From: Corinna Vinschen <[email protected]>
Do not only allow to override the (localized) group "None" as primary
group, but also the user account. The user account is used as primary
group in the user token, if the user account is a Microsoft Account or
an AzureAD account.
Fixes: dc7b67316d01 ("Cygwin: uinfo: prefer token primary group")
Signed-off-by: Corinna Vinschen <[email protected]>
---
winsup/cygwin/uinfo.cc | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc
index 8e9b9e07de9d..fb4618b8a19e 100644
--- a/winsup/cygwin/uinfo.cc
+++ b/winsup/cygwin/uinfo.cc
@@ -170,13 +170,17 @@ internal_getlogin (cygheap_user &user)
group of a local user ("None", localized), we have to find the SID
of that group and try to override the token primary group. Also
makes sure we're not on a domain controller, where account_sid ()
- == primary_sid (). */
+ == primary_sid ().
+ CV 2025-12-05: Microsoft Accounts as well as AzureAD accounts have
+ the primary group SID in their user token set to their own user SID.
+ Allow to override them as well. */
gsid = cygheap->dom.account_sid ();
gsid.append (DOMAIN_GROUP_RID_USERS);
if (!pgrp
|| (pwd->pw_gid != pgrp->gr_gid
&& cygheap->dom.account_sid () != cygheap->dom.primary_sid ()
- && RtlEqualSid (gsid, user.groups.pgsid)))
+ && (gsid == user.groups.pgsid
+ || user.sid () == user.groups.pgsid)))
{
if (gsid.getfromgr (grp = internal_getgrgid (pwd->pw_gid, &cldap)))
{
--
2.52.0
