=============================================================================== ==== ==== ==== This file is deprecated ==== ==== ==== =============================================================================== 2015-08-30 Corinna Vinschen * cygwin-service-installation-helper.sh: Throughout replace *server1014 with *server1016. * native/winProductName.c (products): Add missing values since W10. (GetOSDisplayString): Rename Server 2014 to Server 2016. 2015-04-02 Achim Gratz * cygwin-service-installation-helper.sh (csih_create_privileged_user): Also add SeDenyInteractiveLogonRight to the service user. otherwise it will be shown on the logon screen in some versions of Windows. 2015-02-23 Achim Gratz * cygwin-service-installation-helper.sh (csih_use_file_etc): Correct the return value in the case that /etc/nsswitch.conf exists, but has no active line for that file. The default contains db, so use_file=1 must be maintained. Add a comment for that case. 2015-02-20 Achim Gratz * cygwin-service-installation-helper.sh (csih_get_system_and_admins_ids): Remove reference to /etc/{passwd/group} files. (csih_check_passwd_and_group): Branch code based on the result of csih_old_cygwin. Correct comment about the version that change happened in Cygwin. (csih_old_cygwin): Factor out check for Cygwin version that do not have DB-based user/group lookup. Correct version that code actually went into Cygwin. (csih_use_file_etc): Use csih_old_cygwin. Correct the check for nsswitch.conf content so that it confroms to the intended and commented behaviour. * cygwin-service-installation-helper.sh: Whitespace cleanup (only trailing spaces, consider tabification). Register new function "csih_old_cygwin". 2015-01-08 Henri ??? * cygwin-service-installation-helper.sh (csih_use_file_etc): Fix regular expression to catch commented out "db" entry correctly. 2015-01-07 Corinna Vinschen * version.h (VERSION_MICRO): Revert version bump. 2015-01-07 Corinna Vinschen * cygwin-service-installation-helper.sh (csih_privileged_accounts): Fix copy/paste bug. (csih_create_privileged_user): Evaluate local Windows administrators group name instead of relying on Cygwin group name. Fix error message. * version.h (VERSION_MICRO): Bump to 9. 2014-12-11 Christian Franke * cygwin-service-installation-helper.sh (csih_create_local_group): Fix typo. 2014-12-10 Corinna Vinschen * native/Makefile: More changes to allow cross-building (barely). 2014-12-10 Corinna Vinschen * version.h (VERSION_MICRO): Bump to 8. * native/Makefile (LIBS): Drop default-manifest file. * native/Win32Error.h: Downcase header filenames to enable cross compiling. * native/getAccountName.cpp: Drop useless tchar.h include. 2014-12-10 Corinna Vinschen * Makefile: Remove stray trailing backslash. * winProductName.c (GetOSDisplayString): Always call GetNativeSystemInfo since we're only supporting XP and later anyway. Drop checks for older OS-versions. Rearrange Major/Minor OS number check to accommodate the menacing OS version 10.x for Windows 10. 2014-11-24 Corinna Vinschen * cygwin-service-installation-helper.sh: Drop global checks for NT and Cygwin version 1.7. (csih_VERSION): Bump to 0.9.8. (csih_PRIVILEGED_USERWINNAME): New global variable. (csih_PRIVILEGED_USERDOMAIN): Ditto. (csih_UNPRIVILEGED_USERNAME): Ditto. (csih_UNPRIVILEGED_USERWINNAME): Ditto. (csih_UNPRIVILEGED_USERDOMAIN): Ditto. (csih_LOCAL_GROUPNAME): Ditto. (csih_LOCAL_GROUPWINNAME): Ditto. (csih_LOCAL_GROUPDOMAIN): Ditto. (_csih_well_known_privileged_accounts): Add machinename-prefixed names. (_csih_well_known_privileged_accounts_quoted): Ditto. (_csih_sanity_check): Check for getent. (_csih_nt): Remove. (_csih_2k): Remove. (_csih_windows8_1): Add. (_csih_windows10): Add. (_csih_exactly_windows8_1): Add. (_csih_exactly_windows10): Add. (csih_is_nt): Always return 0. (csih_is_2k): Ditto. (csih_is_xp): Ditto. (csih_is_windows8_1): New function. (csih_is_windows10): Ditto. (csih_cygver_is_oneseven): Always return 0. (csih_is_exactly_windows8_1): New function. (csih_is_exactly_server2012r2): Ditto. (csih_is_exactly_windows10): Ditto. (csih_is_exactly_server2014): Ditto. (csih_check_sys_mount): Always return 0. (csih_use_file_etc): New function to check for /etc/passwd or /etc/group requirement. (csih_get_system_and_admins_ids): Don't require /etc/passwd or /etc/group. Allow new Cygwin usernames generated from Windows account DBs. (csih_check_passwd_and_group): Ditto. (csih_check_user): Ditto. (csih_privileged_accounts): Ditto. (csih_account_has_necessary_privileges): Ditto. (csih_select_privileged_username): Ditto. (csih_create_privileged_user): Ditto. (csih_create_unprivileged_user): Ditto. (csih_service_should_run_as): Ditto. (csih_create_local_group): New function. (_csih_late_initialization_code): Set new OS variables. 2014-11-10 Corinna Vinschen * native/Makefile (LIBS): Add default-manifest file. (NTDLL): Define. (getAccountName): Add $(CFLAGS). Fix usage of $(LIBS) for PE/COFF platform. (winProductName): Ditto. Add $(NTDLL). * native/winProductName.c: Re-indent for better readability. Remove not working tchar.h overhead. (products): Drop "note"-type comments. (RtlGetVersion): Declare. (RtlGetProductInfo): Declare. (GetOSDisplayString): Use RtlGetVersion and RtlGetProductInfo. Explain why. Use switch statements rather than if/else if chains where applicable. Add support for Windows 8.1, Server 2012 R2, Windows 10 and Server 2014(?). Drop support for Windows versions prior to Windows XP. 2013-04-09 Charles Wilson <...> 0.9.7 release * cygwin/Makefile: Adapt for 64bit cross-compiling. * cygwin/getVolInfo.c: Avoid ddk headers and internal functions. * native/Makefile: Modify to support building with mingw64 toolchains. Auto-detect platform and choose wisely when not cross-compiling; otherwise rely on caller to set NATIVECC and NATIVECXX. * native/lookupAccountName.h: Don't redeclare WELL_KNOWN_SID_TYPE when win32api headers already do so. However, add new values to declaration if you do need to declare it. * native/lookupAccountName.h: Don't redeclare CreateWellKnownSid when w32api headers already do so. * native/getAccountName.cpp: Use hardcoded value to represent maximum WELL_KNOWN_SID_TYPE enumeration value, since the various w32api versions are all different. * native/winProductName.c: Add new macro values and strings for GetProductInfo dwType. (GetOSDisplayString): Use proper name for Windows Server 2012. Adapt to newly added values for GetProductInfo dwType. * cygwin-service-installation-helper.sh: Bump version number. (csih_cygwin_is_64bit): New function. (csih_is_exactly_windows8server): Rename to (csih_is_exactly_server2012): this. (_csih_late_initialization_code): Adapt to changes in winProductName. * version.h: Bump version. * NEWS: Document changes. 2012-03-26 Charles Wilson <...> 0.9.6 release * native/Makefile: Use static language runtime libraries. * cygwin/Makefile: Use static language runtime libraries. * cygwin-service-installation-helper.sh: Bump version. * version.h: Bump version. * NEWS: Document changes. 2012-02-09 Charles Wilson <...> 0.9.5 release. * native/Makefile: Avoid -mno-cygwin. * native/winProductName.c (GetOSDisplayString): Support Windows 8 and Windows Server 8. Improve support for various Microsoft OS products. * version.h: Bump version. * csih.sh: Bump version. (csih_is_windows8): New function. (csih_is_exactly_windows8): New function. (csih_is_exactly_windows8server): New function. (csih_account_has_necessary_privileges): Don't attempt to validate membership in Administrators group -- the test doesn't work properly on domains anyway. Just try to set the necessary rights and report error if the operation fails. (csih_create_privileged_user): Don't attempt to check whether /usr/bin/passwd has the -e option; all versions of passwd shipped with cygwin-1.7.x support it. (_csih_late_initialization_code): Fix bug related to the various existing csih_is_exactly_* functions. Support new Windows 8 related ones. 2011-02-13 Charles Wilson <...> 0.9.4 release * csih.sh: Bump version number. * version.h: ditto. 2011-02-12 Charles Wilson <...> Add support for tmpfiles; remove obsolete code. * NEWS: Update documentation. * csih.sh: (csih_check_basic_mounts): Deprecate; replace with stub that issues warning message. (csih_writable_tmpdir): New function. (csih_mktemp): New function. (_csih_sanity_check): Check also chown, mktemp, mv. (_csih_warning_for_missing_ACL_support): Remove accomodations for cygwin-1.5. (_csih_setup): Don't call csih_check_basic_mounts. (csih_create_privileged_user): Use csih_mktemp instead of $$ for temporary files. Take more care to preserve ownership, permissions, and ACLs when replacing /etc/passwd. 2011-02-11 Corinna Vinschen <...> Charles Wilson <...> Verify external tools before using; invoke via full paths. * NEWS: Update documentation. * csih.sh: Massive reorganization to ensure that external applications are verified before using them to initialize variables. Initialization now has four distinct phases -- First, the easy stuff. Then, stuff that requires external apps (e.g. coreutils) -- and the sanity check is performed during the phase. Third, stuff that requires the utilities shipped in this package, and csih_invoke_helper(). These three phases now occur which csih is sourced. The final phase is peformed by _csih_setup() which is called by public API functions when THEY are invoked by the client. Throughout, invoke external tools via full path to avoid conflicts in the presence of unexpected $PATH contents. Invoke net.exe via new csih_call_winsys32() function throughout. (csih_sanity_check): Deprecated (issues warning), replaced by... (_csih_sanity_check): New function. Issue warning message here, rather than in _csih_setup (reword and expand message to apply to both cygwin and Red Hat installations). (_csih_late_initialization_code): Initialize _csih_script_dir and _csih_exec_dir here, instead of 'inline'. (csih_check_program): Return 1 if specified program doesn't exist; 2 if it exists but can't be executed. Prefer full pathnames but use hash if relative pathname is supplied. (csih_check_program_or_warn, csih_check_program_or_error): Ripple from changes to csih_check_program; print appropriate warning or error messages. (_csih_setup): No longer call csih_sanity_check, since internal replacement _csih_sanity_check is now called when csih is sourced. (_csih_get_exec_dir): Use hash builtin to locate program in $PATH search fallback case, rather than csih_check_program. (csih_call_winsys32): New function used to invoke tools that reside in the ${SYSTEMROOT}/system32/ directory (such as net.exe). 2011-02-07 Corinna Vinschen <...> 0.9.3 release. * version.h: Bump version number. * csih.sh (csih_install_config): Not an error if user elects NOT to overwrite existing files; return success (0). * NEWS: Update documentation. 2010-11-16 Charles Wilson <...> Actual 0.9.2 release. * cygwin/getVolInfo.c (main): Use cygwin_create_path instead of deprecated cygwin_conv_to_full_win32_path. * native/Makefile: Use gcc-3 and g++-3 explicitly. * NEWS: Update documentation. 2010-11-16 Charles Wilson <...> * version.h: Bump version number. 2010-11-16 Charles Wilson <...> * csih.sh (csih_account_has_necessary_privileges): Fix typo. (csih_create_privileged_user): Fix typo. 2010-11-16 Charles Wilson <...> Document XP64/XP32 issues. Remove vestiges of Win9x. * TODO: Remove Win9x item. * NEWS: Update documentation. * csih.sh: Update version and copyright date. Update comments throughout to reflect that WinXP64 is included in "Windows NT Server 2003 or above). (csih_is_nt2003): Expand commentary to describe situation. (_csih_warning_for_win9x_perms): Removed. (csih_guest_account_active): Remove check for !csih_is_nt. (_csih_warning_for_missing_ACL_support): Ditto. (csih_privileged_accounts): Ditto. (csih_create_privileged_user): Ditto. (csih_create_unprivileged_user): Ditto. (csih_select_privileged_username): Remove check for !csih_is_nt. Update user messages regarding NT2003/XP64. (csih_service_should_run_as): Ditto. 2009-08-01 Charles Wilson <...> Release 0.9.1 * NEWS: Update. * csih.sh: Update version. * version.h: Update version. 2009-07-23 Corinna Vinschen <...> * cygwin/getVolInfo.c: Check ZwOpenFile status code for STATUS_INVALID_PARAMETER and retry top open with FILE_READ_DATA access. Simply STATUS_NO_MEDIA_IN_DEVICE condition. 2009-05-03 Charles Wilson <...> Add error checking for supported OS/cygwin version. * NEWS: Update. * csih.sh (csih_win_product_name): New function, allows to cache results of calling winProductName since we have to call it anyway. (_csih_late_initialization_code): set cache variable for use by csih_win_product_name(). (main): Check that OS is at least WinNT, and cygwin version is at least 1.7.0, else issue error. 2009-05-03 Charles Wilson <...> Update version number on trunk. * NEWS: Update. * csih.sh (main): Update csih_VERSION. * version.h: New file. * native/getAccountName.cpp: Use version.h to set version number. * native/winProductName.c: Ditto. 2009-05-03 Charles Wilson <...> Release 0.2.0 * NEWS: Update. * csih.sh (main): Update csih_VERSION. * native/getAccountName.cpp: Bump version number. * native/winProductName.c: Bump version number. 2009-03-29 Charles Wilson <...> ACLs for /var/*; supress unnecessary info msgs * csih.sh (_csih_setup): Add ACLs for system user and Administrators group to /var/log, /var/run, and /var/empty. (csih_select_privileged_username): Supress informational messages about other privileged users when called with -u $specific_username_request. 2009-03-28 Charles Wilson <...> * TODO: New. * AUTHORS: Updated. * csih.sh (main): Bump version number. (_csih_well_known_privileged_accounts[_quoted]): New. (csih_privileged_accounts): New -u $username option; check also the specified $username, as well as the 'well known' accounts. (csih_privileged_account_exists): Modify semantics; now return true if account exists and has necessary privileges, even if it is not one of the 'well known' accounts. (csih_select_privileged_username): Add -u $default_user option. Allows to specify some (possibly not yet existing) account for the service to run under, IF if is not already installed. This allows to override the *default* default, cyg_server. (csih_is_windows7): New. (csih_is_exactly_windows7): New. (csih_is_exactly_server2008r2): New. * native/getAccountName.cpp: Bump version number. * native/winProductName.c: Bump version number. Update for Windows 7, Windows Server 2008 R2. * NEWS: Update documentation. 2009-03-28 Charles Wilson <...> * csih.sh (csih_privileged_accounts): Issue warning if $username in /etc/passwd but not SAM. Reported by: Herb Maeder 2009-03-28 Julio Costa <...> * csih.sh (csih_select_privileged_username): Add -f option. (csih_create_privileged_user): Expand comments. 2009-01-28 Corinna Vinschen * csih.sh (csih_get_cygenv): Don't check input for certain values. 2008-08-20 Charles Wilson <...> * csih.sh (_csih_setup): suppress error messages from chmod (when run as normal user). 2008-08-20 Charles Wilson <...> Correct csih_check_access behavior. * csih.sh (csih_check_access): update documentation. Fix broken if-clauses -- [ fn -a $var -eq "foo" ] doesn't work; use ( fn && [ $var -eq "foo" ]). Remove test (and erroneous comments) concerning ACLs and 'other' permission bits. (csih_select_privileged_username): reformat messages. 2008-08-20 Charles Wilson <...> csih-0.1.8 release * csih.sh (main): bump version number 2008-08-20 Corinna Vinschen Better support for domain accounts. * csih.sh (csih_create_privileged_user): return success if user already exists in /etc/passwd (allows to use pre-existing domain account as privileged user). (csih_create_unprivileged_user): return success if user already exists in /etc/passwd (allows to use pre-existing domain account as unpriv user). 2008-08-20 Charles Wilson <...> * csih.sh (csih_create_unprivileged_user): detect if fail to add user to /etc/passwd. 2008-08-20 Charles Wilson <...> * csih.sh (_csih_setup): Attempt to set correct permissions on /var/run, /var/log, /var/empty, and /etc. 2008-08-16 Charles Wilson <...> csih-0.1.7 release Fix bugs and improve Vista and cygwin-1.7 support. * csih.sh (main): update documentation, bump version number. (csih_cygver): new function. (csih_cygver_is_oneseven): new function. (csih_sanity_check): Check for stat program. (csih_get_system_and_admins_ids): Use 'stat -c %A' instead of 'ls -ld'. (csih_check_dir_perms): ditto. (csih_check_sys_mount): Document as cygwin-1.5.x specific. Unconditionally return 0 (true) for cygwin-1.7 and above. (csih_check_basic_mounts): ditto. (_csih_setup): Allow /var to have text bit set -- iow, match permissions pattern 'd..x..x..[xt]' (csih_select_privileged_username): workaround bug in cygwin-1.7 mkpasswd. Reparagraph error user message, fix documentation typo. (csih_service_should_run_as): Return either privileged account name OR system, not both. * NEWS: Update documentation. 2008-08-07 Charles Wilson <...> csih-0.1.6 release Add getVolInfo utility program. Use it to avoid checking permissions on volumes that do not support ACLs. * csih.sh (main): update documentation. (csih_WIN32_VOLS_WITH_ACLS): new client-accessible var. (csih_WIN32_VOLS_WITHOUT_ACLS): ditto. (csih_path_supports_acls): new function. (_csih_convert_w32vol_to_shell_pattern): new function. (_csih_path_in_volumelist_core): new function. (_csih_path_in_volumelist): new function. (csih_get_system_and_admins_ids): update comments. No longer an error if Administrators group is not found in /etc/passwd. (_csih_warning_for_win9x_perms): new function. (_csih_warning_for_missing_ACL_support): new function. (csih_check_dir_perms): bail out early (returning success but with a warning) if on OS older than windows NT, or the specified file/dir is on a volume that does not support ACLs. (csih_check_access): ditto. Also, improve comments. If csih_ADMINSUID is empty, gracefully skip checking if file/dir is owned by the Administrators group. * cygwin/Makefile: new file. * cygwin/getVolInfo.c: new file. * COPYING: update documentation. * NEWS: update documentation. 2008-08-04 Charles Wilson <...> Accept pre-existing privileged domain accounts. Default to privileged account on NT/2k/XP if exist. * csih.sh (csih_privileged_accounts): Always look for privileged users if NT or better. Look in both /etc/passwd and local SAM. (csih_privileged_account_exists): Update documentation to reflect behavior change inherited from above. (csih_select_privileged_username): Attempt to return a username even on NT/2k/XP (but default to empty if no pre-existing privileged user on those OS's). Be more specific in the informational messages emitted. Look in both /etc/passwd and local SAM for accounts, if user specified one we don't know about already. (csih_create_privileged_user): Improve comments. (csih_create_unprivileged_user): Improve comments. See FIXME! (remove this line from ChangeLog when resolved) (csih_service_should_run_as): Improve comments. Check both /etc/passwd and local SAM if "answer" is an account that did not exist when script was launched. For NT/2k/XP, default to pre-existing privileged user (if one exists), and only report SYSTEM otherwise. * NEWS: Document new behavior 2008-07-19 Corinna Vinschen * csih.sh (csih_account_has_necessary_privileges): Don't explicitely test for SeDenyXXX rights, nor for SeIncreaseQuotaPrivilege. (csih_create_privileged_user): Drop setting SeDenyInteractiveLogonRight and SeIncreaseQuotaPrivilege. 2008-07-19 Charles Wilson <...> csih-0.1.5 release * cish.sh (csih_account_has_necessary_privileges): Use editrights -t instead of editrights -l and fgrep. 2008-07-19 Corinna Vinschen * csih.sh (csih_account_has_necessary_privileges, csih_create_privileged_user): Don't disallow network logon for service user account. 2008-04-14 Charles Wilson <...> csih-0.1.4 release * csih.sh: add MIT/X license text. (csih_error): Removed any direct heritage from cygport due to licensing concerns. (csih_warning): ditto (csih_inform): ditto (csih_verbose): ditto * COPYING: update documentation * NEWS: update documentation * COPYING.GPLv3: removed 2008-04-09 Charles Wilson <...> * csih.sh (csih_account_has_necessary_privileges): new function (csih_select_privileged_username): new behavior if optionally specified service is installed. (csih_service_should_run_as): new optional argument service_name. If specified, checks to see if that service is already installed, and returns the installed account name if so. Otherwise, behavior is unchnaged. 2008-04-07 Corinna Vinschen <...> * csih.sh (csih_create_privileged_user): fix typo (_csih_setup): fix typo 2008-04-07 Charles Wilson <...> * csih.sh (csih_select_privileged_username): moved below _csih_setup so it can be a main entry point. Added option parsing: -q query mode, and service_name. Added caching; once csih_PRIVILEGED_USERNAME is set, avoid extra reprocessing. (csih_version_ge): new function for comparing version numbers. 'csih_version_ge A B' returns true if A >= B, where A and B are of the form x.y.z. (csih_version_le): ditto, for A <= B. (csih_version_gt): ditto, for A > B. (csih_version_lt): ditto, for A < B. (csih_version_eq): ditto, for A == B. 2008-04-02 Charles Wilson <...> * csih.sh (csih_create_privileged_user): accept password as optional first argument. * native/winProductName.c (usage): new function (help, license, version): ditto (main): add support for basic option parsing and help. * native/Makefile: link winProductName against libnative (for getopt support). * NEWS: new file * AUTHORS: new file * COPYING: new file * COPYING.GPLv3: new file * COPYING.LGPLv2.1: new file * COPYING.MIT_X: new file 2008-03-16 Charles Wilson <...> csih-0.1.3 release * csih.sh (_csih_late_initialization_code): new function. moved inline late initialization code to here. 2008-03-16 Charles Wilson <...> csih-0.1.2 release * native/winProductName.c: new file * native/Makefile: add rules for winProductName * csih.sh (csih_is_exactly_vista): new function * csih.sh (csih_is_exactly_server2008): new function * csih.sh: protect usage of $csih_progname against leading '-' character, throughout. * csih.sh (late initialization code): add new code block after definition of csih_invoke_helper(). 2008-03-06 Charles Wilson <...> csih-0.1.1 release * native/getAccountName.cpp: new file * native/getopt.c: new file * native/getopt.h: new file * native/getopt1.c: new file * native/lookupAccountName.cpp: new file * native/lookupAccountName.h: new file * native/Makefile: new file * native/ReadMe.Win32Error.txt: new file * native/Win32Error.h: new file * csih.sh (csih_is_2k): new function (csih_is_xp): new function (csih_is_vista): new function (csih_invoke_helper): new function (csih_get_localized_account_name): new function (csih_get_guest_account_name): new function (csih_guest_account_active): new function