Corinna Vinschen wrote: > On Apr 18 10:13, Charles Wilson wrote: >> Corinna Vinschen wrote: >>> owner: Current user. >>> group: The primary group of the account running setup. >>> other: Everyone, as usual. >> Although "current user" is Administrator if you launch setup on Vista as >> an ordinary user, but you have UAC enabled. > > No, not exactly. You're still your own self, just with the token > extended to contain the Administrators group with SE_GROUP_ENABLED flag > set in the group list, instead of with SE_GROUP_USE_FOR_DENY_ONLY. > > But it doesn't really matter. If you're running setup as a user which > is member of the Administrators group, on Vista or earlier, you have the > Administrators group in your user token.
??? I normally run setup using "Run as administrator" -- but then, of course, the process is not REALLY elevated until UAC kicks in. I'm not in a domain. So: $ getfacl /usr/bin/[.exe # file: /usr/bin/[.exe # owner: Administrator # group: None user::rwx group::r-x mask:rwx other:r-x Is exactly what you'd expect. But the Administrators group is nowhere present. How does that jibe with the 'token extended to contain the Administrators group'? Shouldn't there then be an additional entry for the Administrators group? > Why? I mean, why should you have a desire to chown the Cygwin tree? > The permissions are the ones from the archive. The owner is the > Admin's group (sort of root, which is probably what you want anyway), > and the files created by postinstall scripts will get the right owner > and permission by the script. No, in the existing setup, given the case above, the owner is the actual user used to run setup (in this case, 'Administrator' via the 'Run as Administrator'. NOT the AdministratorS group. > In theory, if we do it that way (assuming solution 3), a chown -R > should never be necessary. Well, assuming solution 3...wasn't there a lot of confusion in the 1.3.x days when if you created a file as Administrator it was always owned by AdministratorS? If there were no problems with that behavior, why was it changed? >> I think setup should accept three new command-line arguments: >> --change-owner= >> --change-group= >> --add-group-write-permission > > I don't like the idea of additional command line options since it > doesn't help 99% of the users, which are using setup.exe as a GUI-only > tool. That's the case with all of setup's command line options. They are there specifically to help the 1% of users who need it -- if we choose default behavior that truly is problem-free for the 99% majority. -- Chuck
