Comments (7)
gerardog
commented on June 10, 2024
1
Hi, I'm busy these days with work and life, I'll try to make some progress with limited resources...
gsudo cache typically identifies the invoker process as the cache process root, allowing this caller process to elevate again, and also terminating the cache when this process ends.
MSYS2 has a behavior that confuses gsudo. When you run a windows console app from MSYS, it starts an intermediate/wrapper process. gsudo should identify the wrapper and select not the parent but the grandfather process as the cache root process. This part is failing. This is evident since each screenshot you pasted of gsudo --debug has a different 'Caller PID:' line (which is a bad title, since it's not printing the caller PID, but the CacheableRootProcessId which should be the grandfather in this scenario)
So the offending code is likely here
I would need you to tell me:
- how did you installed msys2 / cygwin ( scoop? chocolatey? .msi ? ) This helps me reproduce the issue locally.
- can you run
gsudo statusfrom cygwin 3 times and paste the results here? that would show the process tree that gsudo receives.
Thank you!
from gsudo.
gerardog
commented on June 10, 2024
1
btw in the mean time you can also do gsudo cache on -p {your console pid} to have a working cache. (also gsudo cache on -p 0 would allow any current-user process to elevate, but this is security promiscous)
from gsudo.
sskras
commented on June 10, 2024
I repeated the debug tracing from CMD with 3 consecutive runs of gsudo:
C:\Users\saukrs> gsudo -k
Info: All credentials cache were invalidated.First run:
C:\Users\saukrs> gsudo --debug fltmc
Debug: Invoking Shell: Cmd
Debug: Command Line: --debug fltmc
Debug: Command to run: "C:\Windows\system32\fltmc.EXE"
Debug: Using Console mode TokenSwitch
Debug: Caller PID: 4480
Debug: Caller SID: S-1-5-21-3533002965-4122658273-1040882531-1006
Debug: Elevating process: C:\ProgramData\scoop\apps\gsudo\2.4.4\gsudo.exe --debug gsudoservice 4480 S-1-5-21-3533002965-4122658273-1040882531-1006 All 00:05:00
Debug: Service process started.
Debug: Connected via Named Pipe ProtectedPrefix\Administrators\gsudo_843F5F48FDA973F21389B11234EB033B58EA49A490BA043B543AB3F4F9DC018B.
Debug: Creating target process: "C:\Windows\system32\fltmc.EXE"
Debug: Process token successfully substituted.
Filter Name Num Instances Altitude Frame
------------------------------ ------------- ------------ -----
OpenZFS <Legacy>
bindflt 1 409800 1
storqosflt 0 244000 1
wcifs 0 189900 1
CldFlt 1 180451 1
FileCrypt 0 141100 0
luafv 1 135000 0
npsvctrig 1 46000 0
Wof 3 40700 0
FileInfo 8 40500 0
Debug: Process exited with code 0Second run:
C:\Users\saukrs> gsudo --debug fltmc
Debug: Invoking Shell: Cmd
Debug: Command Line: --debug fltmc
Debug: Command to run: "C:\Windows\system32\fltmc.EXE"
Debug: Using Console mode TokenSwitch
Debug: Caller PID: 4480
Debug: Connected via Named Pipe ProtectedPrefix\Administrators\gsudo_843F5F48FDA973F21389B11234EB033B58EA49A490BA043B543AB3F4F9DC018B.
Debug: Creating target process: "C:\Windows\system32\fltmc.EXE"
Debug: Process token successfully substituted.
Filter Name Num Instances Altitude Frame
------------------------------ ------------- ------------ -----
OpenZFS <Legacy>
bindflt 1 409800 1
storqosflt 0 244000 1
wcifs 0 189900 1
CldFlt 1 180451 1
FileCrypt 0 141100 0
luafv 1 135000 0
npsvctrig 1 46000 0
Wof 3 40700 0
FileInfo 8 40500 0
Debug: Process exited with code 0Third run:
C:\Users\saukrs> gsudo --debug fltmc
Debug: Invoking Shell: Cmd
Debug: Command Line: --debug fltmc
Debug: Command to run: "C:\Windows\system32\fltmc.EXE"
Debug: Using Console mode TokenSwitch
Debug: Caller PID: 4480
Debug: Connected via Named Pipe ProtectedPrefix\Administrators\gsudo_843F5F48FDA973F21389B11234EB033B58EA49A490BA043B543AB3F4F9DC018B.
Debug: Creating target process: "C:\Windows\system32\fltmc.EXE"
Debug: Process token successfully substituted.
Filter Name Num Instances Altitude Frame
------------------------------ ------------- ------------ -----
OpenZFS <Legacy>
bindflt 1 409800 1
storqosflt 0 244000 1
wcifs 0 189900 1
CldFlt 1 180451 1
FileCrypt 0 141100 0
luafv 1 135000 0
npsvctrig 1 46000 0
Wof 3 40700 0
FileInfo 8 40500 0
Debug: Process exited with code 0Only the first run pops up the UAC prompt. And only one debug CMD console pops up during the test:
Debug: Command Line: --debug gsudoservice 4480 S-1-5-21-3533002965-4122658273-1040882531-1006 All 00:05:00
gsudo v2.4.4 (Branch.tags-v2.4.4.Sha.cf887bf98d5d3d90fc1eebc08c7a277afb50cd19)
Copyright(c) 2019-2022 Gerardo Grignoli and GitHub contributors
Caller Pid: 4480
Running as:
User: DESKTOP-O7JE7JE\saukrs
Sid: S-1-5-21-3533002965-4122658273-1040882531-1006
Is Admin: True
Integrity Level: High (12288)
Credentials Cache:
Mode: Auto
Available for this process: False
Total active cache sessions: 0
Processes attached to the current console:
PID PPID Integrity UserName Name
12792 11808 High DESKTOP-O7JE7JE\saukrs C:\ProgramData\scoop\apps\gsudo\2.4.4\gsudo.exe (this gsudo status)
Info: Service started
Debug: Service will shutdown if idle for 00:05:00
Debug: Listening on named pipe ProtectedPrefix\Administrators\gsudo_843F5F48FDA973F21389B11234EB033B58EA49A490BA043B543AB3F4F9DC018B.
Debug: Access allowed only for ProcessID 4480 and children
Debug: NamedPipeServer listening.
Info: Incoming Connection.
Debug: ElevationRequest length 330
Debug: Process token replaced
Info: Connection Closed.
Debug: NamedPipeServer listening.
Info: Incoming Connection.
Debug: ElevationRequest length 328
Debug: Process token replaced
Info: Connection Closed.
Debug: NamedPipeServer listening.
Info: Incoming Connection.
Debug: ElevationRequest length 329
Debug: Process token replaced
Info: Connection Closed.
Debug: NamedPipeServer listening.... which stays quite for a while after I have finished my runs.
from gsudo.
sskras
commented on June 10, 2024
Thanks for all the tips.
I'll try to make some progress with limited resources...
No need for promises and hurrying. I just documented the thing that otherwise would be lost in transit :)
- how did you installed msys2 / cygwin ( scoop? chocolatey? .msi ? )
I used scoop for that. IIRC, it was scoop install -g gsudo from the elevated CMD.
- can you run
gsudo statusfrom cygwin 3 times and paste the results here? that would show the process tree that gsudo receives.
Textual output gsudo status being run 3 times in row:
saukrs@DESKTOP-O7JE7JE ~
$ date; gsudo status
Fri May 3 18:33:26 EEST 2024
Caller Pid: 3660
Running as:
User: DESKTOP-O7JE7JE\saukrs
Sid: S-1-5-21-3533002965-4122658273-1040882531-1006
Is Admin: False
Integrity Level: Medium (8192)
Credentials Cache:
Mode: Auto
Available for this process: False
Total active cache sessions: 0
Processes attached to the current console:
PID PPID Integrity UserName Name
12320 3660 Medium DESKTOP-O7JE7JE\saukrs D:\cygwin64\bin\bash.exe
2104 12320 Medium DESKTOP-O7JE7JE\saukrs C:\ProgramData\scoop\apps\gsudo\2.4.4\gsudo.exe (this gsudo status)
saukrs@DESKTOP-O7JE7JE ~
$ date; gsudo status
Fri May 3 18:33:28 EEST 2024
Caller Pid: 12800
Running as:
User: DESKTOP-O7JE7JE\saukrs
Sid: S-1-5-21-3533002965-4122658273-1040882531-1006
Is Admin: False
Integrity Level: Medium (8192)
Credentials Cache:
Mode: Auto
Available for this process: False
Total active cache sessions: 0
Processes attached to the current console:
PID PPID Integrity UserName Name
14216 12800 Medium DESKTOP-O7JE7JE\saukrs D:\cygwin64\bin\bash.exe
9692 14216 Medium DESKTOP-O7JE7JE\saukrs C:\ProgramData\scoop\apps\gsudo\2.4.4\gsudo.exe (this gsudo status)
saukrs@DESKTOP-O7JE7JE ~
$ date; gsudo status
Fri May 3 18:33:29 EEST 2024
Caller Pid: 12592
Running as:
User: DESKTOP-O7JE7JE\saukrs
Sid: S-1-5-21-3533002965-4122658273-1040882531-1006
Is Admin: False
Integrity Level: Medium (8192)
Credentials Cache:
Mode: Auto
Available for this process: False
Total active cache sessions: 0
Processes attached to the current console:
PID PPID Integrity UserName Name
2948 12592 Medium DESKTOP-O7JE7JE\saukrs D:\cygwin64\bin\bash.exe
12392 2948 Medium DESKTOP-O7JE7JE\saukrs C:\ProgramData\scoop\apps\gsudo\2.4.4\gsudo.exe (this gsudo status)
from gsudo.
Related Issues (20)
- Feature Request: Make sudo more powerful HOT 1
- Issue: Nano and vim executables get stuck when opened with gsudo on cmd HOT 5
- Issue: gsudo: "Error: Invalid option: -noninteractive". The gsudo scriptblocks also fail. HOT 5
- Feature Request: Add '#' to lines in elevated shell process? (to mimic Linux) HOT 2
- Issue: System.NullReferenceException thrown at gsudo start HOT 1
- Issue: Wrong SID when using cached token HOT 1
- Feature Request: Hide console when running outside a terminal HOT 7
- Issue: sudo alias (sudo !!) throws a ParseError exception and doesn't elevate the last executed command in PowerShell Core HOT 3
- Feature Request: Give users a lecture when they use gsudo. HOT 5
- Error: `System.InvalidOperationException: No process is associated with this object` when using gsudo with Admin by Request HOT 2
- WSL wrapper will not work if gsudo is on different drive
- Issue: `gsudo` script fails missing `gsudo.exe` in MSYS env HOT 2
- Error: `ParentContainsErrorRecordException` when using `gsudo { Get-NetIPAddress }` HOT 4
- Issue: Windows 24H2 Has Sudo HOT 7
- Issue: Sophos AV blocks gsudo
- Commands with Bool ($True/$False) Paramiters do not run within a gsudo session HOT 5
- Feature Request: Add application manifest HOT 1
- Issue: Can run Nano with sudo/gsudo HOT 3
- Issue: `gsudo !!` works in PowerShell but `sudo !!` doesn't HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gsudo.