On Thu, 18 Dec 2025 12:23:06 +0100
Corinna Vinschen wrote:
> From: Corinna Vinschen <[email protected]>
>
> Do not only allow to override the (localized) group "None" as primary
> group, but also the user account. The user account is used as primary
> group in the user token, if the user account is a Microsoft Account or
> an AzureAD account.
Is there any evidence of:
"The user account is used as primary group in the user token, "
>
> Fixes: dc7b67316d01 ("Cygwin: uinfo: prefer token primary group")
> Signed-off-by: Corinna Vinschen <[email protected]>
> ---
> winsup/cygwin/uinfo.cc | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
> diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc
> index 8e9b9e07de9d..fb4618b8a19e 100644
> --- a/winsup/cygwin/uinfo.cc
> +++ b/winsup/cygwin/uinfo.cc
> @@ -170,13 +170,17 @@ internal_getlogin (cygheap_user &user)
> group of a local user ("None", localized), we have to find the SID
> of that group and try to override the token primary group. Also
> makes sure we're not on a domain controller, where account_sid ()
> - == primary_sid (). */
> + == primary_sid ().
> + CV 2025-12-05: Microsoft Accounts as well as AzureAD accounts have
> + the primary group SID in their user token set to their own user SID.
> + Allow to override them as well. */
> gsid = cygheap->dom.account_sid ();
> gsid.append (DOMAIN_GROUP_RID_USERS);
> if (!pgrp
> || (pwd->pw_gid != pgrp->gr_gid
> && cygheap->dom.account_sid () != cygheap->dom.primary_sid ()
> - && RtlEqualSid (gsid, user.groups.pgsid)))
> + && (gsid == user.groups.pgsid
> + || user.sid () == user.groups.pgsid)))
> {
> if (gsid.getfromgr (grp = internal_getgrgid (pwd->pw_gid, &cldap)))
> {
> --
> 2.52.0
Other than that LGTM.
--
Takashi Yano <[email protected]>
