From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 9101 invoked by alias); 6 Mar 2019 23:44:41 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 9090 invoked by uid 89); 6 Mar 2019 23:44:41 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-0.7 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_2,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=ham version=3.3.1 spammy=HX-Spam-Relays-External:sk:mail-pg, familiar X-HELO: mail-pg1-f177.google.com Received: from mail-pg1-f177.google.com (HELO mail-pg1-f177.google.com) (209.85.215.177) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Wed, 06 Mar 2019 23:44:40 +0000 Received: by mail-pg1-f177.google.com with SMTP id q206so9691602pgq.4 for ; Wed, 06 Mar 2019 15:44:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=berkeley-edu.20150623.gappssmtp.com; s=20150623; h=from:date:to:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=Q+ryTtrjQENOrWiJRMastYg0k7NR0tXKucp4uZMBW4w=; b=VUQvkwuBIpv3OPf6cXK0A41+hvwv0LYA3Pd2/WicUyxQ45vee9dG1t+jr+b4bWoVk0 yih3ezvH197JZpcqEPUuDLNQXzV4NBZUFx9Q+/LDMLgIUzx358BDoQHm2ZL6gc7XDYPU PbTFIfcGPJxk/EAYpF9vuir4QjdOiNRT0/U2uzXbcO4u/tdyidiqcusXoZaS2vLoK0Oh EsMAEbmnETqIHB8ugE3FhgJ1a6t/uBd2+vbcBxfon3em1xmdhVCpWyZnlApqg7WtouSn FDlpNSn9TuLFUg0Z5kMjgjEQBb4/gSmi+6se0BghlzISXvU/rduTuzGoQzD19/biPwB5 +UqA== Return-Path: Received: from zebra.localdomain (173-164-243-238-SFBA.hfc.comcastbusiness.net. [173.164.243.238]) by smtp.gmail.com with ESMTPSA id c3sm8869019pfg.53.2019.03.06.15.44.37 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 06 Mar 2019 15:44:37 -0800 (PST) From: Stephen Paul Carrier Received: by zebra.localdomain (Postfix, from userid 510) id 5921140BCE; Wed, 6 Mar 2019 15:44:36 -0800 (PST) Date: Wed, 06 Mar 2019 23:44:00 -0000 To: cygwin@cygwin.com Subject: Re: sshd problem on WS2008R2 64bit Message-ID: <20190306234436.GA3085@zebra> References: <20190306124816.GR3785@calimero.vinschen.de> <20190306141716.GS3785@calimero.vinschen.de> <20190306143424.GU3785@calimero.vinschen.de> <20190306153404.GX3785@calimero.vinschen.de> <20190306201331.GB3785@calimero.vinschen.de> <20190306205931.GC3785@calimero.vinschen.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.9.1 (2017-09-22) X-IsSubscribed: yes X-SW-Source: 2019-03/txt/msg00124.txt.bz2 On Wed, Mar 06, 2019 at 02:24:59PM -0700, Bill Stewart wrote: ... > For my part, I'm writing a PowerShell script that does the following: > > 1) Create a local user account > 2) Grant it SeBatchLogonRight > 3) Create a scheduled task for it Powershell is probably more elegant if you're familiar with it, but I found this bash sequence that does the trick: ----- PW=`dd if=/dev/random bs=15 count=1 | base 64` net user s4udummy /add net user s4udummy $PW wmic USERACCOUNT WHERE NAME=\'s4udummy\' SET PasswordExpires=FALSE /usr/bin/editrights -u s4udummy -a SeBatchLogonRight schtasks /create /tn wake-s4u /sc ONSTART /ru s4udummy /rp $PW \ /tr '"$SYSTEMROOT"\\System32\\cmd.exe /c exit' sc config cron depend= Schedule ----- I added the last statement, to make cron dependent on the Task Scheduler, because my crontabs use '@reboot' and I am worried about cron trying to spawn an important job before the Task Scheduler has a chance to fix seteuid(). The dependency isn't logically sufficient as wake-s4u job needs some time to finish. But its working so far. I can configure cron to start with a delay should Task Scheduler ever lose the race. Thanks everyone for quick attention to this problem and the workaround! --Stephen -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple