Regression: errno returned by seteuid and companions incorrect

Tue Mar 26 09:55:00 GMT 2019

Corinna,
As result of the removal of create_token() (sec_auth.cc) in the call 
flow
of seteuid32(), something like:
@@ cat seteuid.c
int
main()
{
 errno = 0;
 if (seteuid( (uid_t)1004) != 0) { // 1004 = uid of different user
 printf("seteuid: errno = %d, errstr = %s\n", errno, 
strerror(errno) );
 } else printf("1004, OK\n");
}
returns an INCORRECT errno 
(http://man7.org/linux/man-pages/man2/seteuid.2.html)
64-@@ ./seteuid
seteuid: errno = 13, errstr = Permission denied ... huh? WRONG!
On Linux this simple "Simple Test Case" will result in:
@@ seteuid: errno = 1, errstr = Operation not permitted
-----
Before the introduction of "Service for User Logon" (s4u), calling
seteuid (or companions) would eventually result in
 - calling create_token, which in turn would call
 - NtCreateToken
If NtCreateToken() failed, it returned the following status:
 - STATUS_PRIVILEGE_NOT_HELD ((NTSTATUS)0xC0000061), which would
 map to:
 - ERROR_PRIVILEGE_NOT_HELD __MSABI_LONG(1314), which in turn would
 map to:
 - errno = EPERM (1, i.c. "Operation not permitted")
See errmap[],
 geterrno_from_nt_status() and
 geterrno_from_win_error() in winsup/cygwin/errno.cc
-----
Om my system I have fixed this regression as follows:
64-@@ uname -a
CYGWIN_NT-6.1 Seven 3.0.4(0.338/5/3) 2019年03月26日 08:25 x86_64 Cygwin
I applied the following hack to winsup/cygwin/sec_auth.cc:
1496 HANDLE
1497 s4uauth (bool logon, PCWSTR domain, PCWSTR user, NTSTATUS 
&ret_status)
1498 {
...
1525 if (logon) // true in the call flow from seteuid32()
1526 {
1527 /* Register as logon process. */
1528 debug_printf ("Impersonation requested");
1529 RtlInitAnsiString (&name, "Cygwin");
1530 status = LsaRegisterLogonProcess (&name, &lsa_hdl, 
&sec_mode);
1531 }
1532 else
1533 {
1534 /* Connect untrusted to just create a identification token */
1535 debug_printf ("Identification requested");
1536 status = LsaConnectUntrusted (&lsa_hdl);
1537 }
1538 if (status != STATUS_SUCCESS)
1539 {
1540 debug_printf ("%s: %y", logon ? "LsaRegisterLogonProcess"
1541 : "LsaConnectUntrusted", 
status);
// Henri: HACK!
 // LsaRegisterLogonProcess returns 
STATUS_PORT_CONNECTION_REFUSED
 if (status == STATUS_PORT_CONNECTION_REFUSED) // 
((NTSTATUS)0xC0000041)
 // => EACCES 
... WRONG!
 {
 // status that was previously returned by NtCreateToken
 status = STATUS_PRIVILEGE_NOT_HELD; // 
((NTSTATUS)0xC0000061) => EPERM
 }
 // STATUS_PRIVILEGE_NOT_HELD maps to ERROR_PRIVILEGE_NOT_HELD 
(1314),
 // which in turn maps to EPERM (1)
// Henri
1542 __seterrno_from_nt_status (status);
1543 goto out;
1544 }
Henri
Attached: errmapping-sorted.txt
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: errmapping-sorted.txt
URL: <http://cygwin.com/pipermail/cygwin/attachments/20190326/ccc04976/attachment.txt>
-------------- next part --------------
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple