Hi Linda, On Jan 23 17:34, Linda Walsh wrote: > Corinna Vinschen wrote: > > >- Can you please start inetd under strace, once under 1.7.33, once under > > the 1.7.34 test DLL and then log in as you usally do? This requires > > some patience because under strace the whole process of logging in > > will become almost unbearably slow. > ---- > ~20 seconds? > > > With the test DLL, you can stop > > immediately after the password prompt shows up. > --- > I trimmed both of the traces in gvim to the point when they > both first call "-bash".
Thanks for the straces. I think I know what happens. First of all, under Cygwin 1.7.34 rlogin reads your .rhosts file just the same as under 1.7.33. The difference is apparently that under 1.7.34, rlogin refuses the file due to too open permissions. This is a result of the fix in POSIX ACL handling. For a start, run `ls -l .rhosts' under both Cygwin versions. What you will see (more or less) is something like this: 1.7.33$ ls -l .rhosts -rw-------. 2 law.Bliss groupname Jan 23 17:56 .rhosts 1.7.34$ ls -l .rhosts -rw-rwx---. 2 law.Bliss groupname Jan 23 17:56 .rhosts Do you see the group permissions? They are too open, because your .rhosts' ACL contains permissions for other users, for instance, Administrators or SYSTEM. The ACL handling fix in Cygwin 1.7.34 causes that. Basically it's a result of (finally) implementing this POSIX ACL behaviour (quote from Linux' `man 5 acl': There is a correspondence between the file owner, group, and other permissions and specific ACL entries: the owner permissions correspond to the permissions of the ACL_USER_OBJ entry. If the ACL has an ACL_MASK entry, the group permissions correspond to the permissions of the ACL_MASK entry. Otherwise, if the ACL has no ACL_MASK entry, the group permissions correspond to the permissions of the ACL_GROUP_OBJ entry. The other permissions correspond to the permissions of the ACL_OTHER_OBJ entry. So the group permission bits reflect the ACL_MASK value, and the ACL_MASK value is the inclusive or of all permissions of all secondary ACL_USER and ACL_GROUP entries in the ACL. For instance: user: rw- group: r-- other: --- group:Administrators: --x ==> $ ls -l file -rwr-x--- ... So the permissions become the or'ed mask of the permissions of the primary group and all secondary users' and group: r-- OR --x = r-x So, the problem are the permissions. How do you change that? That's easy. Just remove all ACL entries which don't belong to the standard POSIX permissions. The new setfacl(1) in 1.7.34 has a simple command for that: $ setfacl -b .rhosts The result should be: 1.7.34$ ls -l .rhosts -rw-------. 2 law.Bliss groupname Jan 23 17:56 .rhosts HTH, Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
pgpBrhXSrSpJB.pgp
Description: PGP signature