msys2-runtime: update to 3.6.2-2

msys2-runtime/0048-Cygwin-do-retrieve-AzureAD-users-information-again.patch

@@ -0,0 +1,73 @@
+From 1a222c8a01c2981a9343611c0d3a6afdff55d87b Mon Sep 17 00:00:00 2001
+From: Johannes Schindelin <[email protected]>
+Date: Tue, 3 Jun 2025 08:53:57 +0200
+Subject: [PATCH 48/N] Cygwin: do retrieve AzureAD users' information again
+
+In 48e7d63268 (Cygwin: fetch_account_from_windows: skip LookupAccountSid
+for SIDs known to fail, 2025-04-10), several SIDs acquired a shortcut
+where a potentially expensive `LookupAccountSid()` call is avoided for
+SIDs that "cannot be resolved".
+
+However, as reported by Robert Fensterman (and independently discovered
+by myself), some of the SIDs that received this special shortcut _do_
+get resolved by `LookupAccountSid()` calls: AzureAD users' SIDs.
+
+With those SIDs, that newly-introduced shortcut actually does more harm
+than good because there is no other way to retrieve the desired
+information, resulting in permission problems.
+
+One symptom of this is that `mintty` can no longer access `/dev/ptmx`
+and simply errors out with "Error: Could not fork child process: There
+are no available terminals (-1)".
+
+Another symptom is that `tmux` is no longer able to create new sessions.
+Yet another symptom is new files are unintentionally written with
+restricted permissions (copying an `.exe` file, for example, disallows
+the copied version to be executed).
+
+The most likely reason why AzureAD SIDs were included in above-mentioned
+commit is that special AzureAD _group_ SIDs are not recognized by
+`LookupAccountSid()`, as per the code comment for the `azure_grp_sid`
+variable. It is plausible that this fact was mistaken to extend to all
+AzureAD SIDs, a notion disproved by the counter example of my personal
+experience with my own AzureAD user account. Unfortunately, the only way
+to find out whether `LookupAccountSid()` works with a given AzureAD SID
+or not is to call that function.
+
+To make regular AzureAD user accounts work again, let's just drop the
+AzureAD part from that special shortcut.
+
+My understanding of the other SIDs handled by that shortcut (Capability
+SIDs, IIS APPPOOL and Samba user/group SIDs) is insufficient to
+determine whether they, too, can be resolved by `LookupAccountSid()` in
+some cases (and would therefore equally need to be excluded from that
+shortcut). At least as far as the Capability SIDs go, I am rather
+confident from reading the context (the commit's message, as well as the
+report that led to that commit) that the shortcut is safe, and I could
+imagine that the same is true for IIS APPPOOL and Samba SIDs. Absent any
+further insight, I therefore decided to leave the rest of 48e7d63268
+(Cygwin: fetch_account_from_windows: skip LookupAccountSid for SIDs
+known to fail, 2025-04-10) intact.
+
+Reported-by: Robert Fensterman <[email protected]>
+Fixes: 48e7d63268 (Cygwin: fetch_account_from_windows: skip LookupAccountSid for SIDs known to fail, 2025-04-10)
+Signed-off-by: Johannes Schindelin <[email protected]>
+---
+ winsup/cygwin/uinfo.cc | 4 ----
+ 1 file changed, 4 deletions(-)
+
+diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc
+index 7c2581d..4323cb1 100644
+--- a/winsup/cygwin/uinfo.cc
++++ b/winsup/cygwin/uinfo.cc
+@@ -1996,10 +1996,6 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap)
+       if (sid_id_auth (sid) == 5 /* SECURITY_NT_AUTHORITY */
+ 	  && sid_sub_auth (sid, 0) == SECURITY_APPPOOL_ID_BASE_RID)
+ 	break;
+-      /* AzureAD SIDs */
+-      if (sid_id_auth (sid) == 12 /* AzureAD ID */
+-	  && sid_sub_auth (sid, 0) == 1 /* Azure ID base RID */)
+-	break;
+       /* Samba user/group SIDs */
+       if (sid_id_auth (sid) == 22)
+ 	break;

msys2-runtime/PKGBUILD

@@ -4,7 +4,7 @@
 pkgbase=msys2-runtime
 pkgname=('msys2-runtime' 'msys2-runtime-devel')
 pkgver=3.6.2
-pkgrel=1
+pkgrel=2
 pkgdesc="Cygwin POSIX emulation engine"
 arch=('x86_64')
 url="https://www.cygwin.com/"
@@ -73,9 +73,10 @@ source=('msys2-runtime'::git+https://github.com/cygwin/cygwin#tag=cygwin-${pkgve
         0044-Make-paths-WCS-MBS-conversion-explicit.patch
         0045-Use-MB_CUR_MAX-6-by-default.patch
         0046-Change-the-default-base-address-for-x86_64.patch
-        0047-msys2-runtime-restore-fast-path-for-current-user-pri.patch)
+        0047-msys2-runtime-restore-fast-path-for-current-user-pri.patch
+        0048-Cygwin-do-retrieve-AzureAD-users-information-again.patch)
 sha256sums=('9fb4bbcbd498a207e07a0d05161f86efbc60466f10b96c33d0b76194bd40a806'
-            '6a03e8f8c5e6f008b9e0cb66de35de68634aa7fbb41b5c09e80b84db87d57dca'
+            'e94bccf1cafe0717d0a19df35f69bdfe122bcdfcffac47a107c18fb50b4a5911'
             'e4082aff332507d6d5fefa5b7da2fcbbaa8b593ca158dbb1fe026a26b0e09d91'
             '1cd177791994917d0c4df391fdc96993c3275eddd2b5f475532c0f478b2be8eb'
             '81d0f97d558b413c1b6fc592c7c0c7cac0b8f1c650e6fb13c01f4ee25b049fce'
@@ -122,7 +123,8 @@ sha256sums=('9fb4bbcbd498a207e07a0d05161f86efbc60466f10b96c33d0b76194bd40a806'
             '18ee1eaa6ee1877536672fb02fc1a102b9cbbb65f5238b532c18ad4ea9b8910b'
             '8507ce68f7c29cacf89994e08eb89e66d2907a65ce7793cd8019e01a2705e425'
             'bbdd536345d096ee80191d936c1638baa9bb2d76f6118d0cf34e63cee8eb5dde'
-            'da5ae57f1603ae3e08f27cc68da690f68dbb44f2f84f9bbc7e4a6d2456832348')
+            'da5ae57f1603ae3e08f27cc68da690f68dbb44f2f84f9bbc7e4a6d2456832348'
+            '53d30f6e2a3fabfaf6dd928c5e1d4c37311410fce33146969365f9c36b0e1bad')
 
 # Helper macros to help make tasks easier #
 apply_patch_with_msg() {
@@ -223,7 +225,8 @@ prepare() {
   0044-Make-paths-WCS-MBS-conversion-explicit.patch \
   0045-Use-MB_CUR_MAX-6-by-default.patch \
   0046-Change-the-default-base-address-for-x86_64.patch \
-  0047-msys2-runtime-restore-fast-path-for-current-user-pri.patch
+  0047-msys2-runtime-restore-fast-path-for-current-user-pri.patch \
+  0048-Cygwin-do-retrieve-AzureAD-users-information-again.patch
 }
 
 build() {

msys2-runtime/msys2-runtime.commit

@@ -1 +1 @@
-0b9a01b6b59f03187dcf1b184addc93e8555415c
+ceeecb01e13d0965a8993f04cf756096ba91dc35