bash /cmd disagree about owner and permissions to executable

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

bash /cmd disagree about owner and permissions to executable

Enrique Perez-Terron-2
I prefer to have a single installation of python, rather than having to
remember to install packages for various pythons.
I choose the standard windows 64-bit install of python 3.8
But today when I tried to run a script ...

> Heidi@panter ~
> $ python3 x.py
> -bash:
> /cygdrive/c/Users/Heidi/AppData/Local/Microsoft/WindowsApps/python3:
> Permission denied

Surprise!

Investigating...

> Heidi@panter ~
> $ ls -ld "$(type -p python3)"
> -rwxr-x--- 1 Unknown+User Unknown+Group 0 des 26 19:25
> /cygdrive/c/Users/Heidi/AppData/Local/Microsoft/WindowsApps/python3*
>
> Heidi@panter ~
> $ cmd /C "icacls $(cygpath -w "$(type -p python3)")"
> C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps\python3.exe
> NT-MYNDIGHET\SYSTEM:(I)(F)
>                                                                
> BUILTIN\Administratorer:(I)(F)
>                                                                
> PANTER\Heidi:(I)(F)
>                                                                
> S-1-19-512-4096:(RX,D,WDAC,WO,WA)
>
> Successfully processed 1 files; Failed processing 0 files
>
> Heidi@panter ~
> $ cmd /C "dir /q $(cygpath -w "$(type -p python3)")"
>  Volume in drive C is Acer
>  Volume Serial Number is 3A2C-1A76
>
>  Directory of C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps
>
> 26.12.2019  19.25                 0 PANTER\Heidi           python3.exe
>                1 File(s)              0 bytes
>                0 Dir(s)  155▒760▒214▒016 bytes free

Hey, what is this? Windows reports that the owner of the binary is
PANTER\Heidi, but /bin/ls reports Unknown+User?

I rebboted, unistalled python and installed the app store version of
python instead, but nothing changed.

Any suggestions?
-Thanks

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

0xD6B3CEE5.asc (3K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: bash /cmd disagree about owner and permissions to executable

Andrey Repin
Greetings, Enrique Perez-Terron!

> I prefer to have a single installation of python, rather than having to
> remember to install packages for various pythons.
> I choose the standard windows 64-bit install of python 3.8
> But today when I tried to run a script ...

>> Heidi@panter ~
>> $ python3 x.py
>> -bash:
>> /cygdrive/c/Users/Heidi/AppData/Local/Microsoft/WindowsApps/python3:
>> Permission denied

> Surprise!

> Investigating...

>> Heidi@panter ~
>> $ ls -ld "$(type -p python3)"
>> -rwxr-x--- 1 Unknown+User Unknown+Group 0 des 26 19:25
>> /cygdrive/c/Users/Heidi/AppData/Local/Microsoft/WindowsApps/python3*
>>
>> Heidi@panter ~
>> $ cmd /C "icacls $(cygpath -w "$(type -p python3)")"

No need to "cmd /c"

>> C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps\python3.exe
>> NT-MYNDIGHET\SYSTEM:(I)(F)
>>                                                                
>> BUILTIN\Administratorer:(I)(F)
>>                                                                
>> PANTER\Heidi:(I)(F)
>>                                                                
>> S-1-19-512-4096:(RX,D,WDAC,WO,WA)
>>
>> Successfully processed 1 files; Failed processing 0 files
>>
>> Heidi@panter ~
>> $ cmd /C "dir /q $(cygpath -w "$(type -p python3)")"
>>  Volume in drive C is Acer
>>  Volume Serial Number is 3A2C-1A76
>>
>>  Directory of C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps
>>
>> 26.12.2019  19.25                 0 PANTER\Heidi           python3.exe
>>                1 File(s)              0 bytes
>>                0 Dir(s)  155▒760▒214▒016 bytes free


> Hey, what is this? Windows reports that the owner of the binary is
> PANTER\Heidi, but /bin/ls reports Unknown+User?

> I rebboted, unistalled python and installed the app store version of
> python instead, but nothing changed.

> Any suggestions?

Problem reports:       http://cygwin.com/problems.html

In particular, show "mount" output and check that you don't have
/etc/{passwd,group} files


--
With best regards,
Andrey Repin
Thursday, December 26, 2019 23:57:30

Sorry for my terrible english...
--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|

Re: bash /cmd disagree about owner and permissions to executable

Lee-83
In reply to this post by Enrique Perez-Terron-2
On 12/26/19, Enrique Perez-Terron   wrote:

> I prefer to have a single installation of python, rather than having to
> remember to install packages for various pythons.
> I choose the standard windows 64-bit install of python 3.8
> But today when I tried to run a script ...
>
>> Heidi@panter ~
>> $ python3 x.py
>> -bash:
>> /cygdrive/c/Users/Heidi/AppData/Local/Microsoft/WindowsApps/python3:
>> Permission denied
>
> Surprise!
>
> Investigating...
>
>> Heidi@panter ~
>> $ ls -ld "$(type -p python3)"
>> -rwxr-x--- 1 Unknown+User Unknown+Group 0 des 26 19:25
>> /cygdrive/c/Users/Heidi/AppData/Local/Microsoft/WindowsApps/python3*
>>
>> Heidi@panter ~
>> $ cmd /C "icacls $(cygpath -w "$(type -p python3)")"
>> C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps\python3.exe
>> NT-MYNDIGHET\SYSTEM:(I)(F)
>>
>> BUILTIN\Administratorer:(I)(F)
>>
>> PANTER\Heidi:(I)(F)
>>
>> S-1-19-512-4096:(RX,D,WDAC,WO,WA)
>>
>> Successfully processed 1 files; Failed processing 0 files
>>
>> Heidi@panter ~
>> $ cmd /C "dir /q $(cygpath -w "$(type -p python3)")"
>>  Volume in drive C is Acer
>>  Volume Serial Number is 3A2C-1A76
>>
>>  Directory of C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps
>>
>> 26.12.2019  19.25                 0 PANTER\Heidi           python3.exe
>>                1 File(s)              0 bytes
>>                0 Dir(s)  155▒760▒214▒016 bytes free
>
>
> Hey, what is this? Windows reports that the owner of the binary is
> PANTER\Heidi, but /bin/ls reports Unknown+User?
>
> I rebboted, unistalled python and installed the app store version of
> python instead, but nothing changed.
>
> Any suggestions?

Take a look at
  https://cygwin.com/cygwin-ug-net/using.html#mount-table
and try changing /etc/fstab
# This is the default:
# none /cygdrive cygdrive binary,posix=0,user 0 0
none /cygdrive cygdrive binary,posix=0,user,noacl,exec 0 0

altho with cygwin saying 'Unknown+User Unknown+Group'  I don't know if
that will be enough :(

Somebody else will have to help you with
>  Windows reports that the owner of the binary is
> PANTER\Heidi, but /bin/ls reports Unknown+User?

Regards,
Lee

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|

Re: bash /cmd disagree about owner and permissions to executable

Enrique Perez-Terron-2
In reply to this post by Andrey Repin
Den 2019-12-26 22:00, skrev Andrey Repin:
> Greetings, Enrique Perez-Terron!
Thanks.
[snip]
> Problem reports:       http://cygwin.com/problems.html
See attached cygcheck.out, unaltered.

> In particular, show "mount" output and check that you don't have
> /etc/{passwd,group} files

Heidi@panter ~
$ mount
C:/cygwin64/bin on /usr/bin type ntfs (binary,auto)
C:/cygwin64/lib on /usr/lib type ntfs (binary,auto)
C:/cygwin64 on / type ntfs (binary,auto)
C: on /cygdrive/c type ntfs (binary,posix=0,user,noumount,auto)

Heidi@panter ~
$ /bin/ls -ld /etc/{passwd,group}
/bin/ls: klarte ikke å åpne '/etc/passwd': No such file or directory
/bin/ls: klarte ikke å åpne '/etc/group': No such file or directory

("klarte ikke å åpne" = "Could not open")

Looking around for other symptoms/non-symptoms

Heidi@panter ~
$ cmd /C 'dir /Q C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps'
  Volume in drive C is Acer
  Volume Serial Number is 3A2C-1A76

  Directory of C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps

26.12.2019  19.18    <DIR>          PANTER\Heidi           Backup
13.12.2019  22.52                 0 PANTER\Heidi           excel.exe
13.12.2019  14.28                 0 PANTER\Heidi          
GameBarElevatedFT_Alias.exe
26.12.2019  19.25                 0 PANTER\Heidi           idle.exe
26.12.2019  19.25                 0 PANTER\Heidi           idle3.8.exe
26.12.2019  19.25                 0 PANTER\Heidi           idle3.exe
12.11.2019  20.45    <DIR>          PANTER\Heidi          
Microsoft.MicrosoftEdge_8wekyb3d8bbwe
13.12.2019  22.52    <DIR>          PANTER\Heidi          
Microsoft.Office.Desktop_8wekyb3d8bbwe
13.12.2019  14.28    <DIR>          PANTER\Heidi          
Microsoft.XboxGamingOverlay_8wekyb3d8bbwe
12.11.2019  20.45                 0 PANTER\Heidi          
MicrosoftEdge.exe
13.12.2019  22.52                 0 PANTER\Heidi           msaccess.exe
13.12.2019  22.52                 0 PANTER\Heidi           msosync.exe
13.12.2019  22.52                 0 PANTER\Heidi           msouc.exe
13.12.2019  22.52                 0 PANTER\Heidi           msoxmled.exe
13.12.2019  22.52                 0 PANTER\Heidi           mspub.exe
13.12.2019  22.52                 0 PANTER\Heidi           outlook.exe
26.12.2019  19.25                 0 PANTER\Heidi           pip.exe
26.12.2019  19.25                 0 PANTER\Heidi           pip3.8.exe
26.12.2019  19.25                 0 PANTER\Heidi           pip3.exe
13.12.2019  22.52                 0 PANTER\Heidi           powerpnt.exe
13.12.2019  22.52                 0 PANTER\Heidi          
protocolhandler.exe
26.12.2019  19.25                 0 PANTER\Heidi           python.exe
26.12.2019  19.25                 0 PANTER\Heidi           python3.8.exe
26.12.2019  19.25                 0 PANTER\Heidi           python3.exe
26.12.2019  19.25    <DIR>          PANTER\Heidi          
PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0
26.12.2019  19.25                 0 PANTER\Heidi           pythonw.exe
26.12.2019  19.25                 0 PANTER\Heidi          
pythonw3.8.exe
26.12.2019  19.25                 0 PANTER\Heidi           pythonw3.exe
13.12.2019  22.52                 0 PANTER\Heidi           sdxhelper.exe
13.12.2019  22.52                 0 PANTER\Heidi           selfcert.exe
13.12.2019  22.52                 0 PANTER\Heidi           winword.exe
               26 File(s)              0 bytes
                5 Dir(s)  156 728 102 912 bytes free

Heidi@panter ~
$ ls -l /cygdrive/c/Users/Heidi/AppData/Local/Microsoft/WindowsApps
totalt 12K
drwx------+ 1 Heidi        Ingen         0 des 26 19:18 Backup/
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 excel.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 14:28
GameBarElevatedFT_Alias.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 idle.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 idle3.8.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 idle3.exe*
drwx------+ 1 Heidi        Ingen         0 nov 12 20:45
Microsoft.MicrosoftEdge_8wekyb3d8bbwe/
drwx------+ 1 Heidi        Ingen         0 des 13 22:52
Microsoft.Office.Desktop_8wekyb3d8bbwe/
drwx------+ 1 Heidi        Ingen         0 des 13 14:28
Microsoft.XboxGamingOverlay_8wekyb3d8bbwe/
-rwxr-x---  1 Unknown+User Unknown+Group 0 nov 12 20:45
MicrosoftEdge.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 msaccess.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 msosync.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 msouc.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 msoxmled.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 mspub.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 outlook.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 pip.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 pip3.8.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 pip3.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 powerpnt.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52
protocolhandler.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 python.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 python3.8.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 python3.exe*
drwx------+ 1 Heidi        Ingen         0 des 26 19:25
PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0/
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 pythonw.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 pythonw3.8.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 pythonw3.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 sdxhelper.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 selfcert.exe*
-rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 winword.exe*

I suspect it's Windows 10 playing some games. Are the files here some
kind of junctions/symbolic links?
Why do all the files have zero bytes?

Heidi@panter ~
$ cmd /C 'dir /A C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps'
  Volume in drive C is Acer
  Volume Serial Number is 3A2C-1A76

  Directory of C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps

26.12.2019  19.25    <DIR>          .
26.12.2019  19.25    <DIR>          ..
26.12.2019  19.18    <DIR>          Backup
13.12.2019  22.52                 0 excel.exe
13.12.2019  14.28                 0 GameBarElevatedFT_Alias.exe
26.12.2019  19.25                 0 idle.exe
26.12.2019  19.25                 0 idle3.8.exe
26.12.2019  19.25                 0 idle3.exe
12.11.2019  20.45    <DIR>          
Microsoft.MicrosoftEdge_8wekyb3d8bbwe
13.12.2019  22.52    <DIR>          
Microsoft.Office.Desktop_8wekyb3d8bbwe
13.12.2019  14.28    <DIR>          
Microsoft.XboxGamingOverlay_8wekyb3d8bbwe
12.11.2019  20.45                 0 MicrosoftEdge.exe
13.12.2019  22.52                 0 msaccess.exe
13.12.2019  22.52                 0 msosync.exe
13.12.2019  22.52                 0 msouc.exe
13.12.2019  22.52                 0 msoxmled.exe
13.12.2019  22.52                 0 mspub.exe
13.12.2019  22.52                 0 outlook.exe
26.12.2019  19.25                 0 pip.exe
26.12.2019  19.25                 0 pip3.8.exe
26.12.2019  19.25                 0 pip3.exe
13.12.2019  22.52                 0 powerpnt.exe
13.12.2019  22.52                 0 protocolhandler.exe
26.12.2019  19.25                 0 python.exe
26.12.2019  19.25                 0 python3.8.exe
26.12.2019  19.25                 0 python3.exe
26.12.2019  19.25    <DIR>          
PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0
26.12.2019  19.25                 0 pythonw.exe
26.12.2019  19.25                 0 pythonw3.8.exe
26.12.2019  19.25                 0 pythonw3.exe
13.12.2019  22.52                 0 sdxhelper.exe
13.12.2019  22.52                 0 selfcert.exe
13.12.2019  22.52                 0 winword.exe
               26 File(s)              0 bytes
                7 Dir(s)  156 728 201 216 bytes free

I'm not sure if DIR /A is reliable in this context. A different
approach:

Heidi@panter ~
$ locate python3.8.exe | xargs -d '\n' /bin/ls -l
-rwxrwx---+ 1 SYSTEM       SYSTEM        226888 des 26 19:25
'/cygdrive/c/Program
Files/WindowsApps/PythonSoftwareFoundation.Python.3.8_3.8.496.0_x64__qbz5n2kfra8p0/python3.8.exe'
-rwxr-x---  1 Unknown+User Unknown+Group      0 des 26 19:25  
/cygdrive/c/Users/Heidi/AppData/Local/Microsoft/WindowsApps/python3.8.exe
-rwxr-x---  1 Unknown+User Unknown+Group      0 des 26 19:25  
/cygdrive/c/Users/Heidi/AppData/Local/Microsoft/WindowsApps/PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0/python3.8.exe

So here is finally a file with a positive byte count.

Heidi@panter ~
$ ls -l '/cygdrive/c/Program Files/WindowsApps'
ls: klarte ikke å åpne mappa '/cygdrive/c/Program Files/WindowsApps':
Permission denied

(Could not open the folder ...)

Running mintty as Administrator, I do get...
[snip many other directories, a few owned by TrustedInstaller, most by
SYSTEM]
drwxrwx---+ 1 SYSTEM                      SYSTEM                      0
des 26 19:25
PythonSoftwareFoundation.Python.3.8_3.8.496.0_x64__qbz5n2kfra8p0/
[snip]

Yet it does not work to run python in the elevated bash.

This python was installed using Microsoft Store. I will probably have to
revert to the regular download from python.org
However, it remains interesting that I can run this python from an
un-elevated cmd, not from mintty/bash, not even if elevated.

Update: I tried this in an elevated mintty/bash:

Heidi@panter ~
$ fsutil.exe reparsepoint query
'C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps\python3.exe'
Reparse Tag Value : 0x8000001b
Tag value: Microsoft

Reparse Data Length: 0x000001b6
Reparse Data:
0000:  03 00 00 00 50 00 79 00  74 00 68 00 6f 00 6e 00  
....P.y.t.h.o.n.
0010:  53 00 6f 00 66 00 74 00  77 00 61 00 72 00 65 00  
S.o.f.t.w.a.r.e.
0020:  46 00 6f 00 75 00 6e 00  64 00 61 00 74 00 69 00  
F.o.u.n.d.a.t.i.
0030:  6f 00 6e 00 2e 00 50 00  79 00 74 00 68 00 6f 00  
o.n...P.y.t.h.o.
0040:  6e 00 2e 00 33 00 2e 00  38 00 5f 00 71 00 62 00  
n...3...8._.q.b.
0050:  7a 00 35 00 6e 00 32 00  6b 00 66 00 72 00 61 00  
z.5.n.2.k.f.r.a.
0060:  38 00 70 00 30 00 00 00  50 00 79 00 74 00 68 00  
8.p.0...P.y.t.h.
0070:  6f 00 6e 00 53 00 6f 00  66 00 74 00 77 00 61 00  
o.n.S.o.f.t.w.a.
0080:  72 00 65 00 46 00 6f 00  75 00 6e 00 64 00 61 00  
r.e.F.o.u.n.d.a.
0090:  74 00 69 00 6f 00 6e 00  2e 00 50 00 79 00 74 00  
t.i.o.n...P.y.t.
00a0:  68 00 6f 00 6e 00 2e 00  33 00 2e 00 38 00 5f 00  
h.o.n...3...8._.
00b0:  71 00 62 00 7a 00 35 00  6e 00 32 00 6b 00 66 00  
q.b.z.5.n.2.k.f.
00c0:  72 00 61 00 38 00 70 00  30 00 21 00 50 00 79 00  
r.a.8.p.0.!.P.y.
00d0:  74 00 68 00 6f 00 6e 00  00 00 43 00 3a 00 5c 00  
t.h.o.n...C.:.\.
00e0:  50 00 72 00 6f 00 67 00  72 00 61 00 6d 00 20 00  P.r.o.g.r.a.m.
.
00f0:  46 00 69 00 6c 00 65 00  73 00 5c 00 57 00 69 00  
F.i.l.e.s.\.W.i.
0100:  6e 00 64 00 6f 00 77 00  73 00 41 00 70 00 70 00  
n.d.o.w.s.A.p.p.
0110:  73 00 5c 00 50 00 79 00  74 00 68 00 6f 00 6e 00  
s.\.P.y.t.h.o.n.
0120:  53 00 6f 00 66 00 74 00  77 00 61 00 72 00 65 00  
S.o.f.t.w.a.r.e.
0130:  46 00 6f 00 75 00 6e 00  64 00 61 00 74 00 69 00  
F.o.u.n.d.a.t.i.
0140:  6f 00 6e 00 2e 00 50 00  79 00 74 00 68 00 6f 00  
o.n...P.y.t.h.o.
0150:  6e 00 2e 00 33 00 2e 00  38 00 5f 00 33 00 2e 00  
n...3...8._.3...
0160:  38 00 2e 00 34 00 39 00  36 00 2e 00 30 00 5f 00  
8...4.9.6...0._.
0170:  78 00 36 00 34 00 5f 00  5f 00 71 00 62 00 7a 00  
x.6.4._._.q.b.z.
0180:  35 00 6e 00 32 00 6b 00  66 00 72 00 61 00 38 00  
5.n.2.k.f.r.a.8.
0190:  70 00 30 00 5c 00 70 00  79 00 74 00 68 00 6f 00  
p.0.\.p.y.t.h.o.
01a0:  6e 00 33 00 2e 00 38 00  2e 00 65 00 78 00 65 00  
n.3...8...e.x.e.
01b0:  00 00 30 00 00 00                                 ..0...

I downloaded junction.exe from sysinternals, but...

Heidi@panter ~
$ junction
'C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps\python3.exe'

Junction v1.07 - Creates and lists directory links
Copyright (C) 2005-2016 Mark Russinovich
Sysinternals - www.sysinternals.com

C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps\python3.exe: UNKNOWN
MICROSOFT REPARSE POINT

So I did a quick perl hack:

$ fsutil.exe reparsepoint query
'C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps\python3.exe' | perl
-ne '/^\d/ || next; for(/\b([0-9a-f]{2})\b/g) {print chr(hex($_)) if
hex($_)>31;}'
PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0!PythonC:\Program
Files\WindowsApps\PythonSoftwareFoundation.Python.3.8_3.8.496.0_x64__qbz5n2kfra8p0\python3.8.exe0

Greetings from
Enrique Perez-Terron

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

cygcheck.out (59K) Download Attachment
0xD6B3CEE5.asc (3K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: bash /cmd disagree about owner and permissions to executable

Brian Inglis
On 2019-12-29 10:24, Enrique Perez-Terron wrote:

> Den 2019-12-26 22:00, skrev Andrey Repin:
>> Greetings, Enrique Perez-Terron!
> Thanks.
> [snip]
>> Problem reports:       http://cygwin.com/problems.html
> See attached cygcheck.out, unaltered.
>
>> In particular, show "mount" output and check that you don't have
>> /etc/{passwd,group} files
>
> Heidi@panter ~
> $ mount
> C:/cygwin64/bin on /usr/bin type ntfs (binary,auto)
> C:/cygwin64/lib on /usr/lib type ntfs (binary,auto)
> C:/cygwin64 on / type ntfs (binary,auto)
> C: on /cygdrive/c type ntfs (binary,posix=0,user,noumount,auto)
>
> Heidi@panter ~
> $ /bin/ls -ld /etc/{passwd,group}
> /bin/ls: klarte ikke å åpne '/etc/passwd': No such file or directory
> /bin/ls: klarte ikke å åpne '/etc/group': No such file or directory
>
> ("klarte ikke å åpne" = "Could not open")
>
> Looking around for other symptoms/non-symptoms
>
> Heidi@panter ~
> $ cmd /C 'dir /Q C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps'
>  Volume in drive C is Acer
>  Volume Serial Number is 3A2C-1A76
>
>  Directory of C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps
>
> 26.12.2019  19.18    <DIR>          PANTER\Heidi           Backup
> 13.12.2019  22.52                 0 PANTER\Heidi           excel.exe
> 13.12.2019  14.28                 0 PANTER\Heidi          
> GameBarElevatedFT_Alias.exe
> 26.12.2019  19.25                 0 PANTER\Heidi           idle.exe
> 26.12.2019  19.25                 0 PANTER\Heidi           idle3.8.exe
> 26.12.2019  19.25                 0 PANTER\Heidi           idle3.exe
> 12.11.2019  20.45    <DIR>          PANTER\Heidi          
> Microsoft.MicrosoftEdge_8wekyb3d8bbwe
> 13.12.2019  22.52    <DIR>          PANTER\Heidi          
> Microsoft.Office.Desktop_8wekyb3d8bbwe
> 13.12.2019  14.28    <DIR>          PANTER\Heidi          
> Microsoft.XboxGamingOverlay_8wekyb3d8bbwe
> 12.11.2019  20.45                 0 PANTER\Heidi           MicrosoftEdge.exe
> 13.12.2019  22.52                 0 PANTER\Heidi           msaccess.exe
> 13.12.2019  22.52                 0 PANTER\Heidi           msosync.exe
> 13.12.2019  22.52                 0 PANTER\Heidi           msouc.exe
> 13.12.2019  22.52                 0 PANTER\Heidi           msoxmled.exe
> 13.12.2019  22.52                 0 PANTER\Heidi           mspub.exe
> 13.12.2019  22.52                 0 PANTER\Heidi           outlook.exe
> 26.12.2019  19.25                 0 PANTER\Heidi           pip.exe
> 26.12.2019  19.25                 0 PANTER\Heidi           pip3.8.exe
> 26.12.2019  19.25                 0 PANTER\Heidi           pip3.exe
> 13.12.2019  22.52                 0 PANTER\Heidi           powerpnt.exe
> 13.12.2019  22.52                 0 PANTER\Heidi           protocolhandler.exe
> 26.12.2019  19.25                 0 PANTER\Heidi           python.exe
> 26.12.2019  19.25                 0 PANTER\Heidi           python3.8.exe
> 26.12.2019  19.25                 0 PANTER\Heidi           python3.exe
> 26.12.2019  19.25    <DIR>          PANTER\Heidi          
> PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0
> 26.12.2019  19.25                 0 PANTER\Heidi           pythonw.exe
> 26.12.2019  19.25                 0 PANTER\Heidi           pythonw3.8.exe
> 26.12.2019  19.25                 0 PANTER\Heidi           pythonw3.exe
> 13.12.2019  22.52                 0 PANTER\Heidi           sdxhelper.exe
> 13.12.2019  22.52                 0 PANTER\Heidi           selfcert.exe
> 13.12.2019  22.52                 0 PANTER\Heidi           winword.exe
>               26 File(s)              0 bytes
>                5 Dir(s)  156 728 102 912 bytes free
>
> Heidi@panter ~
> $ ls -l /cygdrive/c/Users/Heidi/AppData/Local/Microsoft/WindowsApps
> totalt 12K
> drwx------+ 1 Heidi        Ingen         0 des 26 19:18 Backup/
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 excel.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 14:28
> GameBarElevatedFT_Alias.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 idle.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 idle3.8.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 idle3.exe*
> drwx------+ 1 Heidi        Ingen         0 nov 12 20:45
> Microsoft.MicrosoftEdge_8wekyb3d8bbwe/
> drwx------+ 1 Heidi        Ingen         0 des 13 22:52
> Microsoft.Office.Desktop_8wekyb3d8bbwe/
> drwx------+ 1 Heidi        Ingen         0 des 13 14:28
> Microsoft.XboxGamingOverlay_8wekyb3d8bbwe/
> -rwxr-x---  1 Unknown+User Unknown+Group 0 nov 12 20:45 MicrosoftEdge.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 msaccess.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 msosync.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 msouc.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 msoxmled.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 mspub.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 outlook.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 pip.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 pip3.8.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 pip3.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 powerpnt.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 protocolhandler.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 python.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 python3.8.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 python3.exe*
> drwx------+ 1 Heidi        Ingen         0 des 26 19:25
> PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0/
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 pythonw.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 pythonw3.8.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 26 19:25 pythonw3.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 sdxhelper.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 selfcert.exe*
> -rwxr-x---  1 Unknown+User Unknown+Group 0 des 13 22:52 winword.exe*
>
> I suspect it's Windows 10 playing some games. Are the files here some kind of
> junctions/symbolic links?
> Why do all the files have zero bytes?
>
> Heidi@panter ~
> $ cmd /C 'dir /A C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps'
>  Volume in drive C is Acer
>  Volume Serial Number is 3A2C-1A76
>
>  Directory of C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps
>
> 26.12.2019  19.25    <DIR>          .
> 26.12.2019  19.25    <DIR>          ..
> 26.12.2019  19.18    <DIR>          Backup
> 13.12.2019  22.52                 0 excel.exe
> 13.12.2019  14.28                 0 GameBarElevatedFT_Alias.exe
> 26.12.2019  19.25                 0 idle.exe
> 26.12.2019  19.25                 0 idle3.8.exe
> 26.12.2019  19.25                 0 idle3.exe
> 12.11.2019  20.45    <DIR>          Microsoft.MicrosoftEdge_8wekyb3d8bbwe
> 13.12.2019  22.52    <DIR>          Microsoft.Office.Desktop_8wekyb3d8bbwe
> 13.12.2019  14.28    <DIR>          Microsoft.XboxGamingOverlay_8wekyb3d8bbwe
> 12.11.2019  20.45                 0 MicrosoftEdge.exe
> 13.12.2019  22.52                 0 msaccess.exe
> 13.12.2019  22.52                 0 msosync.exe
> 13.12.2019  22.52                 0 msouc.exe
> 13.12.2019  22.52                 0 msoxmled.exe
> 13.12.2019  22.52                 0 mspub.exe
> 13.12.2019  22.52                 0 outlook.exe
> 26.12.2019  19.25                 0 pip.exe
> 26.12.2019  19.25                 0 pip3.8.exe
> 26.12.2019  19.25                 0 pip3.exe
> 13.12.2019  22.52                 0 powerpnt.exe
> 13.12.2019  22.52                 0 protocolhandler.exe
> 26.12.2019  19.25                 0 python.exe
> 26.12.2019  19.25                 0 python3.8.exe
> 26.12.2019  19.25                 0 python3.exe
> 26.12.2019  19.25    <DIR>         
> PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0
> 26.12.2019  19.25                 0 pythonw.exe
> 26.12.2019  19.25                 0 pythonw3.8.exe
> 26.12.2019  19.25                 0 pythonw3.exe
> 13.12.2019  22.52                 0 sdxhelper.exe
> 13.12.2019  22.52                 0 selfcert.exe
> 13.12.2019  22.52                 0 winword.exe
>               26 File(s)              0 bytes
>                7 Dir(s)  156 728 201 216 bytes free
>
> I'm not sure if DIR /A is reliable in this context. A different approach:
>
> Heidi@panter ~
> $ locate python3.8.exe | xargs -d '\n' /bin/ls -l
> -rwxrwx---+ 1 SYSTEM       SYSTEM        226888 des 26 19:25
> '/cygdrive/c/Program
> Files/WindowsApps/PythonSoftwareFoundation.Python.3.8_3.8.496.0_x64__qbz5n2kfra8p0/python3.8.exe'
>
> -rwxr-x---  1 Unknown+User Unknown+Group      0 des 26 19:25 
> /cygdrive/c/Users/Heidi/AppData/Local/Microsoft/WindowsApps/python3.8.exe
> -rwxr-x---  1 Unknown+User Unknown+Group      0 des 26 19:25 
> /cygdrive/c/Users/Heidi/AppData/Local/Microsoft/WindowsApps/PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0/python3.8.exe
>
>
> So here is finally a file with a positive byte count.
>
> Heidi@panter ~
> $ ls -l '/cygdrive/c/Program Files/WindowsApps'
> ls: klarte ikke å åpne mappa '/cygdrive/c/Program Files/WindowsApps': Permission
> denied
>
> (Could not open the folder ...)
>
> Running mintty as Administrator, I do get...
> [snip many other directories, a few owned by TrustedInstaller, most by SYSTEM]
> drwxrwx---+ 1 SYSTEM                      SYSTEM                      0 des 26
> 19:25 PythonSoftwareFoundation.Python.3.8_3.8.496.0_x64__qbz5n2kfra8p0/
> [snip]
>
> Yet it does not work to run python in the elevated bash.
>
> This python was installed using Microsoft Store. I will probably have to revert
> to the regular download from python.org
> However, it remains interesting that I can run this python from an un-elevated
> cmd, not from mintty/bash, not even if elevated.
>
> Update: I tried this in an elevated mintty/bash:
>
> Heidi@panter ~
> $ fsutil.exe reparsepoint query
> 'C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps\python3.exe'
> Reparse Tag Value : 0x8000001b
> Tag value: Microsoft
>
> Reparse Data Length: 0x000001b6
> Reparse Data:
> 0000:  03 00 00 00 50 00 79 00  74 00 68 00 6f 00 6e 00  ....P.y.t.h.o.n.
> 0010:  53 00 6f 00 66 00 74 00  77 00 61 00 72 00 65 00  S.o.f.t.w.a.r.e.
> 0020:  46 00 6f 00 75 00 6e 00  64 00 61 00 74 00 69 00  F.o.u.n.d.a.t.i.
> 0030:  6f 00 6e 00 2e 00 50 00  79 00 74 00 68 00 6f 00  o.n...P.y.t.h.o.
> 0040:  6e 00 2e 00 33 00 2e 00  38 00 5f 00 71 00 62 00  n...3...8._.q.b.
> 0050:  7a 00 35 00 6e 00 32 00  6b 00 66 00 72 00 61 00  z.5.n.2.k.f.r.a.
> 0060:  38 00 70 00 30 00 00 00  50 00 79 00 74 00 68 00  8.p.0...P.y.t.h.
> 0070:  6f 00 6e 00 53 00 6f 00  66 00 74 00 77 00 61 00  o.n.S.o.f.t.w.a.
> 0080:  72 00 65 00 46 00 6f 00  75 00 6e 00 64 00 61 00  r.e.F.o.u.n.d.a.
> 0090:  74 00 69 00 6f 00 6e 00  2e 00 50 00 79 00 74 00  t.i.o.n...P.y.t.
> 00a0:  68 00 6f 00 6e 00 2e 00  33 00 2e 00 38 00 5f 00  h.o.n...3...8._.
> 00b0:  71 00 62 00 7a 00 35 00  6e 00 32 00 6b 00 66 00  q.b.z.5.n.2.k.f.
> 00c0:  72 00 61 00 38 00 70 00  30 00 21 00 50 00 79 00  r.a.8.p.0.!.P.y.
> 00d0:  74 00 68 00 6f 00 6e 00  00 00 43 00 3a 00 5c 00  t.h.o.n...C.:.\.
> 00e0:  50 00 72 00 6f 00 67 00  72 00 61 00 6d 00 20 00  P.r.o.g.r.a.m. .
> 00f0:  46 00 69 00 6c 00 65 00  73 00 5c 00 57 00 69 00  F.i.l.e.s.\.W.i.
> 0100:  6e 00 64 00 6f 00 77 00  73 00 41 00 70 00 70 00  n.d.o.w.s.A.p.p.
> 0110:  73 00 5c 00 50 00 79 00  74 00 68 00 6f 00 6e 00  s.\.P.y.t.h.o.n.
> 0120:  53 00 6f 00 66 00 74 00  77 00 61 00 72 00 65 00  S.o.f.t.w.a.r.e.
> 0130:  46 00 6f 00 75 00 6e 00  64 00 61 00 74 00 69 00  F.o.u.n.d.a.t.i.
> 0140:  6f 00 6e 00 2e 00 50 00  79 00 74 00 68 00 6f 00  o.n...P.y.t.h.o.
> 0150:  6e 00 2e 00 33 00 2e 00  38 00 5f 00 33 00 2e 00  n...3...8._.3...
> 0160:  38 00 2e 00 34 00 39 00  36 00 2e 00 30 00 5f 00  8...4.9.6...0._.
> 0170:  78 00 36 00 34 00 5f 00  5f 00 71 00 62 00 7a 00  x.6.4._._.q.b.z.
> 0180:  35 00 6e 00 32 00 6b 00  66 00 72 00 61 00 38 00  5.n.2.k.f.r.a.8.
> 0190:  70 00 30 00 5c 00 70 00  79 00 74 00 68 00 6f 00  p.0.\.p.y.t.h.o.
> 01a0:  6e 00 33 00 2e 00 38 00  2e 00 65 00 78 00 65 00  n.3...8...e.x.e.
> 01b0:  00 00 30 00 00 00                                 ..0...
>
> I downloaded junction.exe from sysinternals, but...
>
> Heidi@panter ~
> $ junction 'C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps\python3.exe'
>
> Junction v1.07 - Creates and lists directory links
> Copyright (C) 2005-2016 Mark Russinovich
> Sysinternals - www.sysinternals.com
>
> C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps\python3.exe: UNKNOWN
> MICROSOFT REPARSE POINT
>
> So I did a quick perl hack:
>
> $ fsutil.exe reparsepoint query
> 'C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps\python3.exe' | perl -ne
> '/^\d/ || next; for(/\b([0-9a-f]{2})\b/g) {print chr(hex($_)) if hex($_)>31;}'
> PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0PythonSoftwareFoundation.Python.3.8_qbz5n2kfra8p0!PythonC:\Program
> Files\WindowsApps\PythonSoftwareFoundation.Python.3.8_3.8.496.0_x64__qbz5n2kfra8p0\python3.8.exe0
https://stackoverflow.com/questions/58296925/what-is-zero-byte-executable-files-in-windows#comment102978067_58296925

"This is a special type of app-execution reparse point that's used to set up the
security context for running a UWP app. CreateProcessW reparses this internally
in order to allow individual users to run a particular app."

$ for exe in AppData/Local/Microsoft/WindowsApps/*.exe; do
        e=${exe##*/}
        [ \! -s $exe ] && echo $'\n'$e && \
        fsutil reparsepoint query 'AppData\Local\Microsoft\WindowsApps\'$e
done

debian.exe
Reparse Tag Value : 0x8000001b
Tag value: Microsoft

Reparse Data Length: 0x00000194
Reparse Data:
0000:  03 00 00 00 54 00 68 00  65 00 44 00 65 00 62 00  ....T.h.e.D.e.b.
0010:  69 00 61 00 6e 00 50 00  72 00 6f 00 6a 00 65 00  i.a.n.P.r.o.j.e.
0020:  63 00 74 00 2e 00 44 00  65 00 62 00 69 00 61 00  c.t...D.e.b.i.a.
0030:  6e 00 47 00 4e 00 55 00  4c 00 69 00 6e 00 75 00  n.G.N.U.L.i.n.u.
0040:  78 00 5f 00 37 00 36 00  76 00 34 00 67 00 66 00  x._.7.6.v.4.g.f.
0050:  73 00 7a 00 31 00 39 00  68 00 76 00 34 00 00 00  s.z.1.9.h.v.4...
0060:  54 00 68 00 65 00 44 00  65 00 62 00 69 00 61 00  T.h.e.D.e.b.i.a.
0070:  6e 00 50 00 72 00 6f 00  6a 00 65 00 63 00 74 00  n.P.r.o.j.e.c.t.
0080:  2e 00 44 00 65 00 62 00  69 00 61 00 6e 00 47 00  ..D.e.b.i.a.n.G.
0090:  4e 00 55 00 4c 00 69 00  6e 00 75 00 78 00 5f 00  N.U.L.i.n.u.x._.
00a0:  37 00 36 00 76 00 34 00  67 00 66 00 73 00 7a 00  7.6.v.4.g.f.s.z.
00b0:  31 00 39 00 68 00 76 00  34 00 21 00 64 00 65 00  1.9.h.v.4.!.d.e.
00c0:  62 00 69 00 61 00 6e 00  00 00 43 00 3a 00 5c 00  b.i.a.n...C.:.\.
00d0:  50 00 72 00 6f 00 67 00  72 00 61 00 6d 00 20 00  P.r.o.g.r.a.m. .
00e0:  46 00 69 00 6c 00 65 00  73 00 5c 00 57 00 69 00  F.i.l.e.s.\.W.i.
00f0:  6e 00 64 00 6f 00 77 00  73 00 41 00 70 00 70 00  n.d.o.w.s.A.p.p.
0100:  73 00 5c 00 54 00 68 00  65 00 44 00 65 00 62 00  s.\.T.h.e.D.e.b.
0110:  69 00 61 00 6e 00 50 00  72 00 6f 00 6a 00 65 00  i.a.n.P.r.o.j.e.
0120:  63 00 74 00 2e 00 44 00  65 00 62 00 69 00 61 00  c.t...D.e.b.i.a.
0130:  6e 00 47 00 4e 00 55 00  4c 00 69 00 6e 00 75 00  n.G.N.U.L.i.n.u.
0140:  78 00 5f 00 31 00 2e 00  31 00 2e 00 37 00 2e 00  x._.1...1...7...
0150:  30 00 5f 00 78 00 36 00  34 00 5f 00 5f 00 37 00  0._.x.6.4._._.7.
0160:  36 00 76 00 34 00 67 00  66 00 73 00 7a 00 31 00  6.v.4.g.f.s.z.1.
0170:  39 00 68 00 76 00 34 00  5c 00 64 00 65 00 62 00  9.h.v.4.\.d.e.b.
0180:  69 00 61 00 6e 00 2e 00  65 00 78 00 65 00 00 00  i.a.n...e.x.e...
0190:  30 00 00 00                                       0...

fedoraremix.exe
Reparse Tag Value : 0x8000001b
Tag value: Microsoft

Reparse Data Length: 0x000001d6
Reparse Data:
0000:  03 00 00 00 57 00 68 00  69 00 74 00 65 00 77 00  ....W.h.i.t.e.w.
0010:  61 00 74 00 65 00 72 00  46 00 6f 00 75 00 6e 00  a.t.e.r.F.o.u.n.
0020:  64 00 72 00 79 00 4c 00  74 00 64 00 2e 00 43 00  d.r.y.L.t.d...C.
0030:  6f 00 2e 00 46 00 65 00  64 00 6f 00 72 00 61 00  o...F.e.d.o.r.a.
0040:  52 00 65 00 6d 00 69 00  78 00 66 00 6f 00 72 00  R.e.m.i.x.f.o.r.
0050:  57 00 53 00 4c 00 5f 00  73 00 35 00 66 00 64 00  W.S.L._.s.5.f.d.
0060:  38 00 6e 00 34 00 39 00  6d 00 79 00 71 00 68 00  8.n.4.9.m.y.q.h.
0070:  6d 00 00 00 57 00 68 00  69 00 74 00 65 00 77 00  m...W.h.i.t.e.w.
0080:  61 00 74 00 65 00 72 00  46 00 6f 00 75 00 6e 00  a.t.e.r.F.o.u.n.
0090:  64 00 72 00 79 00 4c 00  74 00 64 00 2e 00 43 00  d.r.y.L.t.d...C.
00a0:  6f 00 2e 00 46 00 65 00  64 00 6f 00 72 00 61 00  o...F.e.d.o.r.a.
00b0:  52 00 65 00 6d 00 69 00  78 00 66 00 6f 00 72 00  R.e.m.i.x.f.o.r.
00c0:  57 00 53 00 4c 00 5f 00  73 00 35 00 66 00 64 00  W.S.L._.s.5.f.d.
00d0:  38 00 6e 00 34 00 39 00  6d 00 79 00 71 00 68 00  8.n.4.9.m.y.q.h.
00e0:  6d 00 21 00 57 00 4c 00  45 00 00 00 43 00 3a 00  m.!.W.L.E...C.:.
00f0:  5c 00 50 00 72 00 6f 00  67 00 72 00 61 00 6d 00  \.P.r.o.g.r.a.m.
0100:  20 00 46 00 69 00 6c 00  65 00 73 00 5c 00 57 00   .F.i.l.e.s.\.W.
0110:  69 00 6e 00 64 00 6f 00  77 00 73 00 41 00 70 00  i.n.d.o.w.s.A.p.
0120:  70 00 73 00 5c 00 57 00  68 00 69 00 74 00 65 00  p.s.\.W.h.i.t.e.
0130:  77 00 61 00 74 00 65 00  72 00 46 00 6f 00 75 00  w.a.t.e.r.F.o.u.
0140:  6e 00 64 00 72 00 79 00  4c 00 74 00 64 00 2e 00  n.d.r.y.L.t.d...
0150:  43 00 6f 00 2e 00 46 00  65 00 64 00 6f 00 72 00  C.o...F.e.d.o.r.
0160:  61 00 52 00 65 00 6d 00  69 00 78 00 66 00 6f 00  a.R.e.m.i.x.f.o.
0170:  72 00 57 00 53 00 4c 00  5f 00 31 00 2e 00 33 00  r.W.S.L._.1...3.
0180:  30 00 2e 00 31 00 2e 00  30 00 5f 00 78 00 36 00  0...1...0._.x.6.
0190:  34 00 5f 00 5f 00 73 00  35 00 66 00 64 00 38 00  4._._.s.5.f.d.8.
01a0:  6e 00 34 00 39 00 6d 00  79 00 71 00 68 00 6d 00  n.4.9.m.y.q.h.m.
01b0:  5c 00 66 00 65 00 64 00  6f 00 72 00 61 00 72 00  \.f.e.d.o.r.a.r.
01c0:  65 00 6d 00 69 00 78 00  2e 00 65 00 78 00 65 00  e.m.i.x...e.x.e.
01d0:  00 00 30 00 00 00                                 ..0...

GameBarElevatedFT_Alias.exe
Reparse Tag Value : 0x8000001b
Tag value: Microsoft

Reparse Data Length: 0x00000194
Reparse Data:
0000:  03 00 00 00 4d 00 69 00  63 00 72 00 6f 00 73 00  ....M.i.c.r.o.s.
0010:  6f 00 66 00 74 00 2e 00  58 00 62 00 6f 00 78 00  o.f.t...X.b.o.x.
0020:  47 00 61 00 6d 00 69 00  6e 00 67 00 4f 00 76 00  G.a.m.i.n.g.O.v.
0030:  65 00 72 00 6c 00 61 00  79 00 5f 00 38 00 77 00  e.r.l.a.y._.8.w.
0040:  65 00 6b 00 79 00 62 00  33 00 64 00 38 00 62 00  e.k.y.b.3.d.8.b.
0050:  62 00 77 00 65 00 00 00  4d 00 69 00 63 00 72 00  b.w.e...M.i.c.r.
0060:  6f 00 73 00 6f 00 66 00  74 00 2e 00 58 00 62 00  o.s.o.f.t...X.b.
0070:  6f 00 78 00 47 00 61 00  6d 00 69 00 6e 00 67 00  o.x.G.a.m.i.n.g.
0080:  4f 00 76 00 65 00 72 00  6c 00 61 00 79 00 5f 00  O.v.e.r.l.a.y._.
0090:  38 00 77 00 65 00 6b 00  79 00 62 00 33 00 64 00  8.w.e.k.y.b.3.d.
00a0:  38 00 62 00 62 00 77 00  65 00 21 00 41 00 70 00  8.b.b.w.e.!.A.p.
00b0:  70 00 00 00 43 00 3a 00  5c 00 50 00 72 00 6f 00  p...C.:.\.P.r.o.
00c0:  67 00 72 00 61 00 6d 00  20 00 46 00 69 00 6c 00  g.r.a.m. .F.i.l.
00d0:  65 00 73 00 5c 00 57 00  69 00 6e 00 64 00 6f 00  e.s.\.W.i.n.d.o.
00e0:  77 00 73 00 41 00 70 00  70 00 73 00 5c 00 4d 00  w.s.A.p.p.s.\.M.
00f0:  69 00 63 00 72 00 6f 00  73 00 6f 00 66 00 74 00  i.c.r.o.s.o.f.t.
0100:  2e 00 58 00 62 00 6f 00  78 00 47 00 61 00 6d 00  ..X.b.o.x.G.a.m.
0110:  69 00 6e 00 67 00 4f 00  76 00 65 00 72 00 6c 00  i.n.g.O.v.e.r.l.
0120:  61 00 79 00 5f 00 33 00  2e 00 33 00 36 00 2e 00  a.y._.3...3.6...
0130:  36 00 30 00 30 00 33 00  2e 00 30 00 5f 00 78 00  6.0.0.3...0._.x.
0140:  36 00 34 00 5f 00 5f 00  38 00 77 00 65 00 6b 00  6.4._._.8.w.e.k.
0150:  79 00 62 00 33 00 64 00  38 00 62 00 62 00 77 00  y.b.3.d.8.b.b.w.
0160:  65 00 5c 00 47 00 61 00  6d 00 65 00 42 00 61 00  e.\.G.a.m.e.B.a.
0170:  72 00 45 00 6c 00 65 00  76 00 61 00 74 00 65 00  r.E.l.e.v.a.t.e.
0180:  64 00 46 00 54 00 2e 00  65 00 78 00 65 00 00 00  d.F.T...e.x.e...
0190:  30 00 00 00                                       0...

MicrosoftEdge.exe
Reparse Tag Value : 0x8000001b
Tag value: Microsoft

Reparse Data Length: 0x00000110
Reparse Data:
0000:  03 00 00 00 4d 00 69 00  63 00 72 00 6f 00 73 00  ....M.i.c.r.o.s.
0010:  6f 00 66 00 74 00 2e 00  4d 00 69 00 63 00 72 00  o.f.t...M.i.c.r.
0020:  6f 00 73 00 6f 00 66 00  74 00 45 00 64 00 67 00  o.s.o.f.t.E.d.g.
0030:  65 00 5f 00 38 00 77 00  65 00 6b 00 79 00 62 00  e._.8.w.e.k.y.b.
0040:  33 00 64 00 38 00 62 00  62 00 77 00 65 00 00 00  3.d.8.b.b.w.e...
0050:  4d 00 69 00 63 00 72 00  6f 00 73 00 6f 00 66 00  M.i.c.r.o.s.o.f.
0060:  74 00 2e 00 4d 00 69 00  63 00 72 00 6f 00 73 00  t...M.i.c.r.o.s.
0070:  6f 00 66 00 74 00 45 00  64 00 67 00 65 00 5f 00  o.f.t.E.d.g.e._.
0080:  38 00 77 00 65 00 6b 00  79 00 62 00 33 00 64 00  8.w.e.k.y.b.3.d.
0090:  38 00 62 00 62 00 77 00  65 00 21 00 4d 00 69 00  8.b.b.w.e.!.M.i.
00a0:  63 00 72 00 6f 00 73 00  6f 00 66 00 74 00 45 00  c.r.o.s.o.f.t.E.
00b0:  64 00 67 00 65 00 00 00  43 00 3a 00 5c 00 57 00  d.g.e...C.:.\.W.
00c0:  69 00 6e 00 64 00 6f 00  77 00 73 00 5c 00 53 00  i.n.d.o.w.s.\.S.
00d0:  79 00 73 00 74 00 65 00  6d 00 33 00 32 00 5c 00  y.s.t.e.m.3.2.\.
00e0:  53 00 79 00 73 00 74 00  65 00 6d 00 55 00 57 00  S.y.s.t.e.m.U.W.
00f0:  50 00 4c 00 61 00 75 00  6e 00 63 00 68 00 65 00  P.L.a.u.n.c.h.e.
0100:  72 00 2e 00 65 00 78 00  65 00 00 00 31 00 00 00  r...e.x.e...1...

--
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Reply | Threaded
Open this post in threaded view
|

Re: bash /cmd disagree about owner and permissions to executable

Ubuntu
To recap, after removing excessive terminal output documentation in earlier mails:

> I installed python3.8 from the "Microsoft Store".
> Then I could run "python3 myscript.py" in a 'cmd' terminal but not in a mintty/bash terminal.
> The bash terminal gave "permission denied".
>
> Investigating, I found that the PATH variable pointed to a python3.exe in the directory
> C:\Users\Heidi\AppData\Local\Microsoft\WindowsApps.
>
> Using /bin/ls or using "cmd /c dir /q" would display different owners:
>
> > ls:  -rwxr-x--- 1 Unknown+User Unknown+Group 0 des 26 19:25     python3.exe
> > cmd: 26.12.2019  19.25                 0 PANTER\Heidi           python3.exe
>
> Noting the byte count of zero, I found the file is a reparse point of some "unknown Microsoft" type pointing to
>
> > C:\Program Files\WindowsApps\<very long folder name>\python3.8.exe
>
> (The reparse point type was "unknown" as per Mark Russnivitch's fsutil.exe of 2005.)
>
> The permissions on "Program Files\WindowsApps" are quite restricted indeed.




On Mon, Dec 30, 2019 at 01:35:53PM -0700, Brian Inglis wrote:
> https://stackoverflow.com/questions/58296925/what-is-zero-byte-executable-files-in-windows#comment102978067_58296925
>
> "This is a special type of app-execution reparse point that's used to set up the
> security context for running a UWP app. CreateProcessW reparses this internally
> in order to allow individual users to run a particular app."

Very interesting indeed.

But one important question remains: Why do we get "Permission Denied" when
running from bash, not when running from cmd?

Some derived questions:

Doesn't bash call CreateProcessW?

Should it?

If "CreateProcessW reparses this internally in order to allow individual
users to run a particular app", how does CreateProcessW do that?

What does it base its decisions on?

Has Microsoft implemented a new, competing security system?

Where does the new security system store the permissions?

Are we going to see more and more Windows program becoming
unavailable to Cygwin?

Does cygwin need to reverse engineer this new security system?

Besides I notice that I can do "cygstart myscript.py", and the program runs.
However, it runs in a cmd window that disappears immediately upon termination.


Regards,
Enrique Perez-Terron

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple