drew
/
acadia-newlib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
acadia-newlib/winsup
History
Johannes Schindelin e9dd5d8f25 uinfo: special-case IIS APPPOOL accounts 
The account under which Azure Web Apps run is an IIS APPOOL account that
is generated on the fly.

These are special because the virtual machines on which thes Apps run
are not domain-joined, yet the accounts are domain accounts.

To support the use case where such a Web App needs to call `ssh` (e.g.
to deploy from a Git repository that is accessible only via SSH), we do
need OpenSSH's `getpwuid (getuid ())` invocation to work.

But currently it does not. Concretely, `getuid ()` returns -1 for these
accounts, and OpenSSH fails to find the correct home directory
(_especially_ when that home directory was overridden via a `db_home:
env` line in `/etc/nsswitch.conf`).

This can be verified e.g. in a Kudu console (for details about Kudu
consoles, see https://github.com/projectkudu/kudu/wiki/Kudu-console):
the domain is `IIS APPPOOL`, the account name is the name of the Azure
Web App, the SID starts with 'S-1-5-82-`, and
`pwdgrp::fetch_account_from_windows()` runs into the code path where
"[...] the domain returned by LookupAccountSid is not our machine name,
and if our machine is no domain member, we lose.  We have nobody to ask
for the POSIX offset."

Since these IIS APPPOOL accounts are relatively similar to AzureAD
accounts in this scenario, let's imitate the latter to support also the
former.

Reported-by: David Ebbo <david.ebbo@gmail.com>
Helped-by: Corinna Vinschen <corinna@vinschen.de>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
 		2023-06-06 15:18:53 +02:00
..
CVSChangeLogs.old
cygserver Revert "sys/types.h: Don't include sys/_stdint.h" 2022-05-04 15:08:44 +02:00
cygwin uinfo: special-case IIS APPPOOL accounts 2023-06-06 15:18:53 +02:00
doc Cygwin: doc: Upate a link from gitweb to cgit 2023-05-01 11:29:15 +01:00
testsuite Cygwin: testsuite: Drop appending 'ntsec' to CYGWIN in cygrun wrapper 2023-01-13 17:03:58 +00:00
utils Cygwin: chattr: fix description of requirements for casesensitive directories 2023-04-03 22:41:07 +02:00
CONTRIBUTORS
COPYING
COPYING.LIB
CYGWIN_LICENSE
Makefile.am
Makefile.am.common
README
acinclude.m4 Cygwin: Reorganize cygwin source dir 2022-08-05 12:02:11 +02:00
autogen.sh
configure.ac Cygwin: dumper: also link with libzstd, as libbfd may require it 2023-02-14 14:37:32 +00:00

README 

THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESSED OR
IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.

Cygwin documentation is available on the net at https://cygwin.com
You might especially be interested in

https://cygwin.com/faq/faq.html#faq.programming.building-cygwin