From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 38566 invoked by alias); 3 Oct 2015 18:27:24 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 38557 invoked by uid 89); 3 Oct 2015 18:27:23 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 X-HELO: mail-wi0-f179.google.com Received: from mail-wi0-f179.google.com (HELO mail-wi0-f179.google.com) (209.85.212.179) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-GCM-SHA256 encrypted) ESMTPS; Sat, 03 Oct 2015 18:27:22 +0000 Received: by wicge5 with SMTP id ge5so71151995wic.0 for ; Sat, 03 Oct 2015 11:27:19 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:message-id:references:to; bh=88wMwG32wO3s0VLQ9HJpr5Hp51MJ50yd0pmRI/FVE5s=; b=cQKLJcDHOKk2IsVjFBfSpx1C7slpH7Ch7pZri94cIo3H9hWHeZxnKnRxQPmtbf39Xi Tb/IeTsLrWxWRhIGwdY94jiGr1qit+ZZDuXzMa/2H/DnFLTUrsUgqUNS5hruvLXVzwXF 5JSmbjEGg+ZIhdtLaxbhZCCf1UU7fJkP1ulHJzooBpTy8Aj5CCJhZRj3bNLwqwFZkNig 6ne0fNQzqRxix98EDmrouwdvOOrk54kAXGtS+EBpJo2ffBUg27YNsFpu37Ar2UaOBZmQ DQt7YDjmPvbr/dLQvhdvGE2Lv87E/hvVZ6yXu7sTH9QaArwOClOhAZMzs6mnVDGXkUd/ Xu2A== X-Gm-Message-State: ALoCoQmDMmniPq9kRl6LeMbImYlvvaHmNp3/jpaUXJ2Op32I0CdV/8bFnOvRcvz4jOo+g5WihiSJ X-Received: by 10.180.88.164 with SMTP id bh4mr3341796wib.18.1443896839246; Sat, 03 Oct 2015 11:27:19 -0700 (PDT) Received: from [192.168.2.105] (p5DCB061C.dip0.t-ipconnect.de. [93.203.6.28]) by smtp.gmail.com with ESMTPSA id o3sm5288323wif.22.2015.10.03.11.27.18 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 03 Oct 2015 11:27:18 -0700 (PDT) Content-Type: multipart/signed; boundary="Apple-Mail=_4BF118E2-E272-43EF-88EC-387161978126"; protocol="application/pgp-signature"; micalg=pgp-sha256 Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2104\)) Subject: Re: strange cygwin sshd user generated (user name includes machine name) X-Pgp-Agent: GPGMail 2.5.2 From: Peter Moore In-Reply-To: Date: Sat, 03 Oct 2015 18:27:00 -0000 Message-Id: <1008ED46-5F9D-4AC3-82AA-C3F1A1069F44@mozilla.com> References: To: cygwin@cygwin.com X-SW-Source: 2015-10/txt/msg00038.txt.bz2 --Apple-Mail=_4BF118E2-E272-43EF-88EC-387161978126 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Content-length: 4182 After a little bit more digging, I think the cygwin name is coming from the= output of getent here: https://cygwin.com/git/gitweb.cgi?p=3Dcygwin-csih.git;a=3Dblob;f=3Dcygwin-s= ervice-installation-helper.sh;h=3D10ab4fb6d47803c9ffabdde51923fc2c3f0496bb;= hb=3D7ca191bebb52ae414bb2a2e37ef22d94f2658dc7#l2705 At this point, I=E2=80=99m not sure what causes getent to return different = values when run in automation, and when run manually. I wonder if there is = some kind of race condition, such that some subsystem is still updating at = the point I install cygwin sshd. For reference, this is the powershell script, see lines 77 onwards: https://hg.mozilla.org/try/file/4905af7c52e5/testing/taskcluster/worker_typ= es/win2012r2/aws_userdata Thanks! Pete > On 03 Oct 2015, at 19:12, Peter Moore wrote: >=20 > Hi, >=20 > I have a powershell script for installing cygwin and setting up sshd whic= h I am using as UserData when firing up a Windows 2012 R2 instance in AWS E= C2. >=20 > The same command succeeds when run manually, but fails when called from a= utomation. I=E2=80=99m trying to understand what it is that is different, s= o I can fix it in automation. >=20 > The command called is: >=20 > ssh-host-config -y -c 'ntsec mintty' -u 'cygwinsshd' -w 'qwe123QWE!@#' >=20 > When I run manually, logged in as Administrator, I get a log line like th= is (notice the correct =E2=80=9CCygwin name=E2=80=9D): >=20 > *** Query: Create new privileged user account 'WIN-EFPDIM0SAUP\cygwinsshd= ' (Cygwin name: =E2=80=98cygwinsshd')? (yes/no) yes >=20 > When I run from automation, the log line looks like this (notice the inco= rrect =E2=80=9CCygwin name=E2=80=9D): >=20 > *** Query: Create new privileged user account 'WIN-EFPDIM0SAUP\cygwinsshd= ' (Cygwin name: 'win-efpdim0saup+cygwinsshd')? (yes/no) yes >=20 > It seems the extended =E2=80=9CCygwin name=E2=80=9D which I get in automa= tion causes ssh-host-config to fail. I=E2=80=99m trying to establish what c= auses the cygwin name to get the prefix of the machine name, since this see= ms to cause the problem. >=20 > For reference, below I=E2=80=99ve put the logs in both the successful (ma= nual) case, and the failing (automated) case. >=20 > If anyone can point me to the source code of ssh-host-config I=E2=80=99m = also happy to dig - I couldn=E2=80=99t find it online. So if you=E2=80=99re= not sure, but know where the source is, I=E2=80=99m happy to look. >=20 > Many thanks in advance! > Pete >=20 >=20 >=20 > SUCCESSFUL run (when executed manually): >=20 > *** Query: Create new privileged user account 'WIN-EFPDIM0SAUP\cygwinsshd= ' (Cygwin name: =E2=80=98cygwinsshd')? (yes/no) yes > *** Info: User =E2=80=98cygwinsshd' has been created with password 'qwe12= 3QWE!@#'. > *** Info: If you change the password, please remember also to change the > *** Info: password for the installed services which use (or will soon use) > *** Info: the =E2=80=98cygwinsshd' account. >=20 > *** Info: The sshd service has been installed under the =E2=80=98cygwinss= hd' > *** Info: account. To start the service now, call `net start sshd' or > *** Info: `cygrunsrv -S sshd'. Otherwise, it will start automatically > *** Info: after the next reboot. > *** Info: Host configuration finished. Have fun! >=20 >=20 > FAILED run (when called in automation): >=20 > *** Query: Create new privileged user account 'WIN-EFPDIM0SAUP\cygwinsshd= ' (Cygwin name: 'win-efpdim0saup+cygwinsshd')? (yes/no) yes > *** Info: User 'win-efpdim0saup+cygwinsshd' has been created with passwor= d 'qwe123QWE!@#'. > *** Info: If you change the password, please remember also to change the > *** Info: password for the installed services which use (or will soon use) > *** Info: the 'win-efpdim0saup+cygwinsshd' account. >=20 > *** Warning: Setting password expiry for user 'win-efpdim0saup+cygwinsshd= ' failed! > *** Warning: Please check that password never expires or set it to your n= eeds. > No user or group 'win-efpdim0saup+cygwinsshd' known. > *** Warning: Assigning the appropriate privileges to user 'win-efpdim0sau= p+cygwinsshd' failed! > *** ERROR: There was a serious problem creating a privileged user. >=20 --Apple-Mail=_4BF118E2-E272-43EF-88EC-387161978126 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail Content-length: 495 -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQEbBAEBCAAGBQJWEB4FAAoJEIKV/ne0df68JCsH+Mq+uSnbJPrdkR2/g6S+Re8b xOuRUOCIZ8ZOQv8WDFat0b3yS6dnBVKPrwvZPYtH0DRaWArpHDNqIaFFNgY210sE qllsMn8XBMDV47/lyksAw6JgzLA8PGR8TrJSe/oz1WABQyftnvKHKQi4fxoDcCQB ep+BCePBkkntDq7ezhPr020pMqPVZKPUpnwOhSa925qZhRNPSCszy/3e3aOz2q6R P5ZVOBWfArk5DmbVDCaZOrGNzkEjrh8iFY4KfCDroZuIlSQ4ZYaUwZbgyPU16BHK s/tbUwqxnVGwZ+csbirR5yLs8wRmo4sxvb52f48rtvbSiEY3+GL0mWcni3SHrQ== =OGoL -----END PGP SIGNATURE----- --Apple-Mail=_4BF118E2-E272-43EF-88EC-387161978126--