[ANNOUNCEMENT] Updated: csih-0.1.3-1

[ANNOUNCEMENT] Updated: csih-0.1.3-1

[Charles Wilson]

csih (cygwin-service-installation-helper) provides a library of shell 
functions that can be used by other cygwin packages that provide servers 
and daemons. It can assist in various service installation tasks, such as:

* identifying the underlying Windows OS
* detecting whether a "privileged user" exists and what its name is
   (that is, a user account with enhanced privileges necessary for
   some services. These may include, among others:
         SeAssignPrimaryTokenPrivilege
         SeCreateTokenPrivilege
         SeTcbPrivilege
         SeDenyInteractiveLogonRight
         SeDenyNetworkLogonRight
         SeDenyRemoteInteractiveLogonRight
         SeIncreaseQuotaPrivilege
         SeServiceLogonRight
* creating a privileged user if one doesn't already exist (assuming the
   caller has permissions to create new users, of course)
* creating "normal" users
* obtaining the (localized) name of well known accounts (Guest,
   Administrator)

It is currently used by inetutils(iu-config, syslogd-config), 
sspi(sspi-config), sysvinit(init-config). csih should not be used 
directly; instead, config scripts like the ones mentioned above should 
'source' the csih script, and then use the functions provided.


Changes (since unreleased 0.1.1-1)
======================
* added utility: 'winProductName' which obtains the exact
   operating system name (with finer granularity than `uname')
   Currently used only to distinguish between vista and server2008.
* New system id function: csih_is_exactly_vista(),
   csih_is_exactly_server2008
* Protection against evaluating $0 when invoked by login shell

Changes (since unreleased 0.1-1)
======================
* added utility: 'getAccountName' which obtains the (localized) name
   of well known accounts
* New system id function: csih_is_2k(), csih_is_xp(), csih_is_vista()
* New function: csih_invoke_helper
     invokes utilities in /usr/lib/csih/
* New function: csih_get_localized_account_name
     Given an WELL_KNOWN_SID_TYPE enumeration value, uses getAccountName
     utility to obtain the localized name associated with the account
* New function: csih_get_guest_account_name
     Shortcut using csih_get_localized_account_name for Guest account
* New function: csih_guest_account_active
     returns true if Guest account is active, false otherwise
* -src package reorganization

--
Chuck

====================================================================

To update your installation, click on the "Install Cygwin now" link on
the http://cygwin.com/ web page.  This downloads setup.exe to your
system.  Then, run setup and answer all of the questions.


*** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***

If you want to unsubscribe from the cygwin-announce mailing list, look
at the "List-Unsubscribe: " tag in the email header of this message.
Send email to the address specified there.  It will be in the format:


cygwin-announce-unsubscribe-you=yourdomain.com@cygwin.com

If you need more information on unsubscribing, start reading here:

http://sources.redhat.com/lists.html#unsubscribe-simple

Please read *all* of the information on unsubscribing that is available
starting at this URL.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Charles Wilson]

[-- Attachment #1: Type: text/plain, Size: 2280 bytes --]

Attached is an updated implementation of ssh-host-config that uses csih. 
It seems to work pretty well for the various tests I've put it through, 
although it REQUIRES csih-0.1.3.

(However, the -w/--pwd option doesn't operate correctly, unless you have 
patched csih. This problem isn't awful: it's just as if the -w option 
were ignored, and you get asked for the password instead)

If you are on WinServer2003/2008 or Vista, this should use/create a 
privileged user. If you already have one (sshd_server, cron_server, or 
cyg_server), then it will use that. If you don't already have one, then 
it will create 'cyg_server' -- or ask you for a name.

If you are on an older windows (but still NT or better), it will use 
LocalSystem, unless you invoke ssh-host-config with the '--privileged' 
option -- in which case behavior is like Vista & friends, above.

IF you have installed the [test] inetutils-1.5 packages (with support 
for xinetd-style /etc/inetd.d/* fragments), then this ssh-host-config 
will NOT add a [commented-out] ssh entry to /etc/inetd.config; instead 
it will use the attached /etc/default file and create 
/etc/inetd.d/sshd-inetd.  (Assuming you save the attached file as 
/etc/defaults/etc/inetd.d/sshd-inetd)

If you're still using the [current] inetutils-1.3.2-* packages, then 
ssh-host-config behavior is as before: it will munge the /etc/inetd.conf 
file.

Side note: interactions with inetd and init

IF
   a) you use inetd (or xinetd) to invoke sshd, instead of installing 
sshd as a service
   b) you are on 2003/2008/Vista where sshd MUST be run from a 
privileged user, (or you are on NT/2k/XP, but you want to 'play' with 
--privileged)

Then inetd/xinetd must be run from that privileged user account (because 
slave daemons inherit inetd's user -- or inetd's user must be privileged 
anyway in order to switch user context to the desired/specified user.)

Furthermore, if the above is all true AND you launch inetd or xinetd 
itself from sysvinit's init process, then /init/ must be run from a 
[the?] privileged account as well. Unfortunately, init-config does not 
support this behavior out of the box, so you have to manually install 
the init service (and don't forget to chown /etc/inittab, /etc/rc, and 
/var/log/init.log)

--
Chuck



[-- Attachment #2: ssh-host-config --]
[-- Type: text/plain, Size: 17475 bytes --]

#!/bin/bash
#
# ssh-host-config, Copyright 2000, 2001, 2002, 2003 Red Hat Inc.
#
# This file is part of the Cygwin port of OpenSSH.

# ======================================================================
# Initialization
# ======================================================================
PROGNAME=$(basename $0)
_tdir=$(dirname $0)
PROGDIR=$(cd $_tdir && pwd)

CSIH_SCRIPT=/usr/share/csih/cygwin-service-installation-helper.sh

# Subdirectory where the new package is being installed
PREFIX=/usr

# Directory where the config files are stored
SYSCONFDIR=/etc
LOCALSTATEDIR=/var

source ${CSIH_SCRIPT}

port_number=22
privsep_configured=no
privsep_used=yes
cygwin_value="ntsec"
password_value=

# ======================================================================
# Routine: create_host_keys
# ======================================================================
create_host_keys() {
  if [ ! -f "${SYSCONFDIR}/ssh_host_key" ]
  then
    csih_inform "Generating ${SYSCONFDIR}/ssh_host_key"
    ssh-keygen -t rsa1 -f ${SYSCONFDIR}/ssh_host_key -N '' > /dev/null
  fi
  
  if [ ! -f "${SYSCONFDIR}/ssh_host_rsa_key" ]
  then
    csih_inform "Generating ${SYSCONFDIR}/ssh_host_rsa_key"
    ssh-keygen -t rsa -f ${SYSCONFDIR}/ssh_host_rsa_key -N '' > /dev/null
  fi
  
  if [ ! -f "${SYSCONFDIR}/ssh_host_dsa_key" ]
  then
    csih_inform "Generating ${SYSCONFDIR}/ssh_host_dsa_key"
    ssh-keygen -t dsa -f ${SYSCONFDIR}/ssh_host_dsa_key -N '' > /dev/null
  fi
} # --- End of create_host_keys --- #

# ======================================================================
# Routine: update_services_file
# ======================================================================
update_services_file() {
  local _my_etcdir="/ssh-host-config.$$"
  local _win_etcdir
  local _services
  local _spaces
  local _serv_tmp
  local _wservices

  if csih_is_nt
  then
    _win_etcdir="${SYSTEMROOT}\\system32\\drivers\\etc"
    _services="${_my_etcdir}/services"
    # On NT, 27 spaces, no space after the hash
    _spaces="                           #"
  else
    _win_etcdir="${WINDIR}"
    _services="${_my_etcdir}/SERVICES"
    # On 9x, 18 spaces (95 is very touchy), a space after the hash
    _spaces="                  # "
  fi
  _serv_tmp="${_my_etcdir}/srv.out.$$"
  
  mount -t -f "${_win_etcdir}" "${_my_etcdir}"
  
  # Depends on the above mount
  _wservices=`cygpath -w "${_services}"`
  
  # Remove sshd 22/port from services
  if [ `grep -q 'sshd[ \t][ \t]*22' "${_services}"; echo $?` -eq 0 ]
  then
    grep -v 'sshd[ \t][ \t]*22' "${_services}" > "${_serv_tmp}"
    if [ -f "${_serv_tmp}" ]
    then
      if mv "${_serv_tmp}" "${_services}"
      then
        csih_inform "Removing sshd from ${_wservices}"
      else
        csih_warning "Removing sshd from ${_wservices} failed!"
      fi
      rm -f "${_serv_tmp}"
    else
      csih_warning "Removing sshd from ${_wservices} failed!"
    fi
  fi
  
  # Add ssh 22/tcp  and ssh 22/udp to services
  if [ `grep -q 'ssh[ \t][ \t]*22' "${_services}"; echo $?` -ne 0 ]
  then
    if awk '{ if ( $2 ~ /^23\/tcp/ ) print "ssh                22/tcp'"${_spaces}"'SSH Remote Login Protocol\nssh                22/udp'"${_spaces}"'SSH Remote Login Protocol"; print $0; }' < "${_services}" > "${_serv_tmp}"
    then
      if mv "${_serv_tmp}" "${_services}"
      then
        csih_inform "Added ssh to ${_wservices}"
      else
        csih_warning "Adding ssh to ${_wservices} failed!"
      fi
      rm -f "${_serv_tmp}"
    else
      csih_warning "Adding ssh to ${_wservices} failed!"
    fi
  fi
  umount "${_my_etcdir}"
} # --- End of update_services_file --- #

# ======================================================================
# Routine: sshd_privsep
#  MODIFIES: privsep_configured  privsep_used
# ======================================================================
sshd_privsep() {
  local sshdconfig_tmp

  if [ "${privsep_configured}" != "yes" ]
  then
    if csih_is_nt
    then
      csih_inform "Privilege separation is set to yes by default since OpenSSH 3.3."
      csih_inform "However, this requires a non-privileged account called 'sshd'."
      csih_inform "For more info on privilege separation read /usr/share/doc/openssh/README.privsep."
      if csih_request "Should privilege separation be used?"
      then
        privsep_used=yes
        if ! csih_create_unprivileged_user sshd
        then
  	  csih_warning "Couldn't create user 'sshd'!"
          csih_warning "Privilege separation set to 'no' again!"
          csih_warning "Check your ${SYSCONFDIR}/sshd_config file!"
  	  privsep_used=no
        fi
      else
        privsep_used=no
      fi
    else
      # On 9x don't use privilege separation.  Since security isn't
      # available it just adds useless additional processes.
      privsep_used=no
    fi
  fi
  
  # Create default sshd_config from skeleton files in /etc/defaults/etc or
  # modify to add the missing privsep configuration option
  if cmp "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults/${SYSCONFDIR}/sshd_config" >/dev/null 2>&1
  then
    csih_inform "Updating ${SYSCONFDIR}/sshd_config file"
    sshdconfig_tmp=${SYSCONFDIR}/sshd_config.$$
    sed -e "s/^#UsePrivilegeSeparation yes/UsePrivilegeSeparation ${privsep_used}/
  	  s/^#Port 22/Port ${port_number}/
  	  s/^#StrictModes yes/StrictModes no/" \
        < ${SYSCONFDIR}/sshd_config \
        > "${sshdconfig_tmp}"
    mv "${sshdconfig_tmp}" ${SYSCONFDIR}/sshd_config
  elif [ "${privsep_configured}" != "yes" ]
  then
    echo >> ${SYSCONFDIR}/sshd_config
    echo "UsePrivilegeSeparation ${privsep_used}" >> ${SYSCONFDIR}/sshd_config
  fi
} # --- End of sshd_privsep --- #

# ======================================================================
# Routine: update_inetd_conf
# ======================================================================
update_inetd_conf() {
  local _inetcnf="${SYSCONFDIR}/inetd.conf"
  local _inetcnf_tmp="${SYSCONFDIR}/inetd.conf.$$"
  local _inetcnf_dir="${SYSCONFDIR}/inetd.d"
  local _sshd_inetd_conf="${_inetcnf_dir}/sshd-inetd"
  local _sshd_inetd_conf_tmp="${_inetcnf_dir}/sshd-inetd.$$"
  local _with_comment=1

  if [ -d "${_inetcnf_dir}" ]
  then
    # we have inetutils-1.5 inetd.d support
    if [ -f "${_inetcnf}" ]
    then
      grep -q '^[ \t]*ssh' "${_inetcnf}" && _with_comment=0

      # check for sshd OR ssh in top-level inetd.conf file, and remove
      # will be replaced by a file in inetd.d/
      if [ `grep -q '^[# \t]*ssh' "${_inetcnf}"; echo $?` -eq 0 ]
      then
        grep -v '^[# \t]*ssh' "${_inetcnf}" >> "${_inetcnf_tmp}"
        if [ -f "${_inetcnf_tmp}" ]
        then
          if mv "${_inetcnf_tmp}" "${_inetcnf}"
          then
  	    csih_inform "Removed ssh[d] from ${_inetcnf}"
          else
  	    csih_warning "Removing ssh[d] from ${_inetcnf} failed!"
          fi
          rm -f "${_inetcnf_tmp}"
        else
          csih_warning "Removing ssh[d] from ${_inetcnf} failed!"
        fi
      fi
    fi

    csih_install_config "${_sshd_inetd_conf}"   "${SYSCONFDIR}/defaults"
    if cmp "${SYSCONFDIR}/defaults${_sshd_inetd_conf}" "${_sshd_inetd_conf}" >/dev/null 2>&1
    then
      if [ "${_with_comment}" -eq 0 ]
      then
        sed -e 's/@COMMENT@[ \t]*//' < "${_sshd_inetd_conf}" > "${_sshd_inetd_conf_tmp}"
      else
        sed -e 's/@COMMENT@[ \t]*/# /' < "${_sshd_inetd_conf}" > "${_sshd_inetd_conf_tmp}"
      fi
      mv "${_sshd_inetd_conf_tmp}" "${_sshd_inetd_conf}"
      csih_inform "Updated ${_sshd_inetd_conf}"
    fi 

  elif [ -f "${_inetcnf}" ]
  then
    grep -q '^[ \t]*sshd' "${_inetcnf}" && _with_comment=0

    # check for sshd in top-level inetd.conf file, and remove
    # will be replaced by a file in inetd.d/
    if [ `grep -q '^[# \t]*sshd' "${_inetcnf}"; echo $?` -eq 0 ]
    then
      grep -v '^[# \t]*sshd' "${_inetcnf}" >> "${_inetcnf_tmp}"
      if [ -f "${_inetcnf_tmp}" ]
      then
        if mv "${_inetcnf_tmp}" "${_inetcnf}"
        then
	    csih_inform "Removed sshd from ${_inetcnf}"
        else
	    csih_warning "Removing sshd from ${_inetcnf} failed!"
        fi
        rm -f "${_inetcnf_tmp}"
      else
        csih_warning "Removing sshd from ${_inetcnf} failed!"
      fi
    fi
  
    # Add ssh line to inetd.conf
    if [ `grep -q '^[# \t]*ssh' "${_inetcnf}"; echo $?` -ne 0 ]
    then
      if [ "${_with_comment}" -eq 0 ]
      then
        echo 'ssh  stream  tcp     nowait  root    /usr/sbin/sshd sshd -i' >> "${_inetcnf}"
      else
        echo '# ssh  stream  tcp     nowait  root    /usr/sbin/sshd sshd -i' >> "${_inetcnf}"
      fi
      csih_inform "Added ssh to ${_inetcnf}"
    fi
  fi
} # --- End of update_inetd_conf --- #

# ======================================================================
# Routine: install_service
#   Install sshd as a service
# ======================================================================
install_service() {
  local run_service_as
  local password

  if csih_is_nt
  then
    if ! cygrunsrv -Q sshd >/dev/null 2>&1
    then
      echo
      echo
      csih_warning "The following functions require administrator privileges!"
      echo
      echo -e "${_csih_QUERY_STR} Do you want to install sshd as a service?"
      if csih_request "(Say \"no\" if it is already installed as a service)"
      then
	csih_inform "Note that the CYGWIN variable must contain at least \"ntsec\""
        csih_inform "for sshd to be able to change user context without password."
        csih_get_cygenv "${cygwin_value}"

        if ( csih_is_nt2003 || [ "$csih_FORCE_PRIVILEGED_USER" = "yes" ] )
        then
          csih_inform "On Windows Server 2003, Windows Vista, and above, the"
          csih_inform "SYSTEM account cannot setuid to other users -- a capability"
          csih_inform "sshd requires.  You need to have or to create a privileged"
          csih_inform "account.  This script will help you do so."
          echo
          if ! csih_create_privileged_user "${password_value}"
          then
            csih_error_recoverable "There was a serious problem creating a privileged user."
            csih_request "Do you want to proceed anyway?" || exit 1
          fi
        fi

        # never returns empty if NT or above
        run_service_as=$(csih_service_should_run_as)

        if [ "${run_service_as}" = "${csih_PRIVILEGED_USERNAME}" ]
        then
          password="${csih_PRIVILEGED_PASSWORD}"
          if [ -z "${password}" ]
          then
            csih_get_value "Please enter the password for user '${run_service_as}':" "-s"
            password="${csih_value}"
          fi
        fi

        # at this point, we either have $run_service_as = "system" and $password is empty,
        # or $run_service_as is some privileged user and (hopefully) $password contains
        # the correct password.  So, from here out, we use '-z "${password}"' to discriminate
        # the two cases.

        csih_check_user "${run_service_as}"

        if [ -z "${password}" ]
        then
	  if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a "-D" -y tcpip \
             -e CYGWIN="${csih_cygenv}"
          then
            echo
            csih_inform "The sshd service has been installed under the LocalSystem"
            csih_inform "account (also known as SYSTEM). To start the service now, call"
            csih_inform "\`net start sshd' or \`cygrunsrv -S sshd'.  Otherwise, it"
            csih_inform "will start automatically after the next reboot."
          fi
        else
	  if cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd -a "-D" -y tcpip \
             -e CYGWIN="${csih_cygenv}" -u "${run_service_as}" -w "${password}"
          then
	    echo
	    csih_inform "The sshd service has been installed under the '${run_service_as}'"
	    csih_inform "account.  To start the service now, call \`net start sshd' or"
            csih_inform "\`cygrunsrv -S sshd'.  Otherwise, it will start automatically"
            csih_inform "after the next reboot."
          fi
        fi

        # now, if successfully installed, set ownership of the affected files 
        if cygrunsrv -Q sshd >/dev/null 2>&1
        then
          chown "${run_service_as}" ${SYSCONFDIR}/ssh*
          chown "${run_service_as}".544 ${LOCALSTATEDIR}/empty
          chown "${run_service_as}".544 ${LOCALSTATEDIR}/log/lastlog
          if [ -f ${LOCALSTATEDIR}/log/sshd.log ]
          then
	    chown "${run_service_as}".544 ${LOCALSTATEDIR}/log/sshd.log
          fi
        else
          csih_warning "Something went wrong installing the sshd service."
        fi
      fi # user allowed us to install as service
    fi # service not yet installed
  fi # csih_is_nt
} # --- End of install_service --- #

# ======================================================================
# Main Entry Point
# ======================================================================

# Check how the script has been started.  If
#   (1) it has been started by giving the full path and
#       that path is /etc/postinstall, OR
#   (2) Otherwise, if the environment variable
#       SSH_HOST_CONFIG_AUTO_ANSWER_NO is set
# then set auto_answer to "no".  This allows automatic
# creation of the config files in /etc w/o overwriting
# them if they already exist.  In both cases, color
# escape sequences are suppressed, so as to prevent
# cluttering setup's logfiles.
if [ "$PROGDIR" = "/etc/postinstall" ]
then
  csih_auto_answer="no"
  csih_disable_color
fi
if [ -n "${SSH_HOST_CONFIG_AUTO_ANSWER_NO}" ]
then
  csih_auto_answer="no"
  csih_disable_color
fi

# ======================================================================
# Parse options
# ======================================================================
while :
do
  case $# in
  0)
    break
    ;;
  esac

  option=$1
  shift

  case "${option}" in
  -d | --debug )
    set -x
    csih_trace_on
    ;;

  -y | --yes )
    csih_auto_answer=yes
    ;;

  -n | --no )
    csih_auto_answer=no
    ;;

  -c | --cygwin )
    cygwin_value="$1"
    shift
    ;;

  -p | --port )
    port_number=$1
    shift
    ;;

  -w | --pwd )
    password_value="$1"
    shift
    ;;

  --privileged )
    csih_FORCE_PRIVILEGED_USER=yes
    ;;

  *)
    echo "usage: ${progname} [OPTION]..."
    echo
    echo "This script creates an OpenSSH host configuration."
    echo
    echo "Options:"
    echo "  --debug  -d            Enable shell's debug output."
    echo "  --yes    -y            Answer all questions with \"yes\" automatically."
    echo "  --no     -n            Answer all questions with \"no\" automatically."
    echo "  --cygwin -c <options>  Use \"options\" as value for CYGWIN environment var."
    echo "  --port   -p <n>        sshd listens on port n."
    echo "  --pwd    -w <passwd>   Use \"pwd\" as password for privileged user."
    echo "  --privileged           On Windows NT/2k/XP, require privileged user"
    echo "                         instead of LocalSystem for sshd service."
    echo
    exit 1
    ;;

  esac
done

# ======================================================================
# Action!
# ======================================================================

# Check for running ssh/sshd processes first. Refuse to do anything while
# some ssh processes are still running
if ps -ef | grep -v grep | grep -q ssh
then
  echo
  csih_error "There are still ssh processes running. Please shut them down first."
fi

# Check for ${SYSCONFDIR} directory
csih_make_dir "${SYSCONFDIR}" "Cannot create global configuration files."
chmod 775 "${SYSCONFDIR}"
setfacl -m u:system:rwx "${SYSCONFDIR}"

# Check for /var/log directory
csih_make_dir "${LOCALSTATEDIR}/log" "Cannot create log directory."
chmod 775 "${LOCALSTATEDIR}/log"
setfacl -m u:system:rwx "${LOCALSTATEDIR}/log"

# Create /var/log/lastlog if not already exists
if [ -e ${LOCALSTATEDIR}/log/lastlog -a ! -f ${LOCALSTATEDIR}/log/lastlog ]
then
  echo 
  csih_error_multi "${LOCALSTATEDIR}/log/lastlog exists, but is not a file." \
                   "Cannot create ssh host configuration."
fi
if [ ! -e ${LOCALSTATEDIR}/log/lastlog ]
then
  cat /dev/null > ${LOCALSTATEDIR}/log/lastlog
  chmod 644 ${LOCALSTATEDIR}/log/lastlog
fi

# Create /var/empty file used as chroot jail for privilege separation
csih_make_dir "${LOCALSTATEDIR}/empty" "Cannot create log directory."
chmod 755 "${LOCALSTATEDIR}/empty"
setfacl -m u:system:rwx "${LOCALSTATEDIR}/empty"

# host keys
create_host_keys

# use 'cmp' program to determine if a config file is identical
# to the default version of that config file
csih_check_program_or_error cmp diffutils


# handle ssh_config
csih_install_config "${SYSCONFDIR}/ssh_config"   "${SYSCONFDIR}/defaults"
if cmp "${SYSCONFDIR}/ssh_config" "${SYSCONFDIR}/defaults/${SYSCONFDIR}/ssh_config" >/dev/null 2>&1
then
  if [ "${port_number}" != "22" ]
  then
    csih_inform "Updating ${SYSCONFDIR}/ssh_config file with requested port"
    echo "Host localhost" >> ${SYSCONFDIR}/ssh_config
    echo "    Port ${port_number}" >> ${SYSCONFDIR}/ssh_config
  fi
fi

# handle sshd_config (and privsep)
csih_install_config "${SYSCONFDIR}/sshd_config"   "${SYSCONFDIR}/defaults"
if ! cmp "${SYSCONFDIR}/sshd_config" "${SYSCONFDIR}/defaults/${SYSCONFDIR}/sshd_config" >/dev/null 2>&1
then
  grep -q UsePrivilegeSeparation ${SYSCONFDIR}/sshd_config && privsep_configured=yes
fi
sshd_privsep



update_services_file 
update_inetd_conf
install_service

echo
csih_inform "Host configuration finished. Have fun!"


[-- Attachment #3: csih-changes-for-sshd --]
[-- Type: text/plain, Size: 1434 bytes --]

--- old/cygwin-service-installation-helper.sh	2008-03-16 18:17:28.787375000 -0400
+++ new/cygwin-service-installation-helper.sh	2008-04-03 00:28:05.609375000 -0400
@@ -103,7 +103,7 @@
 # ======================================================================
 csih_progname=$0
 csih_progname_base=$(basename -- $csih_progname)
-csih_VERSION=0.1.2
+csih_VERSION=0.1.3
 readonly csih_progname csih_progname_base csih_VERSION 
 
 csih_auto_answer=""
@@ -1553,7 +1553,8 @@
 #   On Windows Server 2003 and above (including Windows Vista), or if
 #   csih_FORCE_PRIVILEGED_USER == "yes" for Windows NT and above,
 #   allows user to select a pre-existing privileged user, or to
-#   create a new privileged user. Ignores all arguments.
+#   create a new privileged user.
+#   $1 (optional) will be used as the password if non-empty
 #   
 #   Exits on catastrophic error (or if user enters empty password)
 #   Returns 0 on total success
@@ -1583,7 +1584,7 @@
   local admingroup
   local dos_var_empty
   local _password
-  local password_value
+  local password_value="$1"
   local passwd_has_expiry_flags
   local ret=0
   local username_in_admingroup
@@ -1668,6 +1669,8 @@
       fi # user allowed us to create account
     else # ${username} did not already exist
       username_in_sam=yes
+      # use passed-in value as first guess
+      csih_PRIVILEGED_PASSWORD="${password_value}"
     fi
 
     if [ "$username_in_sam" = "yes" ]

[-- Attachment #4: etc_defaults_etc_inetd.d_sshd-inetd --]
[-- Type: text/plain, Size: 193 bytes --]

# This file can be used to enable sshd as a slave of the inetd service
# To do so, the line below should be uncommented.
@COMMENT@ ssh  stream  tcp     nowait  root    /usr/sbin/sshd sshd -i



[-- Attachment #5: Type: text/plain, Size: 218 bytes --]

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Corinna Vinschen]

On Apr  2 23:46, Charles Wilson wrote:
> Attached is an updated implementation of ssh-host-config that uses csih. It 
> seems to work pretty well for the various tests I've put it through, 
> although it REQUIRES csih-0.1.3.

Wow, thanks for doing my job.  I still have this on my TODO list :}
It would be cool if list folks could give it a try.  I will test it
as well, perhaps over the weekend.

> If you are on WinServer2003/2008 or Vista, this should use/create a 
> privileged user. If you already have one (sshd_server, cron_server, or 
> cyg_server), then it will use that. If you don't already have one, then it 
> will create 'cyg_server' -- or ask you for a name.

Just a side note for the records:  Windows Server 2003 also includes
Windows XP x64.  It's the same OS version 5.2, in contrast to XP x86,
which is OS version 5.1.


Thanks again,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Corinna Vinschen]

On Apr  3 10:55, Corinna Vinschen wrote:
> On Apr  2 23:46, Charles Wilson wrote:
> > Attached is an updated implementation of ssh-host-config that uses csih. It 
> > seems to work pretty well for the various tests I've put it through, 
> > although it REQUIRES csih-0.1.3.
> 
> Wow, thanks for doing my job.  I still have this on my TODO list :}
> It would be cool if list folks could give it a try.  I will test it
> as well, perhaps over the weekend.

Looks good to me.  I will upload a new OpenSSH release in the next
couple of days, but I guess I'll wait until you uploaded a new csih
release.

Btw., I have a tiny patch to fix two typos in the file
cygwin-service-installation-helper.sh.  Maybe you could apply them as
well?


Thanks,
Corinna


--- cygwin-service-installation-helper.sh.ORIG	2008-04-07 17:07:20.212750000 +0200
+++ cygwin-service-installation-helper.sh	2008-04-07 17:11:48.056500000 +0200
@@ -1514,7 +1514,7 @@ _csih_setup()
   
     if ! csih_check_dir_perms "${LOCALSTATEDIR}" d..x..x..x
     then
-      csih_error "Proglem with ${LOCALSTATEDIR} directory. Exiting."
+      csih_error "Problem with ${LOCALSTATEDIR} directory. Exiting."
     fi
   
     csih_make_dir "${LOCALSTATEDIR}/run"
@@ -1648,7 +1648,7 @@ csih_create_privileged_user()
         csih_inform "the '${username}' account."
         echo ""
         csih_inform "Also keep in mind that the user '${username}' needs read permissions"
-        csih_inform "for on all users' relevant files for the services running as '${username}'."
+        csih_inform "on all users' relevant files for the services running as '${username}'."
         csih_inform "In particular, for the sshd server all users' .ssh/authorized_keys files"
         csih_inform "must have appropriate permissions to allow public key authentication."
         csih_inform "(Re-)running ssh-user-config for each user will set these permissions"

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Charles Wilson]

Corinna Vinschen wrote:
> On Apr  3 10:55, Corinna Vinschen wrote:
>> On Apr  2 23:46, Charles Wilson wrote:
>>> Attached is an updated implementation of ssh-host-config that uses csih. It 
>>> seems to work pretty well for the various tests I've put it through, 
>>> although it REQUIRES csih-0.1.3.
>> Wow, thanks for doing my job.  I still have this on my TODO list :}
>> It would be cool if list folks could give it a try.  I will test it
>> as well, perhaps over the weekend.
> 
> Looks good to me.  I will upload a new OpenSSH release in the next
> couple of days, but I guess I'll wait until you uploaded a new csih
> release.

Don't forget that ssh-user-config should probably be updated to use csih 
also. Otherwise, it will assume that the privileged user is sshd_server, 
when it might be that, or cyg_server or cron_server.

Instead, it should do:

if csih_is_nt
then
   _user=$(csih_service_should_run_as)
   if ! setfacl -m "u::rwx,u:${_user}:r--,g::---,o::---" \
        "${pwdhome}/.ssh"
   then
     csih_error_multiline \
       "${pwdhome}/.ssh couldn't be given the correct permissions," \
       "assuming that the sshd server is running under the `${_user}'" \
       "account.  Please try to solve this problem first."
   fi
fi


Unfortunately, right now csih_service_should_run_as only works if 
csih_select_privileged_username has been called -- but that function is 
very wordy, and blathers on about 'creating' the privileged user. 
(csih_select_privileged_username, while public, is normally called by 
csih_create_privileged_user).

I need to create an internal csih helper function that can be called by 
csih_service_should_run_as if csih_PRIVILEGED_USERNAME is not already 
set, which will quietly do *some* of the stuff in 
csih_select_privileged_username in order to initialize 
csih_PRIVILEGED_USERNAME.

> Btw., I have a tiny patch to fix two typos in the file
> cygwin-service-installation-helper.sh.  Maybe you could apply them as
> well?

Sure, and thanks.

--
Chuck


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Attn: cygport, openssh, and exim/cron maintainers [Was: [ANNOUNCEMENT] Updated: csih-0.1.3-1]

[Charles Wilson]

I'm trying to be explicit about licensing in csih for the next release. 
I realize it's a little silly to use the GPL on a script (binary == 
source, right?), but it may be necessary because part of it is derived 
from cygport, which is GPLv3.

csih (the script part) has been derived from a number of sources:

#   ssh-host-config Copyright 2000, 2001, 2002, 2003 Red Hat Inc.
#     part of the Cygwin port of OpenSSH
(no explicit licensing)

#   cygport         Copyright (C) 2006, 2007 Yaakov Selkowitz
#     GPL v3
(mostly the messaging functions: csih_inform, csih_error, etc)

#   exim-config     Copyright Pierre A. Humblet, 2003-2007.
#   cron-config     Copyright Pierre A. Humblet, 2003-2007.
(no explicit licensing)

For the csih.sh function library, I'd like to use one of the following 
two licenses:

(1) MIT/X

or

(2) GPLv3 with an exception clause modeled after the javascript example 
from http://www.gnu.org/licenses/gpl-faq.html#WMS. See below.

In both cases, I need permission from the maintainers of the four 
packages above. With respect to csih.sh, I'd prefer MIT/X because (a) 
source == binary, so forcing "make sure the source is available" seems a 
bit silly, and (b) just less hassle all around.

In either case, the intent is so that the various foo-config scripts 
don't have to be as concerned about their own license terms, as long as 
they are just using csih.  Of course, if you copy the code for 
csih_foo() so that you can make a modified version of that function, 
then the full terms -- GPLv3 "viralness and all" if option #2, or no 
real impact if option #1 -- apply.


========= snip (option #2) ==========
This file, cygwin-service-installation-helper.sh, is part of csih. csih 
has several components which are distributed under various licenses.

cygwin-service-installation-helper.sh is free software: you can 
redistribute it and/or modify it under the terms of the GNU General 
Public License as published by the Free Software Foundation, either 
version 3 of the License, or (at your option) any later version.

cygwin-service-installation-helper.sh is distributed in the hope that it 
will be useful, but WITHOUT ANY WARRANTY; without even the implied 
warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See 
the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along 
with csih.  If not, see <http://www.gnu.org/licenses/>.

As a special exception to GPL, any shell script or executable that 
merely makes function calls to this code, and for that purpose includes 
it by reference shall be deemed a separate work for copyright law 
purposes. In addition, the copyright holders of this code give you 
permission to combine this code with free software libraries that are 
released under the GNU LGPL. You may copy and distribute such a system 
following the terms of the GNU GPL for this code and the LGPL for the 
libraries. If you modify this code, you may extend this exception to 
your version of the code, but you are not obligated to do so. If you do 
not wish to do so, delete this exception statement from your version.
========= snap ==========

Can I get a yes or no from the three maintainers of all four of the 
packages listed below, on the following questions:

openssh
cygport
exim, cron

Can I use the MIT/X license for the portions of 
cygwin-service-installation-helper.sh that were derived from the config 
script(s) under your control?

Can I use the GPLv3-with-exception license above for the portions of 
cygwin-service-installation-helper.sh that were derived from the config 
script(s) under your control?

If both, which do you prefer?

--
Chuck

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Charles Wilson]

[-- Attachment #1: Type: text/plain, Size: 263 bytes --]

Well, I'm waiting for answers to the questions here:
   http://cygwin.com/ml/cygwin/2008-04/msg00211.html
from Corinna and Yaakov, but in the meantime:

Here's a version of ssh-user-config that works with CVS csih (what will 
become 0.1.4 very soon).

--
Chuck



[-- Attachment #2: ssh-user-config --]
[-- Type: text/plain, Size: 10882 bytes --]

#!/bin/bash
#
# ssh-user-config, Copyright 2000, 2001, 2002, 2003, Red Hat Inc.
#
# This file is part of the Cygwin port of OpenSSH.

# ======================================================================
# Initialization
# ======================================================================
PROGNAME=$(basename -- $0)
_tdir=$(dirname -- $0)
PROGDIR=$(cd $_tdir && pwd)

CSIH_SCRIPT=/usr/share/csih/cygwin-service-installation-helper.sh

# Subdirectory where the new package is being installed
PREFIX=/usr

# Directory where the config files are stored
SYSCONFDIR=/etc

source ${CSIH_SCRIPT}

auto_passphrase="no"
passphrase=""
pwdhome=
with_passphrase=
sshd_user=

# ======================================================================
# Routine: create_ssh1_identity
#   optionally create ~/.ssh/identity[.pub]
#   optionally add result to ~/.ssh/authorized_keys
# ======================================================================
create_ssh1_identity() {
  if [ ! -f "${pwdhome}/.ssh/identity" ]
  then
    if csih_request "Shall I create an SSH1 RSA identity file for you?"
    then
      csih_inform "Generating ${pwdhome}/.ssh/identity"
      if [ "${with_passphrase}" = "yes" ]
      then
        ssh-keygen -t rsa1 -N "${passphrase}" -f "${pwdhome}/.ssh/identity" > /dev/null
      else
        ssh-keygen -t rsa1 -f "${pwdhome}/.ssh/identity" > /dev/null
      fi
      if csih_request "Do you want to use this identity to login to this machine?"
      then
        csih_inform "Adding to ${pwdhome}/.ssh/authorized_keys"
        cat "${pwdhome}/.ssh/identity.pub" >> "${pwdhome}/.ssh/authorized_keys"
      fi
    fi
  fi
} # === End of create_ssh1_identity() === #
readonly -f create_ssh1_identity

# ======================================================================
# Routine: create_ssh2_rsa_identity
#   optionally create ~/.ssh/id_rsa[.pub]
#   optionally add result to ~/.ssh/authorized_keys
# ======================================================================
create_ssh2_rsa_identity() {
  if [ ! -f "${pwdhome}/.ssh/id_rsa" ]
  then
    if csih_request "Shall I create an SSH2 RSA identity file for you?"
    then
      csih_inform "Generating ${pwdhome}/.ssh/id_rsa"
      if [ "${with_passphrase}" = "yes" ]
      then
        ssh-keygen -t rsa -N "${passphrase}" -f "${pwdhome}/.ssh/id_rsa" > /dev/null
      else
        ssh-keygen -t rsa -f "${pwdhome}/.ssh/id_rsa" > /dev/null
      fi
      if csih_request "Do you want to use this identity to login to this machine?"
      then
        csih_inform "Adding to ${pwdhome}/.ssh/authorized_keys"
        cat "${pwdhome}/.ssh/id_rsa.pub" >> "${pwdhome}/.ssh/authorized_keys"
      fi
    fi
  fi
} # === End of create_ssh2_rsa_identity() === #
readonly -f create_ssh2_rsa_identity

# ======================================================================
# Routine: create_ssh2_dsa_identity
#   optionally create ~/.ssh/id_dsa[.pub]
#   optionally add result to ~/.ssh/authorized_keys
# ======================================================================
create_ssh2_dsa_identity() {
  if [ ! -f "${pwdhome}/.ssh/id_dsa" ]
  then
    if csih_request "Shall I create an SSH2 DSA identity file for you?"
    then
      csih_inform "Generating ${pwdhome}/.ssh/id_dsa"
      if [ "${with_passphrase}" = "yes" ]
      then
        ssh-keygen -t dsa -N "${passphrase}" -f "${pwdhome}/.ssh/id_dsa" > /dev/null
      else
        ssh-keygen -t dsa -f "${pwdhome}/.ssh/id_dsa" > /dev/null
      fi
      if csih_request "Do you want to use this identity to login to this machine?"
      then
        csih_inform "Adding to ${pwdhome}/.ssh/authorized_keys"
        cat "${pwdhome}/.ssh/id_dsa.pub" >> "${pwdhome}/.ssh/authorized_keys"
      fi
    fi
  fi
} # === End of create_ssh2_dsa_identity() === #
readonly -f create_ssh2_dsa_identity

# ======================================================================
# Routine: check_user_homedir
#   Perform various checks on the user's home directory
# SETS GLOBAL VARIABLE:
#   pwdhome
# ======================================================================
check_user_homedir() {
  local uid=$(id -u)
  pwdhome=$(awk -F: '{ if ( $3 == '${uid}' ) print $6; }' < ${SYSCONFDIR}/passwd)
  if [ "X${pwdhome}" = "X" ]
  then
    csih_error_multiline \
      "There is no home directory set for you in ${SYSCONFDIR}/passwd." \
      'Setting $HOME is not sufficient!'
  fi
  
  if [ ! -d "${pwdhome}" ]
  then
    csih_error_multiline \
      "${pwdhome} is set in ${SYSCONFDIR}/passwd as your home directory" \
      'but it is not a valid directory. Cannot create user identity files.'
  fi
  
  # If home is the root dir, set home to empty string to avoid error messages
  # in subsequent parts of that script.
  if [ "X${pwdhome}" = "X/" ]
  then
    # But first raise a warning!
    csih_warning "Your home directory in ${SYSCONFDIR}/passwd is set to root (/). This is not recommended!"
    if csih_request "Would you like to proceed anyway?"
    then
      pwdhome=''
    else
      csih_warning "Exiting. Configuration is not complete"
      exit 1
    fi
  fi
  
  if [ -d "${pwdhome}" -a csih_is_nt -a -n "`chmod -c g-w,o-w "${pwdhome}"`" ]
  then
    echo
    csih_warning 'group and other have been revoked write permission to your home'
    csih_warning "directory ${pwdhome}."
    csih_warning 'This is required by OpenSSH to allow public key authentication using'
    csih_warning 'the key files stored in your .ssh subdirectory.'
    csih_warning 'Revert this change ONLY if you know what you are doing!'
    echo
  fi
} # === End of check_user_homedir() === #
readonly -f check_user_homedir

# ======================================================================
# Routine: check_user_dot_ssh_dir
#   Perform various checks on the ~/.ssh directory
# PREREQUISITE:
#   pwdhome -- check_user_homedir()
# ======================================================================
check_user_dot_ssh_dir() {
  if [ -e "${pwdhome}/.ssh" -a ! -d "${pwdhome}/.ssh" ]
  then
    csih_error "${pwdhome}/.ssh is existant but not a directory. Cannot create user identity files."
  fi
  
  if [ ! -e "${pwdhome}/.ssh" ]
  then
    mkdir "${pwdhome}/.ssh"
    if [ ! -e "${pwdhome}/.ssh" ]
    then
      csih_error "Creating users ${pwdhome}/.ssh directory failed"
    fi
  fi
} # === End of check_user_dot_ssh_dir() === #
readonly -f check_user_dot_ssh_dir

# ======================================================================
# Routine: compute_sshd_user
#   Computes the account under which the sshd server should run
# PREREQUISITE:
#   pwdhome -- check_user_homedir()
# ======================================================================
compute_sshd_user() {
  if csih_is_nt
  then
    csih_select_privileged_username -q sshd
    sshd_user=$(csih_service_should_run_as)
    if ! setfacl -m "u::rwx,u:${sshd_user}:r--,g::---,o::---" \
         "${pwdhome}/.ssh"
    then
      csih_error_multiline \
        "${pwdhome}/.ssh couldn't be given the correct permissions," \
        "assuming that the sshd server is running under the '${sshd_user}'" \
        "account.  Please try to solve this problem first."
    fi
  fi
} # === End of compute_sshd_user() === #
readonly -f compute_sshd_user

# ======================================================================
# Routine: fix_authorized_keys_perms
#   Corrects the permissions of ~/.ssh/authorized_keys
# PREREQUISITE:
#   pwdhome   -- check_user_homedir()
#   sshd_user -- compute_sshd_user()
# ======================================================================
fix_authorized_keys_perms() {
  if [ csih_is_nt -a -e "${pwdhome}/.ssh/authorized_keys" ]
  then
    if ! setfacl -m "u::rw-,u:${sshd_user}:r--,g::---,o::---" "${pwdhome}/.ssh/authorized_keys"
    then
      csih_warning "Setting correct permissions to ${pwdhome}/.ssh/authorized_keys"
      csih_warning "failed.  Please care for the correct permissions.  The minimum requirement"
      csih_warning "is, the owner and ${sshd_user} both need read permissions."
      echo
    fi
  fi
} # === End of fix_authorized_keys_perms() === #
readonly -f fix_authorized_keys_perms


# ======================================================================
# Main Entry Point
# ======================================================================

# Check how the script has been started.  If
#   (1) it has been started by giving the full path and
#       that path is /etc/postinstall, OR
#   (2) Otherwise, if the environment variable
#       SSH_USER_CONFIG_AUTO_ANSWER_NO is set
# then set auto_answer to "no".  This allows automatic
# creation of the config files in /etc w/o overwriting
# them if they already exist.  In both cases, color
# escape sequences are suppressed, so as to prevent
# cluttering setup's logfiles.
if [ "$PROGDIR" = "/etc/postinstall" ]
then
  csih_auto_answer="no"
  csih_disable_color
fi
if [ -n "${SSH_USER_CONFIG_AUTO_ANSWER_NO}" ]
then
  csih_auto_answer="no"
  csih_disable_color
fi

# ======================================================================
# Parse options
# ======================================================================
while :
do
  case $# in
  0)
    break
    ;;
  esac

  option=$1
  shift

  case "$option" in
  -d | --debug )
    set -x
    csih_trace_on
    ;;

  -y | --yes )
    csih_auto_answer=yes
    ;;

  -n | --no )
    csih_auto_answer=no
    ;;

  -p | --passphrase )
    with_passphrase="yes"
    passphrase=$1
    shift
    ;;

  --privileged )
    csih_FORCE_PRIVILEGED_USER=yes
    ;;

  *)
    echo "usage: ${PROGNAME} [OPTION]..."
    echo
    echo "This script creates an OpenSSH user configuration."
    echo
    echo "Options:"
    echo "    --debug      -d        Enable shell's debug output."
    echo "    --yes        -y        Answer all questions with \"yes\" automatically."
    echo "    --no         -n        Answer all questions with \"no\" automatically."
    echo "    --passphrase -p word   Use \"word\" as passphrase automatically."
    echo "    --privileged           On Windows NT/2k/XP, assume privileged user"
    echo "                           instead of LocalSystem for sshd service."
    echo
    exit 1
    ;;

  esac
done

# ======================================================================
# Action!
# ======================================================================

# Check passwd file
if [ ! -f ${SYSCONFDIR}/passwd ]
then
  csih_error_multiline \
    "${SYSCONFDIR}/passwd is nonexistant. Please generate an ${SYSCONFDIR}/passwd file" \
    'first using mkpasswd. Check if it contains an entry for you and' \
    'please care for the home directory in your entry as well.'
fi

check_user_homedir
check_user_dot_ssh_dir
compute_sshd_user
create_ssh1_identity
create_ssh2_rsa_identity
create_ssh2_dsa_identity
fix_authorized_keys_perms

echo
csih_inform "Configuration finished. Have fun!"



[-- Attachment #3: Type: text/plain, Size: 218 bytes --]

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Charles Wilson]

Corinna Vinschen wrote:
> Looks good to me.  I will upload a new OpenSSH release in the next
> couple of days, but I guess I'll wait until you uploaded a new csih
> release.

A couple of reminders:
(1) add csih to requires:

(2) the implementation of ssh-host-config I posted adds a dependency on 
diffutils, which is not a 'base' package, so that's another requires:

(3) don't forget the /etc/defaults/etc/inetd.d/sshd-inetd file from here:
   http://cygwin.com/ml/cygwin/2008-04/msg00079.html

--
Chuck


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: Attn: cygport, openssh, and exim/cron maintainers [Was: [ANNOUNCEMENT] Updated: csih-0.1.3-1]

[Corinna Vinschen]

On Apr  7 21:18, Charles Wilson wrote:
> I'm trying to be explicit about licensing in csih for the next release. I 
> realize it's a little silly to use the GPL on a script (binary == source, 
> right?), but it may be necessary because part of it is derived from 
> cygport, which is GPLv3.
>
> csih (the script part) has been derived from a number of sources:
>
> #   ssh-host-config Copyright 2000, 2001, 2002, 2003 Red Hat Inc.
> #     part of the Cygwin port of OpenSSH
> (no explicit licensing)

It's implicitely BSD licensed due to it's nature to be part of the
OpenSSH source tree.  I will stick to this notion for the
ssh-host-config and ssh-user-config script.

> #   cygport         Copyright (C) 2006, 2007 Yaakov Selkowitz
> #     GPL v3
> (mostly the messaging functions: csih_inform, csih_error, etc)
>
> #   exim-config     Copyright Pierre A. Humblet, 2003-2007.
> #   cron-config     Copyright Pierre A. Humblet, 2003-2007.
> (no explicit licensing)
>[...]
> Can I use the MIT/X license for the portions of 
> cygwin-service-installation-helper.sh that were derived from the config 
> script(s) under your control?

The MIT license is fine with me.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Corinna Vinschen]

On Apr  8 01:21, Charles Wilson wrote:
> Well, I'm waiting for answers to the questions here:
>   http://cygwin.com/ml/cygwin/2008-04/msg00211.html
> from Corinna and Yaakov, but in the meantime:
>
> Here's a version of ssh-user-config that works with CVS csih (what will 
> become 0.1.4 very soon).

Cool, thanks!  

I'll have a look,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Corinna Vinschen]

On Apr  8 01:30, Charles Wilson wrote:
> Corinna Vinschen wrote:
>> Looks good to me.  I will upload a new OpenSSH release in the next
>> couple of days, but I guess I'll wait until you uploaded a new csih
>> release.
>
> A couple of reminders:
> (1) add csih to requires:
>
> (2) the implementation of ssh-host-config I posted adds a dependency on 
> diffutils, which is not a 'base' package, so that's another requires:
>
> (3) don't forget the /etc/defaults/etc/inetd.d/sshd-inetd file from here:
>   http://cygwin.com/ml/cygwin/2008-04/msg00079.html

Yes, yes and yes.


Thanks,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Corinna Vinschen]

On Apr  8 10:12, Corinna Vinschen wrote:
> On Apr  8 01:21, Charles Wilson wrote:
> > Well, I'm waiting for answers to the questions here:
> >   http://cygwin.com/ml/cygwin/2008-04/msg00211.html
> > from Corinna and Yaakov, but in the meantime:
> >
> > Here's a version of ssh-user-config that works with CVS csih (what will 
> > become 0.1.4 very soon).
> 
> Cool, thanks!  
> 
> I'll have a look,
> Corinna

Looks ok, but I have a few questions/comments.

- When the script starts, the following text appears:

*** Info: You appear to be running Windows 2003 Server or later.  On 2003 and
*** Info: later systems, it's not possible to use the LocalSystem account
*** Info: for services that can change the user id without an explicit password
*** Info: (such as passwordless logins [e.g. public key authentication] via sshd).

*** Info: If you want to enable that functionality, it's required to create a new
*** Info: account with special privileges (unless a similar account already exists).
*** Info: This account is then used to run these special servers.

*** Info: Note that creating a new user requires that the current account have
*** Info: Administrator privileges itself.

*** Info: The following privileged accounts were found: 'cyg_server' .

*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will not be able to log on interactively, but will only
*** Info: be used by registered services.
*** Query: Do you want to use different name? (yes/no) no

The query "Do you want to use different name?" is a bit upside down,
IMHO.  The query should be rather phrased positively "Do you want to use 
t name?"

However, I think the whole message is too noisy and confusing for
non-admins.  The default user doesn't actually know which user name the
sshd service is running under.  Additionally, given that Cygwin opens
files always with BACKUP_INTENT for a while anyway, and given that the
service account is a member of the administrators group, which has
backup user rights, there's not much reason anymore to add the service
account to the ACL.  I fear that's just old cruft in the ssh-user-script.

But, here's a question:  Shouldn't the csih_privileged_accounts() function
check the service itself, rather than testing possible names with `net
user'?  It would be as simple as giving csih_privileged_accounts the
service name as $1 argument, and then extract the user name with something
along the lines of

  svc_user=$(regtool get '/HKLM/SYSTEM/CurrentControlSet/Services/$1/ObjectName')
  svc_user="${svc_user/\.\\/$COMPUTERNAME}"
  svc_user=$([ "$svc_user" = "LocalSystem" ] && echo "SYSTEM" || echo $(fgrep "${svc_user}" /etc/passwd | cut -d: -f 1))


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Charles Wilson]

Corinna Vinschen wrote:
> On Apr  9 10:55, Charles Wilson wrote:
>> Hopefully, that's more acceptable for ssh-user-config?
> 
> My bad, I didn't update csih to CVS.  I still think that's too much for
> ssh-user-config.  But since we don't need the setfacl anymore, that's
> a moot point now.

It may be a moot point for ssh-user-config, but it could be a useful 
behavior for some other -user-config (maybe cron user customizations?). 
  So, I've gone ahead and made the behavior silent if the 
associated/specified server is already installed. See below.

> And that was really very nice.  I'm not trying to critizise the general
> approach.  I just think we (that is: I) should get rid of the entire
> message and the setfacl in ssh-user-config.

Well, that will certainly simplify things. However, operating on the old 
assumption, the new (not even in CVS yet) version of csih lets you do this:

compute_sshd_user() {
   if csih_is_nt
   then
     if ! cygrunsrv -Q sshd >/dev/null 2>&1
     then
       csih_select_privileged_username -q sshd
     fi
     sshd_user=$(csih_service_should_run_as sshd)
     if ! setfacl -m "u::rwx,u:${sshd_user}:r--,g::---,o::---" \
          "${pwdhome}/.ssh"
     then
       csih_error_multiline \
     ....
}

(a) if your service is installed, then you go directly to 
csih_service_should_run_as with the (new, optional) argument 'sshd'

(b) otherwise, behavior is the "quiet but not silent" I described in my 
last email -- and that all arises from calling 
csih_select_privileged_username -q sshd -- which is why the client 
(ssh-user-config) skips it if possible.

>>>  svc_user=$(regtool get '/HKLM/SYSTEM/CurrentControlSet/Services/$1/ObjectName')
>>>  svc_user="${svc_user/\.\\/$COMPUTERNAME}"
>>>  svc_user=$([ "$svc_user" = "LocalSystem" ] && echo "SYSTEM" || echo $(fgrep "${svc_user}" /etc/passwd | cut -d: -f 1))
>> (a) csih_select_privileged_username (in CVS) already optionally accepts
>> the service name in addition to the -q option. Currently it is only used
>> to customize the Info: messages (see ${opt_servicename}, above).  So
>> this is even easier to add than you imagine -- if it is truly desirable
>> to do so.
>>
>> (b) You could also do 'foo=$(cygrunsrv -V -L ${service} | sed -n
>> '/Account/p' | awk '{print $NF}'); foo=$(basename $foo)' which amounts
>> to the same thing.
> 
> Urgh!  Isn't it embarassing that *I* missed to use cygrunsrv for that?

Well, my version wasn't exactly right either. You need to (and the new, 
not even in CVS yet version does) do this:

username=$(cygrunsrv -V -Q "${opt_servicename}" 2>&1 |\
     sed -n -e '/^Account/s/^.* : //p')
username="${username/\.\\/${COMPUTERNAME}\\}"
# and then something like
[ "${username}" = "LocalSystem" ] \
    && username=SYSTEM \
    || username=$(fgrep "${username}" /etc/passwd | cut -d: -f 1)

> 
>> (c) But what if ${service} has not yet been installed, even though [a]
>> common service account exists [perhaps used by some other installed
>> cygwin service]?  Then you'd still need the existing logic...
> 
> Right, but that should probably be a fallback.  

Ok, that's the way it works now.  But it is also why the user-config 
client needs to check 'cygrunsrv -Q myservice' and call
   csih_select_privileged_username -q myservice
if the service is not already installed.

> If the service exists,
> it could run under *any* account.  It might be interesting for csih to
> check always for the user running the service, not only on 2k3 and
> above.

OK, csih_select_privileged_username only cares for users with the 
special (required on nt2003) perms -- therefore, it still checks 
is_nt20003 || (nt && force_privileged).  However, if the service is 
installed, then 'csih_service_should_run_as myservice' will return the 
user it is installed under, regardless of OS.

(Well, 9x always returns "")

If the service is not installed, then the behavior of 
sih_service_should_run_a is as before:
   nt2003: find pre-existing 'well-known' privileged user and specify 
that, or
           default to cyg_server
   nt && !nt2003 && !force_privileged: default to SYSTEM
   !nt (e.g. 9x): ""

> For the ssh-user-config script you won't need it anymore.  I have a 
> hard time to see that a normal user should know or decide about stuff
> like that. 

Well, with the incantation in compute_sshd_user() above, IF the admin 
has already installed the service, then the user-config script will be 
silent (at least with regards to these issues concerning the service's 
user account.)  It will only print messages (and perhaps ask questions 
the user is ill-equipped to answer) if the user-config script is run but 
the associated server has not been installed.

Of course, if you don't care what sshd_user is, then you don't call 
either of
   csih_select_privileged_username
   csih_service_should_run_as
and it's guaranteed to be quiet. <g>

> Nothing of that is actually helpful or informative for a
> "just-a-user" user.  And except for setting permissions (which isn't
> necessary!) I really think we should not call this function from pure
> user config scripts.

That's up to the maintainer of each csih client package. You don't want 
to call these 'hey, what account is the server running as?' function, 
you don't need to.

--
Chuck

P.S. "not even in CVS yet" -- because in anticipation of getting 
approval from Corinna, Pierre, and Yaakov for explicitly specifying the 
license terms of csih.sh, I went ahead an made those changes to NEWS, 
COPYING, csih.sh, AUTHORS, etc.

Corinna: MIT/X ok
Pierre: MIT/X ok
Yaakov: ...

Yaakov?

Bueller?

Is this thing on?

<tap>, <tap>

hello?


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Mark J. Reed]

On Wed, Apr 9, 2008 at 12:38 PM, Matt Wozniski <godlygeek@gmail.com> wrote:
> On Wed, Apr 9, 2008 at 12:20 PM, Mark J. Reed wrote:
>  > Sorry for interrupting, but what is csih?
>
>  First sentence of the first post of the thread:

...which I don't seem to have received, for some reason.  The first
message I have is from Corrina, obviously a reply to Charles, but I
don't have Charles' message.  Odd.

Thanks for the quote.

-- 
Mark J. Reed <markjreed@mail.com>

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Matt Wozniski]

On Wed, Apr 9, 2008 at 12:20 PM, Mark J. Reed wrote:
> Sorry for interrupting, but what is csih?

First sentence of the first post of the thread:

csih (cygwin-service-installation-helper) provides a library of shell
functions that can be used by other cygwin packages that provide
servers and daemons. It can assist in various service installation
tasks, such as:
[snip]

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Mark J. Reed]

Sorry for interrupting, but what is csih?

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Corinna Vinschen]

On Apr  9 10:55, Charles Wilson wrote:
> On Wed, 9 Apr 2008 14:09:56 +0200, Corinna Vinschen wrote:
> >Looks ok, but I have a few questions/comments.
> >
> >- When the script starts, the following text appears:
> [snip verbose output]
> >However, I think the whole message is too noisy and confusing for
> >non-admins.  
> 
> That is odd. That particular text was mostly taken from ssh-host-config,
> and should only appear if your script calls
> csih_select_privileged_username() with no arguments (or if you are using
> csih-0.1.3, instead of CVS csih) -- that is, the way ssh-host-config
> calls it.  The older version of csih_select_privileged_username ignores
> its arguments; the newer one honors the '-q' option that [my]
> ssh-user-config gives it. In which case, what you should see is
> something like the following (but only if nt2003 or
> csih_FORCE_PRIVILEGED_USER):
> 
> *** Info: The following privileged accounts were found: ....
> *** Info: This script will assume that ${opt_servicename} will run under
> the"
> *** Info: '${username}' account."
> *** Query: Will ${opt_servicename} run under a different account?" 
> [yes/no], if yes, then:
> *** Query: Enter the user name used by ${opt_servicename}:
> 
> Hopefully, that's more acceptable for ssh-user-config?

My bad, I didn't update csih to CVS.  I still think that's too much for
ssh-user-config.  But since we don't need the setfacl anymore, that's
a moot point now.

> >Additionally, given that Cygwin opens
> >files always with BACKUP_INTENT for a while anyway, and given that the
> >service account is a member of the administrators group, which has
> >backup user rights, there's not much reason anymore to add the service
> >account to the ACL.  I fear that's just old cruft in the ssh-user-script.
> 
> Well, that's up to you. I wanted to do something that was as close to
> equivalent as the existing ssh-[host|user]-config, with only those
> changes necessary to support a common service account whose name might
> not be 'sshd_service'.

And that was really very nice.  I'm not trying to critizise the general
approach.  I just think we (that is: I) should get rid of the entire
message and the setfacl in ssh-user-config.

> >The query "Do you want to use different name?" is a bit upside down,
> >IMHO.  The query should be rather phrased positively "Do you want to use 
> >t name?"
> 
> I already addressed this:
> http://cygwin.com/ml/cygwin/2008-03/msg00447.html
> 
> Phrasing that question in the opposite sense breaks postinstall scripts,
> where auto_answer="no". That is:
> 
> Do you want to use this name? <no>
> Enter the name you want to use: <hangs>
> 
> ...and that would be bad. Now, the openssh package does not invoke its
> config scripts from /etc/postinstall, but others do. So I need to take
> care that the auto_answer="no" case never hangs.

Ok, agreed.

> >  svc_user=$(regtool get '/HKLM/SYSTEM/CurrentControlSet/Services/$1/ObjectName')
> >  svc_user="${svc_user/\.\\/$COMPUTERNAME}"
> >  svc_user=$([ "$svc_user" = "LocalSystem" ] && echo "SYSTEM" || echo $(fgrep "${svc_user}" /etc/passwd | cut -d: -f 1))
> 
> (a) csih_select_privileged_username (in CVS) already optionally accepts
> the service name in addition to the -q option. Currently it is only used
> to customize the Info: messages (see ${opt_servicename}, above).  So
> this is even easier to add than you imagine -- if it is truly desirable
> to do so.
> 
> (b) You could also do 'foo=$(cygrunsrv -V -L ${service} | sed -n
> '/Account/p' | awk '{print $NF}'); foo=$(basename $foo)' which amounts
> to the same thing.

Urgh!  Isn't it embarassing that *I* missed to use cygrunsrv for that?

> (c) But what if ${service} has not yet been installed, even though [a]
> common service account exists [perhaps used by some other installed
> cygwin service]?  Then you'd still need the existing logic...

Right, but that should probably be a fallback.  If the service exists,
it could run under *any* account.  It might be interesting for csih to
check always for the user running the service, not only on 2k3 and
above.

> Furthermore, remember that these routines are shared between (the more
> common) install-a-service config scripts, and (less common) user config
> scripts like ssh-user-config.  In the former [common] case, assuming
> ${service} is not installed, you will always need the existing logic.

For the ssh-user-config script you won't need it anymore.  I have a 
hard time to see that a normal user should know or decide about stuff
like that.  Nothing of that is actually helpful or informative for a
"just-a-user" user.  And except for setting permissions (which isn't
necessary!) I really think we should not call this function from pure
user config scripts.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Re: [ANNOUNCEMENT] Updated: csih-0.1.3-1

[Charles Wilson]

On Wed, 9 Apr 2008 14:09:56 +0200, Corinna Vinschen wrote:
>Looks ok, but I have a few questions/comments.
>
>- When the script starts, the following text appears:
[snip verbose output]
>However, I think the whole message is too noisy and confusing for
>non-admins.  

That is odd. That particular text was mostly taken from ssh-host-config,
and should only appear if your script calls
csih_select_privileged_username() with no arguments (or if you are using
csih-0.1.3, instead of CVS csih) -- that is, the way ssh-host-config
calls it.  The older version of csih_select_privileged_username ignores
its arguments; the newer one honors the '-q' option that [my]
ssh-user-config gives it. In which case, what you should see is
something like the following (but only if nt2003 or
csih_FORCE_PRIVILEGED_USER):

*** Info: The following privileged accounts were found: ....
*** Info: This script will assume that ${opt_servicename} will run under
the"
*** Info: '${username}' account."
*** Query: Will ${opt_servicename} run under a different account?" 
[yes/no], if yes, then:
*** Query: Enter the user name used by ${opt_servicename}:

Hopefully, that's more acceptable for ssh-user-config?

>The default user doesn't actually know which user name the
>sshd service is running under.

Well, maybe. But what if ssh-host-config hasn't yet been run? see below.

>Additionally, given that Cygwin opens
>files always with BACKUP_INTENT for a while anyway, and given that the
>service account is a member of the administrators group, which has
>backup user rights, there's not much reason anymore to add the service
>account to the ACL.  I fear that's just old cruft in the ssh-user-script.

Well, that's up to you. I wanted to do something that was as close to
equivalent as the existing ssh-[host|user]-config, with only those
changes necessary to support a common service account whose name might
not be 'sshd_service'.

Now, as to:

>The query "Do you want to use different name?" is a bit upside down,
>IMHO.  The query should be rather phrased positively "Do you want to use 
>t name?"

I already addressed this:
http://cygwin.com/ml/cygwin/2008-03/msg00447.html

Phrasing that question in the opposite sense breaks postinstall scripts,
where auto_answer="no". That is:

Do you want to use this name? <no>
Enter the name you want to use: <hangs>

...and that would be bad. Now, the openssh package does not invoke its
config scripts from /etc/postinstall, but others do. So I need to take
care that the auto_answer="no" case never hangs.

>But, here's a question:  Shouldn't the csih_privileged_accounts() function
>check the service itself, rather than testing possible names with `net
>user'?  It would be as simple as giving csih_privileged_accounts the
>service name as $1 argument, and then extract the user name with something
>along the lines of
>
>  svc_user=$(regtool get '/HKLM/SYSTEM/CurrentControlSet/Services/$1/ObjectName')
>  svc_user="${svc_user/\.\\/$COMPUTERNAME}"
>  svc_user=$([ "$svc_user" = "LocalSystem" ] && echo "SYSTEM" || echo $(fgrep "${svc_user}" /etc/passwd | cut -d: -f 1))

(a) csih_select_privileged_username (in CVS) already optionally accepts
the service name in addition to the -q option. Currently it is only used
to customize the Info: messages (see ${opt_servicename}, above).  So
this is even easier to add than you imagine -- if it is truly desirable
to do so.

(b) You could also do 'foo=$(cygrunsrv -V -L ${service} | sed -n
'/Account/p' | awk '{print $NF}'); foo=$(basename $foo)' which amounts
to the same thing.

(c) But what if ${service} has not yet been installed, even though [a]
common service account exists [perhaps used by some other installed
cygwin service]?  Then you'd still need the existing logic...

Furthermore, remember that these routines are shared between (the more
common) install-a-service config scripts, and (less common) user config
scripts like ssh-user-config.  In the former [common] case, assuming
${service} is not installed, you will always need the existing logic.

If csih_select_privileged_username() short-circuits the existing logic
when ${service} is already installed, then you can never change the user
under which  ${service} runs, without first de-registering ${service}. 
Maybe that's a good thing, but right now (and in the exising
ssh-host-config) I *think* you can run it "again" and choose a different
user, and cygrunsrv will happily modify the existing registered
${service}.  I didn't think it was my place to make that behavior
change.

But as I said, maybe it's a GOOD thing to disallow that, without
explicitly deregistering ${service} first.

--
Chuck

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/