Subject: RE: #define name for non-root pkg_install tools
To: 'Todd Vierling' <>
From: Mark Funkenhauser <>
List: tech-pkg
Date: 05/10/2004 11:37:47
> -----Original Message-----
> From: 
> [] On Behalf Of Todd Vierling
> Sent: Wednesday, May 05, 2004 1:37 PM
> To: Mark Funkenhauser
> Cc:
> Subject: Re: #define name for non-root pkg_install tools
> On Wed, 28 Apr 2004, Mark Funkenhauser wrote:
> : With Interix, there are potentially two different Administrator user
> : accounts:
> :   localSystem+Administrator  and  PrincipalDomain+Administrator
> : (uid = 197108  and  uid = 1049594  respectively)
> Right.  1049594, however, is not treated specially by pkgsrc.
> Is a domain Administrator automatically a member of the local 
> Administrators
> group (131616)?  If so, pkgsrc should be happy as-is; it is 
> using the gid
> (as of now, numerically) for most privilege check uses.

When your machine becomes part of a Windows domain, then the 
domain\Administrators group becomes part of the local Administrators
And the domain Administrator is normally a member of the

> : I guess it depends if any of the pkg_* tools assume that the current
> : user is privileged.
> At the moment, pkg_* in pkgsrc does not do the permissions 
> check on Interix at all.

That's not what I was getting at.
It's a question of what operations the pkg_* tools perform
and what privileges these ops require in order to be successful.

If any of these operations require a particular privilege,
then it may be reasonable to check that the current user has these
privileges first - rather than erroring out with permission or access
in the middle of a critical operation.