[PATCH v4 3/3] Respect `db_home: env` even when no uid can be determined

Mon Apr 3 13:12:07 GMT 2023

Hi Corinna,

On Mon, 3 Apr 2023, Johannes Schindelin wrote:

> On Tue, 28 Mar 2023, Corinna Vinschen wrote:
>
> > On Mar 28 10:17, Johannes Schindelin wrote:
> > > In particular when we cannot figure out a uid for the current user, we
> > > should still respect the `db_home: env` setting. Such a situation occurs
> > > for example when the domain returned by `LookupAccountSid()` is not our
> > > machine name and at the same time our machine is no domain member: In
> > > that case, we have nobody to ask for the POSIX offset necessary to come
> > > up with the uid.
> > >
> > > It is important that even in such cases, the `HOME` environment variable
> > > can be used to override the home directory, e.g. when Git for Windows is
> > > used by an account that was generated on the fly, e.g. for transient use
> > > in a cloud scenario.
> >
> > How does this kind of account look like?  I'd like to see the contants
> > of name, domain, and the SID.  Isn't that just an account closely
> > resembling Micorosft Accounts or AzureAD accounts?  Can't we somehow
> > handle them alike?
>
> [...]
>
> What I _can_ do is try to recreate the problem (the report said that this
> happens in a Kudu console of an Azure Web App, see
> https://github.com/projectkudu/kudu/wiki/Kudu-console) by creating a new
> Azure Web App and opening that console and run Cygwin within it, which is
> what I am going to do now.

So here is what is going on:

- The domain is 'IIS APPPOOL'

- The name is the name of the Azure Web App

- The sid is 'S-1-5-82-3932326390-3052311582-2886778547-4123178866-1852425102'

The program I am trying to make work as expected (i.e. to respect the
`db_home: env` line in `/etc/nsswitch.conf` in conjunction with the `HOME`
variable being set to `C:\home`) is `ssh-keygen.exe`: We want it to
default to creating the file `/cygdrive/c/home/.ssh/id_rsa`. But what it
_does_, without this patch, is to default to creating the file
`//.ssh/id_rsa` (which does not make sense because that would refer to a
file share called `id_rsa` on a server whose name is `.ssh`).

Condensed to the bare minimum reproducer, the code boils down to this:

-- snip --
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
#include <pwd.h>

int main(int argc, char **argv)
{
	uid_t uid = getuid();
	struct passwd *pw = getpwuid(uid);

	printf("uid=%u, pw_dir='%s'\n", (unsigned)uid, pw->pw_dir);

	return 0;
}
-- snap --

In the Kudu console scenario, this program prints the UID 4294967295
(which is 0xffffffff) and _without_ this patch, it prints the `pw_dir` as
being `/`, even if the `HOME` environment variable should override that
for the current user.

_With_ patch 3/3, it prints out the same `uid`, but it does print the
`pw_dir` as `/cygdrive/c/home`.

I will distill the above into a new-and-improved commit message.

Ciao,
Johannes