Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Only request
query_write_dac rather than query_write_control access when writing
an ACL. Fix a comment.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* sec_acl.cc (__aclcalcmask): New function to recalculate ACL masks.
(aclsort32): Honor calclass argument.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* sec_acl.cc (aclfromtext32): Return missing aclcnt parameter.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* sec_acl.cc (acltotext32): Use tmp_pathbuf rather than stack buffer.
(aclfromtext32): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* strfuncs.cc (sys_cp_wcstombs): Delete and move functionality into
sys_wcstombs.
* wchar.h (sys_cp_wcstombs): Drop declaration.
* fhandler_console.cc (dev_console::con_to_str): Call sys_wcstombs.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* grp.cc (pwdgrp::parse_group): Only copy the SID if it's valid.
* passwd.cc (pwdgrp::parse_passwd): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* libc/include/sys/_sigset.h: New.
* libc/include/sys/select.h: Do not include <sys/types.h> and
<sys/time.h> to avoid cyclic header file dependencies. Include
specialized header files instead.
(sigset_t): Conditionally define.
* libc/include/sys/signal.h (sigset_t): Likewise.
* libc/include/sys/time.h: Include <sys/select.h> if
__BSD_VISIBLE.
* libc/include/sys/types.h: Likewise.
|
|
* winsup/cygwin/fhandler_disk_file.cc (fhandler_base::fstat_helper):
Align regparm attribute to declaration in fhandler.h.
|
|
* path.h (class path_conv_handle): Use FILE_ALL_INFORMATION instead of
FILE_NETWORK_OPEN_INFORMATION. Use definitions from ntdll.h since it's
included anyway.
(path_conv_handle::fai): Change name from fnoi.
(path_conv::fai): Ditto.
(file_get_fai): Change name from file_get_fnoi. Drop second parameter.
* path.cc (file_get_fai): Ditto. Fetch FileAllInformation rather than
FileNetworkOpenInformation. Convert STATUS_BUFFER_OVERFLOW to
STATUS_SUCCESS. Remove workaround to fetch FileBasicInformation and
FileStandardInformation on filesystems with broken
FileNetworkOpenInformation handling.
(symlink_info::check): Accommodate above changes. In case of using
the NtQueryDirectoryFile fallback, fetch FileIdBothDirectoryInformation
to get inode number as well.
* fhandler_disk_file.cc (fhandler_base::fstat_by_handle): Drop outdated
comment. Accommodate change to using FileAllInformation. Drop
extra function calls to fetch NumberOfLinks and IndexNumber. Set ino
directly from IndexNumber stored in pc.fai(). Drop second argument
from call to fstat_helper.
(fhandler_base::fstat_by_name): Drop second argument from call to
fstat_helper.
(fhandler_base::fstat_helper): Drop second parameter. Accommodate
the fact that we access a FILE_ALL_INFORMATION structure now.
(fhandler_base::open_fs): Set ino directly from IndexNumber stored in
pc.fai().
* fhandler.h (fhandler_base::fstat_helper): Fix declaration accrdingly.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* fhandler_disk_file.cc (path_conv::ndisk_links): Drop unused method.
(fhandler_base::fstat_helper): Drop unused call to ndisk_links.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* fhandler_disk_file.cc (path_conv::get_ino_by_handle): Rename fai to
fii for clearness.
(fhandler_disk_file::readdir): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* ntdll.h (FILE_ID_BOTH_DIR_INFORMATION): Revert IndexNumber to FileId
since it's actually right here.
* fhandler_disk_file.cc: Accommodate above change.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* thread.cc (pthread::setcancelstate): Remove unnecessary locking.
(pthread::setcanceltype): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* ntdll.h (FILE_ID_BOTH_DIR_INFORMATION): Rename FileId to IndexNumber
to align with Microsoft naming scheme.
(FILE_INTERNAL_INFORMATION): Ditto.
* fhandler_disk_file.cc: Rename FileId to IndexNumber throughout.
* syscalls.cc: Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* mount.cc (mount_info::from_fstab_line): Support mounting the current
user's temp folder as /tmp/. This is particularly useful a feature
when Cygwin's own files are write-protected.
* pathnames.xml: document the new usertemp file system type
Detailed explanation:
In the context of Windows, there is a per-user directory for temporary
files, by default specified via the environment variable %TEMP%. Let's
allow to use that directory for our /tmp/ directory.
With this patch, we introduce the special filesystem type "usertemp":
By specifying
none /tmp usertemp binary,posix=0 0 0
in /etc/fstab, the /tmp/ directory gets auto-mounted to the directory
specified by the %TEMP% variable.
This feature comes handy in particularly in scenarios where the
administrator might want to write-protect the entire Cygwin directory
yet still needs to allow users to write into the /tmp/ directory.
This is the case in the context of Git for Windows, where the
Cygwin (MSys2) root directory lives inside C:\Program Files and hence
/tmp/ would not be writable otherwise.
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
|
|
* libc/include/sys/types.h: Move definitions of NBBY and howmany to
sys/param.h. Move definitions of select(2) macros to sys/select.h.
* libc/include/sys/param.h: See above.
* libc/include/sys/select.h: Move Cygwin's sys/select.h here.
* include/sys/select.h: Move select(2) macros from newlib's sys/types.h
here. Rename howmany to _howmany to unclutter namespace. Move file to
newlib.
* libc/rexex.cc: Add declaration for cygwin_gethostname.
* poll.cc: Include sys/param.h and locale select.h.
* select.h (cygwin_select): Declare.
* uname.cc: Declare cygwin_gethostname.
* winsup.h: Drop declarations of cygwin_select and cygwin_gethostname.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* dcrt0.cc: Semi-revert commit 12743c2d5d2721f3a80b4d7671a349be03c1f520.
(dll_crt0_0): Drop setting wow64_needs_stack_adjustment on 64 bit.
(_dll_crt0): Split out 64 bit code again and always create new main
thread stack, unless forked off from the non main thread in the parent.
Call create_new_main_thread_stack with parent stack commitsize if
started from the parent's main thread.
Only call child_info_fork::alloc_stack for the latter case on 64 bit.
Slightly rearrange moving rsp and rbp to new stack and document how.
Revert 32 bit wow64 handling to its former self.
* miscfunc.cc (create_new_main_thread_stack): Take a commitsize
parameter and use it if it's not 0. Don't set _main_tls here, it's
done in the caller _dll_crt0 anyway. Return stackbase - 16 bytes,
rather than stacklimit (which was very wrong anyway).
* miscfuncs.h (create_new_main_thread_stack): Accommodate declaration
to aforementioned change.
* wincap.h (wincaps::has_3264_stack_broken): Remove element.
* wincap.cc: Ditto, throughout.
* wow64.cc: Semi-revert to pre-12743c2d5d2721f3a80b4d7671a349be03c1f520
but keep architecture-agnostic type changes intact. Fix formatting.
* wow64.h: Revert to pre-12743c2d5d2721f3a80b4d7671a349be03c1f520.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* include/sys/cygwin.h (CCP_PROC_CYGDRIVE): New flag.
* mount.cc (mount_info::cygdrive_posix_path): Take flag values rather
than just a trailing_slash_p bool. Emit /proc/cygdrive path if
CCP_PROC_CYGDRIVE flag is given.
(mount_info::conv_to_posix_path): Take flag values rather than just
a keep_rel_p bool. Rename _p variables. Print flag value as hex in
debug_printf. Call cygdrive_posix_path with flag values.
* mount.h (mount_info::cygdrive_posix_path): Accommodate above change
in declaration.
(mount_info::conv_to_posix_path): Ditto.
* fhandler_process.cc (format_process_exename): Accommodate change to
mount_info::conv_to_posix_path.
* path.cc (cygwin_conv_path): Ditto.
* cygpath.cc (absolute_flag): Initialize to CCP_RELATIVE to simplify
expressions.
(cygdrive_flag): New global flag.
(long_options): Add --proc-cygdrive option.
(options): Add -U option.
(usage): Add description for -U option.
(do_sysfolders): Or cygdrive_flag to cygwin_conv_path call.
(do_pathconv): Simply or absolute_flag to conv_func. Or
cygdrive_flag to conv_func.
(do_options): Initalize absolute_flag to CCP_RELATIVE. Initialize new
cygdrive_flag. Set absolute_flag to CCP_ABSOLUTE on -a. Set
cygdrive_flag to CCP_PROC_CYGDRIVE on -U.
* new-features.xml (ov-new2.4): Document cygpath -U option.
* utils.xml (cygpath): Ditto.
* path.xml (func-cygwin-path): Add CCP_PROC_CYGDRIVE description.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
affected platforms
* dcrt0.cc (dll_crt0_0): On 64 bit, set wow64_needs_stack_adjustment
if not started from a 64 bit process.
(_dll_crt0): Enable wow64_needs_stack_adjustment branch on 64 bit
as well. Remove 64 bit only code. Introduce CREATE_STACK and
FIX_STACK macros to conditionalize the code. Rearrange and
partially rewrite comments.
* wincap.h (wincaps::has_3264_stack_broken): New element.
* wincap.cc: Implement above element throughout.
(wincapc::init): Set has_3264_stack_broken to false on 32 bit.
* wow64.cc: Enable functionality on 64 bit architecture, except for
wow64_revert_to_original_stack. Enhance comments to explain.
(wow64_eval_expected_main_stack): Make 64 bit clean.
(wow64_test_for_64bit_parent): Ditto.
* wow64.h: Export wow64_revert_to_original_stack on 32 bit only,
everything else on all architectures.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* fhandler_process.cc (thread_info::thread_info): Accommodate the fact
that TEBs take two pages.
(thread_info::fill_if_match): Rewrite the method for post W10 1511 TEB
detection.
(format_process_maps): Add a state member to region. Fix the code
to handle PEB/TEB region since W10 1511.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* fhandler_process.cc (heap_info::fill_if_match): Return NULL, not 0.
(thread_info::fill_if_match): Ditto.
(thread_info::fill_if_match): New method to extract TEB info from
PEB/TEB region since W10 1511.
(format_process_maps): Drop outdated FIXME comment. Add code to handle
PEB/TEB region since W10 1511.
* mmap.cc (posix_madvise): Align comment to new W10 1511 version.
* wincap.h (wincaps::has_new_pebteb_region): New element.
* wincap.cc: Implement above element throughout.
(wincap_10_1511): New global wincaps to support Windows 10 since 1511.
(wincapc::init): Use wincap_10_1511 for W10 builds >= 10586.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
x86_64 only:
* dcrt0.cc (_dll_crt0): Always move stack to pthread stack area.
Explain why.
* miscfuncs.cc (create_new_main_thread_stack): New function to create
OS-like stack for main thread in pthread stack area.
* miscfuncs.cc (create_new_main_thread_stack): Declare.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* dcrt0.cc (child_info_fork::alloc_stack): Fix formatting.
* fork.cc (frok::parent): Fix formatting.
(child_copy): Change type of res to BOOL.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* dcrt0.cc (dll_crt0_1): Always restore the TEB stack info. Especially
restore DeallocationStack. Fix comment.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* dcrt0.cc (child_info_fork::alloc_stack): Don't set stackaddr to 0.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* child_info.h (struct child_info): Add member from_main.
* fork.cc (frok::child): Check from_main rather than stackaddr.
(frok::parent): Set ch.from_main if running in the main thread.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* child_info.h (CURR_CHILD_INFO_MAGIC): Align to below change.
(class child_info_fork): Rename stacktop to stacklimit. Rename
stackbottom to stackbase. Accommodate name change throughout Cygwin.
Rephrase comments to be clearer.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* cygtls.h (_tlsbase): Remove. Replace throughout with
NtCurrentTeb()->Tib.StackBase.
(_tlstop): Remove. Replace throughout with
NtCurrentTeb()->Tib.StackLimit.
* dcrt0.cc (child_info_fork::alloc_stack): Move definition of local
teb variable up to be used throughout.
* include/cygwin/config.h (__getreent): Use inline function on both
architectures.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* uinfo.cc (pwdgrp::fetch_account_from_windows): Only create 1-5-32-x
SIDs from ids for x <= 999.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* sec_acl.cc (get_posix_access): In case owner SID == group SID, when
encountering the group entry, change the value of `id' accordingly.
Explain why.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* gendef (sigdelayed): Save and restore content of the MXCSR register
on x86_64.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* cygtls.h (_cygtls::wait_signal_arrived): Renamed from
set_signal_arrived.
(_cygtls::set_signal_arrived): New function signalling signal_arrived.
(_cygtls::reset_signal_arrived): Don't reset will_wait_for_signal.
(_cygtls::unwait_signal_arrived): New function only resetting
will_wait_for_signal.
(class wait_signal_arrived): Rename from set_signal_arrived.
Accommodate name change throughout Cygwin.
(wait_signal_arrived::~wait_signal_arrived): Call
_cygtls::unwait_signal_arrived. Add comment.
* cygserver_ipc.h (ipc_set_proc_info): Fetch signal_arrived handle
via call to _cygtls::get_signal_arrived.
* exceptions.cc (_cygtls::interrupt_setup): Signal signal_arrived via
call to _cygtls::set_signal_arrived.
(_cygtls::handle_SIGCONT): Ditto.
* fhandler_socket.cc (fhandler_socket::wait_for_events): Generate
WSAEVENT array prior to entering wait loop. Add cancel event object
if available. Remove calls to pthread_testcancel and just call
pthread::static_cancel_self if the cancel event object is signalled.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* path.cc (symlink_native): Fix index when looking for colon in path.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
ps_AF locales
* nlsfuncs.cc (setlocaleinfo): New macro calling __setlocaleinfo.
(__setlocaleinfo): New function to set a locale-specific character
to an explicit wchar_t value.
(__set_lc_numeric_from_win): Handle fa_IR and ps_AF locales to return
same decimal point and thousands separator characters as on Linux.
(__set_lc_monetary_from_win): Ditto for monetary characters.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* libc/stdlib/Makefile.am (GENERAL_SOURCES): Add strtodg.c and
strtorx.c.
* libc/stdlib/Makefile.in: Regenerate.
* libc/stdlib/strtodg.c: New file implementing generic string to long
double conversion.
* libc/stdlib/strtorx.c: New file, implementing IEEE format string to
long double conversion.
* libc/stdlib/mprec.h (_strtodg_r): Declare.
(_strtorx_r): Declare.
* libc/stdlib/gdtoa.h (__UShort): Define.
* libc/stdlib/strtold.c (__flt_rounds): Define for i386 and x86_64
target.
(FLT_ROUNDS): Define, as 0 on platforms missing a __flt_rounds
function.
(_strtold_r): Converted from strtold. Call _strtorx_r on targets
supporting distinct long doubles.
(strtold): Just call _strtold_r.
* libc/include/stdlib.h (_strtold_r): Declare.
* libc/stdlib/ldtoa.c (_strtold): Comment out. Explain why.
* libc/stdio/vfscanf.c (__SVFSCANF_R): Call _strtold_r instead of
_strtold.
* libc/machine/powerpc/vfscanf.c (__svfscanf_r): Ditto.
* common.din (strtold): Drop redirection to _strtold.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* sec_acl.cc (get_posix_access): Skip merging permissions if current
user has rwx permissions anywa, or if the sum of all group and other
permissions is less than or equal to the user's permissions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* sec_acl.cc (get_posix_access): Fix computation of effective user
permissions to handle current user, not only the file owner.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* fhandler_tty.cc (fhandler_pty_slave::open): Add S_IFCHR flag
in call to create_object_sd_from_attribute.
(fhandler_pty_slave::fstat): Ditto in call to get_object_attribute.
(fhandler_pty_slave::fchmod): Add an orig_mode flag and ditto for
both calls.
(fhandler_pty_master::setup): Ditto in call to
create_object_sd_from_attribute.
* security.cc (get_object_attribute): Never add S_IFCHR to mode
here. Let the caller decide.
(create_object_sd_from_attribute): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* security.h (authz_get_user_attribute): Declare bool.
* sec_helper.cc (authz_ctx::get_user_attribute): Make bool method.
Set S_IxOTH bits in returned attributes rather than S_IxUSR bits.
(authz_get_user_attribute): Make bool function.
* sec_acl.cc (get_posix_access): Introduce cygsid array to keep
track of all SIDs in the ACL. Move AuthZ calls into !new_style
permission post processing. When not using AuthZ, use
CheckTokenMembership to collect group permissions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Disable
deviation from POSIX 1003.1e in terms of GROUP_OBJ/CLASS_OBJ
permissions. Follow POSIX 1003.1e again. Keep old code in
for future reference.
* sec_acl.cc: Accommodate changes in ACE creation in leading
comment.
(set_posix_access): Fix user deny ACE creation. Split group
deny ACE creation into two steps, one to reflect CLASS_OBJ,
the other to reflect OTHER_OBJ.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* sec_acl.cc (getacl): Use Authz to fetch correct user permissions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* autoload.cc (AuthzAccessCheck): Import.
(AuthzFreeContext): Import.
(AuthzInitializeContextFromSid): Import.
(AuthzInitializeContextFromToken): Import.
(AuthzInitializeResourceManager): Import.
* sec_helper.cc (get_sids_info): Remove.
(class authz_ctx_cache_entry): New class.
(class authz_ctx_cache): New class.
(class authz_ctx): New class.
(authz_get_user_attribute): New function.
* security.h (get_sids_info): Drop prototype.
(authz_get_user_attribute): Add prototype.
* winlean.h (_AUTHZ_): Define.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
- New, unified implementation of POSIX permission and ACL handling. The
new ACLs now store the POSIX ACL MASK/CLASS_OBJ permission mask, and
they allow to inherit the S_ISGID bit. ACL inheritance now really
works as desired, in a limited, but theoretically equivalent fashion
even for non-Cygwin processes.
To accommodate Windows default ACLs, the new code ignores SYSTEM and
Administrators group permissions when computing the MASK/CLASS_OBJ
permission mask on old ACLs, and it doesn't deny access to SYSTEM and
Administrators group based on the value of MASK/CLASS_OBJ when
creating the new ACLs.
The new code now handles the S_ISGID bit on directories as on Linux:
Setting S_ISGID on a directory causes new files and subdirs created
within to inherit its group, rather than the primary group of the user
who created the file. This only works for files and directories
created by Cygwin processes.
2015-05-29 Corinna Vinschen <corinna@vinschen.de>
Reapply POSIX ACL changes.
* utils.xml (setfacl): Show new option output.
(getfacl): Show new option output.
* sec_acl.cc (get_posix_access): Check for Cygwin "standard" ACL.
Apply umask, if so. Align comments.
* security.cc (set_created_file_access): Fix permission masking by
incoming requested file mode.
* sec_acl.cc (set_posix_access): Apply mask only in terms of execute bit
for SYSTEM and Admins group.
* sec_acl.cc (set_posix_access): Don't create DENY ACEs for USER and
GROUP entries if they are the same as USER_OBJ or GROUP_OBJ.
* fhandler.h (fhandler_pty_slave::facl): Add prototype.
* fhandler_tty.cc (fhandler_pty_slave::facl): New method.
(fhandler_pty_slave::fchown): Fix uid/gid handling.
* sec_acl.cc (set_posix_access): Drop superfluous class_idx variable.
Simplify and move around code in a few places. To improve ACL
readability, add r/w permissions to Admins ACE appended to pty ACL.
Add comment to explain Windows ACE Mask filtering being in the way of
creating a real CLASS_OBJ.
(get_posix_access): Fake CLASS_OBJ for ptys. Explain why.
* security.cc (get_object_attribute): Add S_IFCHR flag to attributes
when calling get_posix_access.
* sec_acl.cc (set_posix_access): Move merging group perms into owner
perms in case of owner == group after mask has been computed. Take
mask into account when doing so to avoid unnecessary ACCESS_DENIED_ACE.
* sec_acl.cc (get_posix_access): Only set saw_group_obj flag if we saw
the ACCESS_ALLOWED_ACE.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Deliberatly
set GROUP_OBJ and CLASS_OBJ perms to new group perms. Add comment
to explain why.
* security.cc (set_created_file_access): Ditto.
* sec_acl.cc (set_posix_access): Replace previous patch. Return
EINVAL if uid and/or guid is invalid and not backed by an actual
Windows account.
* sec_acl.cc (set_posix_access): Workaround owner/group SIDs being NULL.
* sec_acl.cc (set_posix_access): Handle files with owner == group.
Rephrase switch statement checking against unfiltered a_type value.
(get_posix_access): Handle files with owner == group.
* sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up
CLASS_OBJ mask on old-style ACLs. Fix a comment.
* sec_acl.cc (set_posix_access): Always make sure Admins have
WRITE_DAC and WRITE_OWNER permissions.
* security.h (create_object_sd_from_attribute): Drop handle parameter
from prototype.
* security.cc (create_object_sd_from_attribute): Drop handle parameter.
Just create the standard POSIXy security descriptor.
(set_object_attribute): Accommodate dropped paramter in call to
create_object_sd_from_attribute.
* fhandler_tty.cc: Ditto, throughout.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Fix typo in
mask computation.
* fhandler.cc (fhandler_base::open_with_arch): Call open with mode
not umasked.
(fhandler_base::open): Explicitely umask mode on NFS here. Call new
set_created_file_access rather than set_file_attribute.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Reimplement
setting permissions on filesystems supporting ACLs using the new
set_posix_access call.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::mkdir): Call new set_created_file_access rather
than set_file_attribute.
* fhandler_socket.cc (fhandler_socket::bind): Don't umask here. Add
WRITE_OWNER access to allow writing group in case of SGID bit set.
Call new set_created_file_access rather than set_file_attribute.
* path.cc (symlink_worker): Call new set_created_file_access rather
than set_file_attribute.
* sec_acl.cc (searchace): Un-staticize.
(set_posix_access): New, complementary functionality to
get_posix_access.
(setacl): Implement in terms of get_posix_access/set_posix_access.
(get_posix_access): Add handling for just created files requiring
their first Cygwin ACL. Fix new_style recognition. Handle SGID
bit. For old-style ACLs, ignore SYSTEM and Administrators when
computing the {DEF_}CLASS_OBJ perms.
* security.cc (get_file_sd): Revamp comment. Change and (hopefully)
speed up inheritance processing for just created files.
(alloc_sd): Remove.
(set_security_attribute): Call set_posix_access instead of alloc_sd.
(get_object_attribute): Fix return value.
(create_object_sd_from_attribute): Call set_posix_access instead of
alloc_sd.
(set_file_attribute): Remove.
(set_created_file_access): New function implemented in terms of
get_posix_access/set_posix_access.
* security.h (set_file_attribute): Remove prototype.
(set_created_file_access): Add prototype.
(searchace): Ditto.
(set_posix_access): Ditto.
* syscalls.cc (open): Call open_with_arch with mode not umasked.
* sec_acl.cc: Change preceeding comment explaining new-style ACLs.
Describe how to generate deny ACEs in more detail. Accommodate the
fact that a NULL deny ACE is used for {DEF_}CLASS_OBJ, rather than
a special Cygwin ACE. Improve further comments.
(CYG_ACE_NEW_STYLE): Define.
(get_posix_access): Change from Cygwin ACE to NULL deny ACE. Fix
CLASS_OBJ handling to generate CLASS_OBJ and DEF_CLASS_OBJ from a single
NULL deny ACE if the inheritance flags say so.
* sec_helper.cc (well_known_cygwin_sid): Remove.
* security.h (well_known_cygwin_sid): Drop declaration.
* sec_acl.cc (CYG_ACE_ISBITS_TO_WIN): Fix typo.
(get_posix_access): Rename index variable from i to idx. Define only
once at top level.
* security.cc (add_access_allowed_ace): Drop unused parameter "offset".
Accommodate throughout.
(add_access_denied_ace): Ditto.
* sec_acl.cc: Accommodate above change throughout.
* security.h (add_access_allowed_ace): Adjust prototype to above change.
(add_access_denied_ace): Ditto.
* sec_acl.cc (get_posix_access): Handle multiple ACEs for the
owner and primary group of the file. Handle the default primary
group ACE as DEF_GROUP_OBJ entry if the directory has the S_ISGID bit
set. Add comments. Minor code rearrangements.
Preliminary read side implementation of new permission handling.
* acl.h (MAX_ACL_ENTRIES): Raise to 2730. Add comment to explain.
* sec_acl.cc: Add leading comment to explain new ACL style.
Add definitions and macros to use for bits in new Cygwin ACL.
(DENY_RWX): New mask value for all temporary deny bits.
(getace): Add bool parameter to decide when leaving all bits intact,
rather than filtering them per the already set bits.
(get_posix_access): New function, taking over functionality to read
POSIX ACL from SECURITY_DESCRIPTOR.
(getacl): Just call get_posix_access.
* sec_helper.cc (well_known_cygwin_sid): Define.
* security.cc (get_attribute_from_acl): Remove.
(get_info_from_sd): Remove.
(get_reg_sd): Call get_posix_access instead of get_info_from_sd.
(get_file_attribute): Ditto.
(get_object_attribute): Ditto.
* security.h (well_known_cygwin_sid): Declare.
(get_posix_access): Add prototype.
* Throughout, use simpler ACE macros from Windows' accctrl.h.
* getfacl.c (main): Special-case SYSTEM and Admins group. Add comments.
* setfacl.c: Align more to Linux tool.
(delacl): New function to delete acl entries only.
(modacl): Drop delete functionality. Add handling of recomputing the
mask and default mask values.
(delallacl): Rename from delacl.
(setfacl): Call delacl in Delete case. Call delallacl in DeleteAll
and DeleteDef case.
(usage): Accommodate new options. Rearrange and rephrase slightly.
(longopts): Emit 'x' in --delete case. Add --no-mask and --mask
options.
(opts): Add -x and -n options.
(main): Handle -d and -x the same. Handle -n and --mask options.
Drop handling for -r option.
* getfacl.c (usage): Align more closely to Linux version. Add new
options -c, -e, -E. Change formatting to accommodate longer options.
(longopts): Rename --noname to --numeric. Keep --noname for backward
compatibility. Add --omit-header, --all-effective and --no-effective
options.
(opts): Add -c, -e and -E option.
(main): Handle new -c, -e, and -E options.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
* include/cygwin/version.h (CYGWIN_VERSION_DLL_MAJOR): Bump to 2004.
(CYGWIN_VERSION_API_MINOR): Reset to 0.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|
|
|
|
* path.cc (symlink_native): Don't generate native symlink targeting
Cygwin special file. Inform the caller.
(symlink_worker): Don;t bail out in WSYM_nativestrict case if the
target is a Cygwin special file.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
|