Drop superfluous class_idx variable.
Simplify and move around code in a few places. To improve ACL
readability, add r/w permissions to Admins ACE appended to pty ACL.
Add comment to explain Windows ACE Mask filtering being in the way of
creating a real CLASS_OBJ.
(get_posix_access): Fake CLASS_OBJ for ptys. Explain why.
* security.cc (get_object_attribute): Add S_IFCHR flag to attributes
when calling get_posix_access.
* sec_acl.cc (set_posix_access): Move merging group perms into owner
perms in case of owner == group after mask has been computed. Take
mask into account when doing so to avoid unnecessary ACCESS_DENIED_ACE.
* sec_acl.cc (get_posix_access): Only set saw_group_obj flag if we saw
the ACCESS_ALLOWED_ACE.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Deliberatly
set GROUP_OBJ and CLASS_OBJ perms to new group perms. Add comment
to explain why.
* security.cc (set_created_file_access): Ditto.
* sec_acl.cc (set_posix_access): Replace previous patch. Return
EINVAL if uid and/or guid is invalid and not backed by an actual
Windows account.
* sec_acl.cc (set_posix_access): Workaround owner/group SIDs being NULL.
* sec_acl.cc (set_posix_access): Handle files with owner == group.
Rephrase switch statement checking against unfiltered a_type value.
(get_posix_access): Handle files with owner == group.
* sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up
CLASS_OBJ mask on old-style ACLs. Fix a comment.
* sec_acl.cc (set_posix_access): Always make sure Admins have
WRITE_DAC and WRITE_OWNER permissions.
* security.h (create_object_sd_from_attribute): Drop handle parameter
from prototype.
* security.cc (create_object_sd_from_attribute): Drop handle parameter.
Just create the standard POSIXy security descriptor.
(set_object_attribute): Accommodate dropped paramter in call to
create_object_sd_from_attribute.
* fhandler_tty.cc: Ditto, throughout.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Fix typo in
mask computation.
* fhandler.cc (fhandler_base::open_with_arch): Call open with mode
not umasked.
(fhandler_base::open): Explicitely umask mode on NFS here. Call new
set_created_file_access rather than set_file_attribute.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Reimplement
setting permissions on filesystems supporting ACLs using the new
set_posix_access call.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::mkdir): Call new set_created_file_access rather
than set_file_attribute.
* fhandler_socket.cc (fhandler_socket::bind): Don't umask here. Add
WRITE_OWNER access to allow writing group in case of SGID bit set.
Call new set_created_file_access rather than set_file_attribute.
* path.cc (symlink_worker): Call new set_created_file_access rather
than set_file_attribute.
* sec_acl.cc (searchace): Un-staticize.
(set_posix_access): New, complementary functionality to
get_posix_access.
(setacl): Implement in terms of get_posix_access/set_posix_access.
(get_posix_access): Add handling for just created files requiring
their first Cygwin ACL. Fix new_style recognition. Handle SGID
bit. For old-style ACLs, ignore SYSTEM and Administrators when
computing the {DEF_}CLASS_OBJ perms.
* security.cc (get_file_sd): Revamp comment. Change and (hopefully)
speed up inheritance processing for just created files.
(alloc_sd): Remove.
(set_security_attribute): Call set_posix_access instead of alloc_sd.
(get_object_attribute): Fix return value.
(create_object_sd_from_attribute): Call set_posix_access instead of
alloc_sd.
(set_file_attribute): Remove.
(set_created_file_access): New function implemented in terms of
get_posix_access/set_posix_access.
* security.h (set_file_attribute): Remove prototype.
(set_created_file_access): Add prototype.
(searchace): Ditto.
(set_posix_access): Ditto.
* syscalls.cc (open): Call open_with_arch with mode not umasked.
* sec_acl.cc: Change preceeding comment explaining new-style ACLs.
Describe how to generate deny ACEs in more detail. Accommodate the
fact that a NULL deny ACE is used for {DEF_}CLASS_OBJ, rather than
a special Cygwin ACE. Improve further comments.
(CYG_ACE_NEW_STYLE): Define.
(get_posix_access): Change from Cygwin ACE to NULL deny ACE. Fix
CLASS_OBJ handling to generate CLASS_OBJ and DEF_CLASS_OBJ from a single
NULL deny ACE if the inheritance flags say so.
* sec_helper.cc (well_known_cygwin_sid): Remove.
* security.h (well_known_cygwin_sid): Drop declaration.
* sec_acl.cc (CYG_ACE_ISBITS_TO_WIN): Fix typo.
(get_posix_access): Rename index variable from i to idx. Define only
once at top level.
* security.cc (add_access_allowed_ace): Drop unused parameter "offset".
Accommodate throughout.
(add_access_denied_ace): Ditto.
* sec_acl.cc: Accommodate above change throughout.
* security.h (add_access_allowed_ace): Adjust prototype to above change.
(add_access_denied_ace): Ditto.
* sec_acl.cc (get_posix_access): Handle multiple ACEs for the
owner and primary group of the file. Handle the default primary
group ACE as DEF_GROUP_OBJ entry if the directory has the S_ISGID bit
set. Add comments. Minor code rearrangements.
Preliminary read side implementation of new permission handling.
* acl.h (MAX_ACL_ENTRIES): Raise to 2730. Add comment to explain.
* sec_acl.cc: Add leading comment to explain new ACL style.
Add definitions and macros to use for bits in new Cygwin ACL.
(DENY_RWX): New mask value for all temporary deny bits.
(getace): Add bool parameter to decide when leaving all bits intact,
rather than filtering them per the already set bits.
(get_posix_access): New function, taking over functionality to read
POSIX ACL from SECURITY_DESCRIPTOR.
(getacl): Just call get_posix_access.
* sec_helper.cc (well_known_cygwin_sid): Define.
* security.cc (get_attribute_from_acl): Remove.
(get_info_from_sd): Remove.
(get_reg_sd): Call get_posix_access instead of get_info_from_sd.
(get_file_attribute): Ditto.
(get_object_attribute): Ditto.
* security.h (well_known_cygwin_sid): Declare.
(get_posix_access): Add prototype.
* Throughout, use simpler ACE macros from Windows' accctrl.h.
* getfacl.c (main): Special-case SYSTEM and Admins group. Add comments.
* setfacl.c: Align more to Linux tool.
(delacl): New function to delete acl entries only.
(modacl): Drop delete functionality. Add handling of recomputing the
mask and default mask values.
(delallacl): Rename from delacl.
(setfacl): Call delacl in Delete case. Call delallacl in DeleteAll
and DeleteDef case.
(usage): Accommodate new options. Rearrange and rephrase slightly.
(longopts): Emit 'x' in --delete case. Add --no-mask and --mask
options.
(opts): Add -x and -n options.
(main): Handle -d and -x the same. Handle -n and --mask options.
Drop handling for -r option.
* getfacl.c (usage): Align more closely to Linux version. Add new
options -c, -e, -E. Change formatting to accommodate longer options.
(longopts): Rename --noname to --numeric. Keep --noname for backward
compatibility. Add --omit-header, --all-effective and --no-effective
options.
(opts): Add -c, -e and -E option.
(main): Handle new -c, -e, and -E options.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Corinna Vinschen
Jon Turney
Adam Dinwoodie
Peter Foley
Thomas Wolff
Mark Geisert
Alexey Sokolov
Yaakov Selkowitz
Johannes Schindelin
David Macek
Brian Inglis
Ken Brown