From: Ramsay Jones <ramsay@ramsayjones.plus.com>
To: Johannes Schindelin <Johannes.Schindelin@gmx.de>
Cc: Adam Dinwoodie <adam@dinwoodie.org>,
Junio C Hamano <gitster@pobox.com>,
GIT Mailing-list <git@vger.kernel.org>
Subject: Re: Test failure for v2.16.0-rc0 on cygwin
Date: Wed, 10 Jan 2018 23:17:37 +0000 [thread overview]
Message-ID: <87f53af7-4f5b-22a7-b950-772eb67b0151@ramsayjones.plus.com> (raw)
In-Reply-To: <alpine.DEB.2.21.1.1801042152570.32@MININT-6BKU6QN.europe.corp.microsoft.com>
On 04/01/18 20:55, Johannes Schindelin wrote:
> On Tue, 2 Jan 2018, Ramsay Jones wrote:
[snip]
>> Also, when logged-in remotely it fails consistently, when logged-in
>> directly it passes consistently. :-D
>
> You are most likely hitting cmd.exe at some point there. In cmd.exe, there
> are some restrictions that are inherited by spawned processes AFAIU. For
> example, the current directory cannot be a UNC path.
>
> You are most likely running the interactive Cygwin session in MinTTY? Then
> you do not get those restrictions. If you start Cygwin in a cmd.exe
> window, you should see the exact same test failures again.
I actually don't see a difference when starting cygwin from a cmd.exe, it
passes just fine. The interactive cygwin session(s), either directly, or
most often via the X-server (with ssh-agent in between!), all have their
id's and group membership look like:
$ who
$ id
uid=1001(ramsay) gid=513(None) groups=513(None),545(Users),4(INTERACTIVE),66049(CONSOLE LOGON),11(Authenticated Users),15(This Organization),113(Local account),66048(LOCAL),262154(NTLM Authentication),401408(Medium Mandatory Level)
$
However, when remotely logged-in over shh, it looks like:
$ who -H
NAME LINE TIME COMMENT
ramsay pty2 2018-01-02 19:48 (192.168.1.2)
$ id
uid=1001(ramsay) gid=513(None) groups=513(None),11(Authenticated Users),66048(LOCAL),66049(CONSOLE LOGON),4(INTERACTIVE),15(This Organization),545(Users),0(root),405504(High Mandatory Level)
$
So, when remotely logged-in, we have:
Additional groups: 0(root), 405504(High Mandatory Level)
Missing groups: 113(Local account), 262154(NTLM Authentication),
401408(Medium Mandatory Level)
I haven't thought too much about what that means ...
After reading this[1], I have been meaning to try setting the
'LocalAccountTokenFilterPolicy' registry variable mentioned in
that article, to see if that would make any difference. I haven't
found the time yet ... :-D
ATB,
Ramsay Jones
[1] http://www.tomsitpro.com/articles/windows-10-administrative-shares,2-47.html
prev parent reply other threads:[~2018-01-10 23:17 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-30 14:21 Test failure for v2.16.0-rc0 on cygwin Ramsay Jones
2017-12-30 14:40 ` Adam Dinwoodie
2018-01-02 11:36 ` Adam Dinwoodie
2018-01-02 15:32 ` Ramsay Jones
2018-01-02 19:34 ` Ramsay Jones
2018-01-04 20:55 ` Johannes Schindelin
2018-01-10 23:17 ` Ramsay Jones [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87f53af7-4f5b-22a7-b950-772eb67b0151@ramsayjones.plus.com \
--to=ramsay@ramsayjones.plus.com \
--cc=Johannes.Schindelin@gmx.de \
--cc=adam@dinwoodie.org \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).