Home
My Posts

Archive
Login
Signup

Recent Posts

Free subdomains

Want your own xyz.kpaste.net sub-domain for your community? Just type the address into your browser address bar (foo.xyz.kpaste.net is also supported).

Suggestions/Bugs?

Email us at . Try to include as much info as possible.

About

Pastebin is a tool for collaborative debugging or editing.

 

msnfs41client: Patches to add (more) Windows builtin groups to the idmapper, cleanup+misc, 2025-10-09
Posted by Anonymous on Thu 9th Oct 2025 19:39
raw | new post

Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.

Syntax highlighting: None Bash C C++ CSS Diff HTML mIRC Script Perl PHP Python Smarty XML ---------------------------- ABAP Actionscript ADA Apache Log AppleScript APT sources.list ASM ASP AutoIT Bash C C# C++ C++ (with QT) CSS Diff HTML INI (Config Files) Java Javascript Lua Make mIRC Script MySQL NSIS Perl PHP Python Q(uick)BASIC robots Ruby Ruby on Rails SDLBasic Smarty SQL TCL Text VB.NET Visual BASIC Visual Fox Pro Visual Prolog Windows Registry Files XML Xorg.conf

To highlight particular lines, prefix each line with {%HIGHLIGHT}
From b35a92cc9d357262d315dad0d5d618e4364749fd Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Thu, 9 Oct 2025 18:58:23 +0200 Subject: [PATCH 1/4] cygwin_idmapper.ksh: Add Windows builtin group "Administrators" to idmapper Add Windows builtin group "Administrators" to idmapper Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- cygwin_idmapper.ksh | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/cygwin_idmapper.ksh b/cygwin_idmapper.ksh index 056bfa9..38f338d 100644 --- a/cygwin_idmapper.ksh +++ b/cygwin_idmapper.ksh @@ -74,6 +74,13 @@ if (( $? == 0 )) && [[ "$stdout" != ~(El)Unknown\+Group: ]] ; then c.localised_groupnames['None']="${stdout%%:*}" fi +# Group "Administrators" de_DE: "Administratoren" +# (primarily used by WindowsServer (2019) NFSv4.1 server) +stdout="$(getent group 'S-1-5-32-544')" +if (( $? == 0 )) && [[ "$stdout" != ~(El)Unknown\+Group: ]] ; then + c.localised_groupnames['Administrators']="${stdout%%:*}" +fi + compound -A localusers=( # # System accounts @@ -268,6 +275,28 @@ if [[ -v c.localised_groupnames['None'] ]] ; then ) fi +if [[ -v c.localised_groupnames['Administrators'] ]] ; then + localgroups+=( + ["${c.localised_groupnames['Administrators']}"]=( + localgroupname="${c.localised_groupnames['Administrators']}" + localgid=544 + ) + ['Administrators']=( + localgroupname="${c.localised_groupnames['Administrators']}" + localgid=544 + ) + # French Windows localised group name for "Administrators" + ['Administrateurs']=( + localgroupname="${c.localised_groupnames['Administrators']}" + localgid=544 + ) + # German Windows localised group name for "Administrators" + ['Administratoren']=( + localgroupname="${c.localised_groupnames['Administrators']}" + localgid=544 + ) + ) +fi case "${c.mode}" in 'nfsserver_owner2localaccount') -- 2.51.0 From 93dd24cf82ba66a502bf8785d35088ad5bf21686 Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Thu, 9 Oct 2025 19:15:26 +0200 Subject: [PATCH 2/4] cygwin_idmapper.ksh: Add Windows builtin group "Users" to idmapper Add Windows builtin group "Users" to idmapper. Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- cygwin_idmapper.ksh | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/cygwin_idmapper.ksh b/cygwin_idmapper.ksh index 38f338d..03a3ed3 100644 --- a/cygwin_idmapper.ksh +++ b/cygwin_idmapper.ksh @@ -81,6 +81,13 @@ if (( $? == 0 )) && [[ "$stdout" != ~(El)Unknown\+Group: ]] ; then c.localised_groupnames['Administrators']="${stdout%%:*}" fi +# Group "Users" de_DE: "Benutzer", fr_FR: "Utilisateurs" +# (primarily used by WindowsServer (2019) NFSv4.1 server) +stdout="$(getent group 'S-1-5-32-545')" +if (( $? == 0 )) && [[ "$stdout" != ~(El)Unknown\+Group: ]] ; then + c.localised_groupnames['Users']="${stdout%%:*}" +fi + compound -A localusers=( # # System accounts @@ -286,6 +293,7 @@ if [[ -v c.localised_groupnames['Administrators'] ]] ; then localgid=544 ) # French Windows localised group name for "Administrators" + # (from https://learn.microsoft.com/fr-fr/windows-server/identity/ad-ds/manage/understand-security-identifiers) ['Administrateurs']=( localgroupname="${c.localised_groupnames['Administrators']}" localgid=544 @@ -298,6 +306,30 @@ if [[ -v c.localised_groupnames['Administrators'] ]] ; then ) fi +if [[ -v c.localised_groupnames['Users'] ]] ; then + localgroups+=( + ["${c.localised_groupnames['Users']}"]=( + localgroupname="${c.localised_groupnames['Users']}" + localgid=545 + ) + ['Users']=( + localgroupname="${c.localised_groupnames['Users']}" + localgid=545 + ) + # French Windows localised group name for "Users" + # (from https://learn.microsoft.com/fr-fr/windows-server/identity/ad-ds/manage/understand-security-identifiers) + ['Utilisateurs']=( + localgroupname="${c.localised_groupnames['Users']}" + localgid=545 + ) + # German Windows localised group name for "Users" + ['Benutzer']=( + localgroupname="${c.localised_groupnames['Users']}" + localgid=545 + ) + ) +fi + case "${c.mode}" in 'nfsserver_owner2localaccount') # -- 2.51.0 From e73b16b10875b0372044e28efad6be72a46ae5c4 Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Thu, 9 Oct 2025 20:19:29 +0200 Subject: [PATCH 3/4] sys: Minor cleanup in updowncall code Minor cleanup in updowncall code. Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- sys/nfs41sys_updowncall.c | 69 ++++++++++++++++++++++----------------- 1 file changed, 39 insertions(+), 30 deletions(-) diff --git a/sys/nfs41sys_updowncall.c b/sys/nfs41sys_updowncall.c index 78ec5a2..6d4c6c9 100644 --- a/sys/nfs41sys_updowncall.c +++ b/sys/nfs41sys_updowncall.c @@ -56,6 +56,7 @@ #include <rx.h> #include <windef.h> #include <winerror.h> +#include <stdbool.h> #include <Ntstrsafe.h> @@ -156,7 +157,9 @@ static void unmarshal_nfs41_header( DbgP("[downcall header] " "xid=%lld opcode='%s' status=0x%lx errno=%d\n", tmp->xid, - ENTRY_OPCODE2STRING(tmp), (long)tmp->status, tmp->errno); + opcode2string(tmp->opcode), + (long)tmp->status, + tmp->errno); #endif } @@ -496,8 +499,8 @@ retry_wait: UserMode, FALSE, &timeout); print_wait_status(0, "[downcall]", status, - ENTRY_OPCODE2STRING(entry), entry, - (entry?entry->xid:-1LL)); + opcode2string(entry->opcode), entry, + entry->xid); switch(status) { case STATUS_SUCCESS: @@ -520,7 +523,7 @@ retry_wait: "returned status(=0x%lx), " "retry waiting for '%s' entry=0x%p xid=%lld\n", (long)status, - ENTRY_OPCODE2STRING(entry), + opcode2string(entry->opcode), entry, entry->xid); goto retry_wait; @@ -533,9 +536,9 @@ retry_wait: break; } DbgP("[upcall] abandoning '%s' entry=0x%p xid=%lld\n", - ENTRY_OPCODE2STRING(entry), + opcode2string(entry->opcode), entry, - (entry?entry->xid:-1LL)); + entry->xid); entry->state = NFS41_NOT_WAITING; ExReleaseFastMutexUnsafe(&entry->lock); goto out; @@ -617,8 +620,9 @@ NTSTATUS nfs41_downcall( const unsigned char *inbuf; const unsigned char *inbuf_orig; PLIST_ENTRY pEntry; - nfs41_updowncall_entry *tmp, *cur= NULL; - BOOLEAN found = 0; + nfs41_updowncall_entry *header_tmp; + nfs41_updowncall_entry *cur = NULL; + bool found = false; inbuf = inbuf_orig = LowIoContext->ParamsFor.IoCtl.pInputBuffer; @@ -629,18 +633,18 @@ NTSTATUS nfs41_downcall( #endif /* DEBUG_PRINT_DOWNCALL_HEXBUF */ #ifdef USE_STACK_FOR_DOWNCALL_UPDOWNCALLENTRY_MEM - nfs41_updowncall_entry stacktmp; /* rename this to |header_tmp| */ + nfs41_updowncall_entry header_tmp_from_stack; - tmp = &stacktmp; + header_tmp = &header_tmp_from_stack; #else - tmp = nfs41_downcall_allocate_updowncall_entry(); - if (tmp == NULL) { + header_tmp = nfs41_downcall_allocate_updowncall_entry(); + if (header_tmp == NULL) { status = STATUS_INSUFFICIENT_RESOURCES; goto out; } #endif /* USE_STACK_FOR_DOWNCALL_UPDOWNCALLENTRY_MEM */ - unmarshal_nfs41_header(tmp, &inbuf); + unmarshal_nfs41_header(header_tmp, &inbuf); ExAcquireFastMutexUnsafe(&downcalllist.lock); pEntry = &downcalllist.head; @@ -648,8 +652,8 @@ NTSTATUS nfs41_downcall( while (pEntry != NULL) { cur = (nfs41_updowncall_entry *)CONTAINING_RECORD(pEntry, nfs41_updowncall_entry, next); - if (cur->xid == tmp->xid) { - found = 1; + if (cur->xid == header_tmp->xid) { + found = true; break; } if (pEntry->Flink == &downcalllist.head) @@ -659,14 +663,17 @@ NTSTATUS nfs41_downcall( ExReleaseFastMutexUnsafe(&downcalllist.lock); SeStopImpersonatingClient(); if (!found) { - print_error("Didn't find xid=%lld entry\n", tmp->xid); + print_error("nfs41_downcall: Did not find xid=%lld entry\n", + header_tmp->xid); status = STATUS_NOT_FOUND; goto out_free; } ExAcquireFastMutexUnsafe(&cur->lock); if (cur->state == NFS41_NOT_WAITING) { - DbgP("[downcall] Nobody is waiting for this request!!!\n"); + DbgP("nfs41_downcall: " + "Nobody is waiting for this request (xid=%lld)!\n", + cur->xid); switch(cur->opcode) { case NFS41_SYSOP_WRITE: case NFS41_SYSOP_READ: @@ -711,12 +718,12 @@ NTSTATUS nfs41_downcall( goto out_free; } cur->state = NFS41_DONE_PROCESSING; - cur->status = tmp->status; - cur->errno = tmp->errno; + cur->status = header_tmp->status; + cur->errno = header_tmp->errno; status = STATUS_SUCCESS; - if (!tmp->status) { - switch (tmp->opcode) { + if (!header_tmp->status) { + switch (header_tmp->opcode) { case NFS41_SYSOP_MOUNT: unmarshal_nfs41_mount(cur, &inbuf); break; @@ -775,11 +782,12 @@ NTSTATUS nfs41_downcall( * passes a buffer which is too small) */ ULONG bytesread_from_inbuf = (ULONG)(inbuf - inbuf_orig); - if ((tmp->opcode != NFS41_SYSOP_VOLUME_QUERY) && + if ((header_tmp->opcode != NFS41_SYSOP_VOLUME_QUERY) && (bytesread_from_inbuf != inbuf_len)) { - print_error("nfs41_downcall: ASSERT: '%s': " + print_error("nfs41_downcall: ASSERT: '%s' (xid=%lld): " "(inbuf(=0x%p)-inbuf_orig(=0x%p))(=%ld) != inbuf_len(=%ld)\n", - opcode2string(tmp->opcode), + opcode2string(header_tmp->opcode), + cur->xid, inbuf, inbuf_orig, (long)bytesread_from_inbuf, @@ -807,9 +815,9 @@ NTSTATUS nfs41_downcall( nfs41_UpcallDestroy(cur); break; default: - print_error("##### nfs41_downcall: " + print_error("nfs41_downcall: xid=%lld " "unknown async opcode=%d ####\n", - (int)cur->opcode); + cur->xid, (int)cur->opcode); break; } } else { @@ -820,7 +828,7 @@ out_free: #ifdef USE_STACK_FOR_DOWNCALL_UPDOWNCALLENTRY_MEM ; #else - nfs41_downcall_free_updowncall_entry(tmp); + nfs41_downcall_free_updowncall_entry(header_tmp); out: #endif /* USE_STACK_FOR_DOWNCALL_UPDOWNCALLENTRY_MEM */ @@ -839,7 +847,7 @@ NTSTATUS nfs41_delayxid( const unsigned char *inbuf_orig; PLIST_ENTRY pEntry; nfs41_updowncall_entry *cur = NULL; - BOOLEAN found = FALSE; + bool found = false; FsRtlEnterFileSystem(); @@ -863,8 +871,9 @@ NTSTATUS nfs41_delayxid( */ ULONG bytesread_from_inbuf = (ULONG)(inbuf - inbuf_orig); if (bytesread_from_inbuf != inbuf_len) { - print_error("nfs41_delayxid: ASSERT: " + print_error("nfs41_delayxid: ASSERT (xid=%lld): " "(inbuf(=0x%p)-inbuf_orig(=0x%p))(=%ld) != inbuf_len(=%ld)\n", + delayxid, inbuf, inbuf_orig, (long)bytesread_from_inbuf, @@ -879,7 +888,7 @@ NTSTATUS nfs41_delayxid( cur = (nfs41_updowncall_entry *)CONTAINING_RECORD(pEntry, nfs41_updowncall_entry, next); if (cur->xid == delayxid) { - found = TRUE; + found = true; break; } if (pEntry->Flink == &downcalllist.head) -- 2.51.0 From f2514416343c745140313f9c480b856128734f25 Mon Sep 17 00:00:00 2001 From: Roland Mainz <roland.mainz@nrubsig.org> Date: Thu, 9 Oct 2025 20:30:39 +0200 Subject: [PATCH 4/4] cygwin: Add Cygwin DLL prototype patch to fix uid/gid mapping Add Cygwin DLL prototype patch to fix uid/gid mapping in cases where the machine does not use LDAP, and the NFS client uses Cygwin or UWIN to generate the uid/gid values. Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com> --- .../cygwin_dll_fix_uidgid4nfsv4_fs.diff | 40 +++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 cygwin/cygwin_patches/cygwin_dll_fix_uidgid4nfsv4_fs.diff diff --git a/cygwin/cygwin_patches/cygwin_dll_fix_uidgid4nfsv4_fs.diff b/cygwin/cygwin_patches/cygwin_dll_fix_uidgid4nfsv4_fs.diff new file mode 100644 index 0000000..3e339ff --- /dev/null +++ b/cygwin/cygwin_patches/cygwin_dll_fix_uidgid4nfsv4_fs.diff @@ -0,0 +1,40 @@ +# prototype fix for Cygwin DLL to handle uids/gids correctly on +# NFSv4 filesystems. +# Without LDAP they use Cygwin or UWIN to obtain the uid/gid for files, +# which breaks the assumptions in |fhandler_base::fstat_by_nfs_ea()| +# and causes it to map all uid/gid values into the Unix_User+/Unix_Group SID +# range +diff --git a/winsup/cygwin/fhandler/disk_file.cc b/winsup/cygwin/fhandler/disk_file.cc +index d54d3747e..92a54d9db 100644 +--- a/winsup/cygwin/fhandler/disk_file.cc ++++ b/winsup/cygwin/fhandler/disk_file.cc +@@ -239,8 +239,12 @@ fhandler_base::fstat_by_nfs_ea (struct stat *buf) + domain = cygheap->dom.get_rfc2307_domain (); + if ((ldap_open = (cldap.open (domain) == NO_ERROR))) + map_uid = cldap.remap_uid (nfs_attr->uid); +- if (map_uid == ILLEGAL_UID) +- map_uid = MAP_UNIX_TO_CYGWIN_ID (nfs_attr->uid); ++ if (map_uid == ILLEGAL_UID) { ++ if (pc.has_acls()) ++ map_uid = nfs_attr->uid; ++ else ++ map_uid = MAP_UNIX_TO_CYGWIN_ID (nfs_attr->uid); ++ } + cygheap->ugid_cache.add_uid (nfs_attr->uid, map_uid); + buf->st_uid = map_uid; + } +@@ -258,8 +262,12 @@ fhandler_base::fstat_by_nfs_ea (struct stat *buf) + domain = cygheap->dom.get_rfc2307_domain (); + if ((ldap_open || cldap.open (domain) == NO_ERROR)) + map_gid = cldap.remap_gid (nfs_attr->gid); +- if (map_gid == ILLEGAL_GID) +- map_gid = MAP_UNIX_TO_CYGWIN_ID (nfs_attr->gid); ++ if (map_gid == ILLEGAL_GID) { ++ if (pc.has_acls()) ++ map_gid = nfs_attr->gid; ++ else ++ map_gid = MAP_UNIX_TO_CYGWIN_ID (nfs_attr->gid); ++ } + cygheap->ugid_cache.add_gid (nfs_attr->gid, map_gid); + buf->st_gid = map_gid; + } -- 2.51.0

Title:

Privacy: Public Private

How long should your post be retained?

15 mins an hour a day a week a month forever

All content is user-submitted.
The administrators of this site (kpaste.net) are not responsible for their content.
Abuse reports should be emailed to us at