Open
Description
Issue Description
Recently I discovered that process elevation credentials could be cached. I set it to Auto:
CacheMode = "Auto" (global)
This works with CMD and PowerShell, but not in a pretty recent MSYS2 and Cygwin.
In both latter environments every subsequent launch of gsudo pops up the UAC window.
I expect the caching to work in MSYS2 and Cygwin too.
Steps to Reproduce
- run
gsudo configto see that all items are default - run
gsudo config CacheMode = "Auto" - run
gsudo configto see thatCacheModesetting gotAutoas the global value - run
gsudo fltmc - run
gsudo fltmcthe 2nd time - in both cases UAC pops up
Screenshots
Here is the result I got by adding --debug:
Each invocation poped up a new CMD window, I managed to capture only the last one.
Logs:
Reconfiguring gsudo:
saukrs@DESKTOP-O7JE7JE ~
$ gsudo config
CacheMode = "Explicit" (default)
CacheDuration = "00:05:00" (default)
LogLevel = "Info" (default)
NewWindow.Force = "False" (default)
NewWindow.CloseBehaviour = "OsDefault" (default)
Prompt = "$p$e[1;31m# $e[0m" (default)
PipedPrompt = "$P# " (default)
ForceAttachedConsole = "False" (default)
ForcePipedConsole = "False" (default)
ForceVTConsole = "False" (default)
CopyEnvironmentVariables = "False" (default)
CopyNetworkShares = "False" (default)
PowerShellLoadProfile = "False" (default)
SecurityEnforceUacIsolation = "False" (default)
ExceptionList = "notepad.exe;powershell.exe;whoami.exe;vim.exe;nano.exe;" (default)
saukrs@DESKTOP-O7JE7JE ~
$ gsudo config CacheMode = "Auto"
Info: Config Setting for 'CacheMode' will be set as global system setting.
Info: Global system settings requires elevation. Elevating...
Warning: Enabling the credentials cache is a security risk.
CacheMode = "Auto"
saukrs@DESKTOP-O7JE7JE ~
$ gsudo config
CacheMode = "Auto" (global)
CacheDuration = "00:05:00" (default)
LogLevel = "Info" (default)
NewWindow.Force = "False" (default)
NewWindow.CloseBehaviour = "OsDefault" (default)
Prompt = "$p$e[1;31m# $e[0m" (default)
PipedPrompt = "$P# " (default)
ForceAttachedConsole = "False" (default)
ForcePipedConsole = "False" (default)
ForceVTConsole = "False" (default)
CopyEnvironmentVariables = "False" (default)
CopyNetworkShares = "False" (default)
PowerShellLoadProfile = "False" (default)
SecurityEnforceUacIsolation = "False" (default)
ExceptionList = "notepad.exe;powershell.exe;whoami.exe;vim.exe;nano.exe;" (default)Doing two consecutive runs in ~40 seconds with --debug added:
saukrs@DESKTOP-O7JE7JE ~
$ date; gsudo --debug fltmc
Fri May 3 15:42:08 EEST 2024
Debug: Invoking Shell: Bash
Debug: Command Line: --debug fltmc
Debug: Command to run: D:\cygwin64\bin\bash.exe -c "fltmc"
Debug: Using Console mode TokenSwitch
Debug: Caller PID: 12692
Debug: Caller SID: S-1-5-21-3533002965-4122658273-1040882531-1006
Debug: Elevating process: C:\ProgramData\scoop\apps\gsudo\2.4.4\gsudo.exe --debug gsudoservice 12692 S-1-5-21-3533002965-4122658273-1040882531-1006 All 00:05:00
Debug: Service process started.
Debug: Connected via Named Pipe ProtectedPrefix\Administrators\gsudo_6B99D938783616AA600B80393651400D1B4095C779FE631DB109401F6268C86D.
Debug: Creating target process: D:\cygwin64\bin\bash.exe -c "fltmc"
Debug: Process token successfully substituted.
Filter Name Num Instances Altitude Frame
------------------------------ ------------- ------------ -----
OpenZFS <Legacy>
bindflt 1 409800 1
storqosflt 0 244000 1
wcifs 0 189900 1
CldFlt 1 180451 1
FileCrypt 0 141100 0
luafv 1 135000 0
npsvctrig 1 46000 0
Wof 3 40700 0
FileInfo 8 40500 0
Debug: Process exited with code 0
saukrs@DESKTOP-O7JE7JE ~
$
saukrs@DESKTOP-O7JE7JE ~
$ date; gsudo --debug fltmc
Fri May 3 15:42:43 EEST 2024
Debug: Invoking Shell: Bash
Debug: Command Line: --debug fltmc
Debug: Command to run: D:\cygwin64\bin\bash.exe -c "fltmc"
Debug: Using Console mode TokenSwitch
Debug: Caller PID: 13052
Debug: Caller SID: S-1-5-21-3533002965-4122658273-1040882531-1006
Debug: Elevating process: C:\ProgramData\scoop\apps\gsudo\2.4.4\gsudo.exe --debug gsudoservice 13052 S-1-5-21-3533002965-4122658273-1040882531-1006 All 00:05:00
Debug: Service process started.
Debug: Connected via Named Pipe ProtectedPrefix\Administrators\gsudo_BDB80A29754FF210411978608DB5DCC61235988FE875FE3D7AC39A3738CEA2D5.
Debug: Creating target process: D:\cygwin64\bin\bash.exe -c "fltmc"
Debug: Process token successfully substituted.
Filter Name Num Instances Altitude Frame
------------------------------ ------------- ------------ -----
OpenZFS <Legacy>
bindflt 1 409800 1
storqosflt 0 244000 1
wcifs 0 189900 1
CldFlt 1 180451 1
FileCrypt 0 141100 0
luafv 1 135000 0
npsvctrig 1 46000 0
Wof 3 40700 0
FileInfo 8 40500 0
Debug: Process exited with code 0To compare text output in Cygwin terminal and the CMD debug console I launched gsudo additionally. Otherwise the former (seen in the screenshot) self-desctructs in 15 seconds.
So here are both outputs from the new launch. Cygwin terminal:
saukrs@DESKTOP-O7JE7JE ~
$ date; gsudo --debug fltmc
Fri May 3 16:01:36 EEST 2024
Debug: Invoking Shell: Bash
Debug: Command Line: --debug fltmc
Debug: Command to run: D:\cygwin64\bin\bash.exe -c "fltmc"
Debug: Using Console mode TokenSwitch
Debug: Caller PID: 10192
Debug: Caller SID: S-1-5-21-3533002965-4122658273-1040882531-1006
Debug: Elevating process: C:\ProgramData\scoop\apps\gsudo\2.4.4\gsudo.exe --debug gsudoservice 10192 S-1-5-21-3533002965-4122658273-1040882531-1006 All 00:05:00
Debug: Service process started.
Debug: Connected via Named Pipe ProtectedPrefix\Administrators\gsudo_76AA43327BF0DF98CD377FA67FE444C791387E22F43EA6644BAD622D2D68EE64.
Debug: Creating target process: D:\cygwin64\bin\bash.exe -c "fltmc"
Debug: Process token successfully substituted.
Filter Name Num Instances Altitude Frame
------------------------------ ------------- ------------ -----
OpenZFS <Legacy>
bindflt 1 409800 1
storqosflt 0 244000 1
wcifs 0 189900 1
CldFlt 1 180451 1
FileCrypt 0 141100 0
luafv 1 135000 0
npsvctrig 1 46000 0
Wof 3 40700 0
FileInfo 8 40500 0
Debug: Process exited with code 0Debug CMD console:
Debug: Command Line: --debug gsudoservice 10192 S-1-5-21-3533002965-4122658273-1040882531-1006 All 00:05:00
gsudo v2.4.4 (Branch.tags-v2.4.4.Sha.cf887bf98d5d3d90fc1eebc08c7a277afb50cd19)
Copyright(c) 2019-2022 Gerardo Grignoli and GitHub contributors
Caller Pid: 12976
Running as:
User: DESKTOP-O7JE7JE\saukrs
Sid: S-1-5-21-3533002965-4122658273-1040882531-1006
Is Admin: True
Integrity Level: High (12288)
Credentials Cache:
Mode: Auto
Available for this process: False
Total active cache sessions: 0
Processes attached to the current console:
PID PPID Integrity UserName Name
14268 12976 High DESKTOP-O7JE7JE\saukrs C:\ProgramData\scoop\apps\gsudo\2.4.4\gsudo.exe (this gsudo status)
Info: Service started
Debug: Service will shutdown if idle for 00:05:00
Debug: Listening on named pipe ProtectedPrefix\Administrators\gsudo_76AA43327BF0DF98CD377FA67FE444C791387E22F43EA6644BAD622D2D68EE64.
Debug: Access allowed only for ProcessID 10192 and children
Debug: NamedPipeServer listening.
Info: Incoming Connection.
Debug: ElevationRequest length 342
Debug: Process token replaced
Info: Connection Closed.
Debug: NamedPipeServer listening.
Info: Allowed Process (Pid 10192) has exited. Ending cache session.)
Info: Service stopped
Service shutdown. This window will close in 15 secondsContext:
- Windows version:
Win10 21H2 - English (OS Build 19044.3086) - gsudo version:
gsudo v2.4.4 (Branch.tags-v2.4.4.Sha.cf887bf98d5d3d90fc1eebc08c7a277afb50cd19) - tested shell versions,
- MSYS2:
$ uname -a MSYS_NT-10.0-19044 DESKTOP-O7JE7JE 3.4.10.x86_64 2023-12-22 10:06 UTC x86_64 Msys
- Cygwin:
saukrs@DESKTOP-O7JE7JE ~ $ uname -a CYGWIN_NT-10.0-19044 DESKTOP-O7JE7JE 3.4.10-1.x86_64 2023-11-29 12:12 UTC x86_64 Cygwin
- MSYS2:
Metadata
Metadata
Assignees
Labels
No labels