From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from bird.elm.relay.mailchannels.net (bird.elm.relay.mailchannels.net [23.83.212.17]) by sourceware.org (Postfix) with ESMTPS id 0E06C388A409 for ; Tue, 29 Jun 2021 06:35:28 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 0E06C388A409 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=optimation.com.au Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=optimation.com.au X-Sender-Id: netregistryptyltd|x-authuser|davido@optimation.com.au Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 5AB1B482789; Tue, 29 Jun 2021 06:35:27 +0000 (UTC) Received: from awcp059.server-cpanel.com (100-96-13-105.trex.outbound.svc.cluster.local [100.96.13.105]) (Authenticated sender: netregistryptyltd) by relay.mailchannels.net (Postfix) with ESMTPA id D0788481F9D; Tue, 29 Jun 2021 06:35:25 +0000 (UTC) X-Sender-Id: netregistryptyltd|x-authuser|davido@optimation.com.au Received: from awcp059.server-cpanel.com (awcp059.server-cpanel.com [52.64.219.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384) by 100.96.13.105 (trex/6.3.3); Tue, 29 Jun 2021 06:35:27 +0000 X-MC-Relay: Neutral X-MailChannels-SenderId: netregistryptyltd|x-authuser|davido@optimation.com.au X-MailChannels-Auth-Id: netregistryptyltd X-Lyrical-Drop: 1d80d52303ec1f15_1624948526834_979944183 X-MC-Loop-Signature: 1624948526834:926031915 X-MC-Ingress-Time: 1624948526833 Received: from localhost ([127.0.0.1]:41620 helo=awcp059.server-cpanel.com) by awcp059.server-cpanel.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1ly7L8-0002GL-8o; Tue, 29 Jun 2021 16:35:23 +1000 Received: from [203.220.167.69] ([203.220.167.69]) by optimation.com.au (Horde Framework) with HTTPS; Tue, 29 Jun 2021 16:35:19 +1000 Date: Tue, 29 Jun 2021 16:35:19 +1000 Message-ID: <20210629163519.Horde.O3Vak6UcOouDuGUHhEVU5Ko@optimation.com.au> From: David Oppenheim To: matthew patton , cygwin@cygwin.com Subject: Re: Difficult getting pure-ftpd to work under Cygwin on Windows 10, esp anonymous ftp References: <20210629084746.Horde.EOaX4JftYZgseWRQhFJQPhx@optimation.com.au> <1714177064.2738894.1624924661209@mail.yahoo.com> <1598452124.530169.1624924810774@mail.yahoo.com> <518840083.2736043.1624925052846@mail.yahoo.com> In-Reply-To: <518840083.2736043.1624925052846@mail.yahoo.com> User-Agent: Horde Application Framework 5 Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: 8bit X-AuthUser: davido@optimation.com.au X-Spam-Status: No, score=1.6 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS, RCVD_IN_BARRACUDACENTRAL, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.2 X-Spam-Level: * X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: cygwin@cygwin.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: General Cygwin discussions and problem reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jun 2021 06:35:32 -0000 cygrunsrv is an EXCELLENT solution, thankyou. So for those looking for a quick make-it-work, install pure-ftpd as a service thus (from a bash you have started as "Run as Administrator") : cygrunsrv --install pure-ftpd --path /usr/sbin/pure-ftpd --chdir /tmp --args "-l puredb:/full-path-to/pure-ftpd/pureftpd.pdb" and then cygrunsrv --start pure-ftpd This solves the seteuid() limitation, so now the one server will work with anonymous (but still needs "ftp" as a Windows user) and any other user in the puredb passwd file. ```` Matthew, re the Windows privileges you suggest, sadly and according to Murphy's law I did all this on my one and only Windows 10 Home Edition ... no group policy editor :-( I **could** try it on a Windows 10 Pro PC, or I could regedit I suppose, but hey cygrunsrv works so thankyou. Perhaps an ancillary issue is the cryptic way in some code paths pure-ftpd gives the error "Unable to set up secure anonymous FTP", sometimes with, but sometimes without, a syslog... I needed to use gdb extensively to one by one eliminate blockages and get anonymous to work. Perhaps more importantly the recipe (cygrunsrv) would be great to have in the man page of the Cygwin package, and certainly in the README.Windows file of the source package. I'll cross-post this to pure-ftpd.org Thanks for your help ! ----- Message from matthew patton --------- Date: Tue, 29 Jun 2021 00:04:12 +0000 (UTC) From: matthew patton Subject: Re: Difficult getting pure-ftpd to work under Cygwin on Windows 10, esp anonymous ftp To: David Oppenheim > and look at cygrunsrv --start > On Monday, June 28, 2021, 08:00:10 PM EDT, matthew patton > wrote: > > specifically > SeAssignPrimaryTokenPrivilege > SeCreateTokenPrivilege > SeTcbPrivilege > SeIncreaseQuotaPrivilege > SeServiceLogonRight > On Monday, June 28, 2021, 07:58:41 PM EDT, matthew patton via > Cygwin wrote: > > have you tried applying the notable permissions from this to your > 'ftp' windows > user?https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/user-rights-assignment >     On Monday, June 28, 2021, 06:48:18 PM EDT, David Oppenheim > wrote:  > > I have debugged various obstacles getting logins to pure-ftpd to work under > Cygwin on Windows 10 (Home edition 20H2 on this particular PC), especially > getting anonymous ftp to login successfully. My pure-ftpd is version 1.0.46-1 > as downloaded by the Cygwin installer. > > There are problems with how it looks up username/password, with it calling > seteuid(), and sometimes with pathnames for the user's home directory, and > the user's shell. This is particularly fraught if you try to use  > anonymous ftp. > > My solution is a simple recipe, albeit limited but fine for personal > or small group use ... technical problem details after this recipe. > I hope this helps anyone else trying to get it to work ! > > --- recipe for setting up pure-ftpd on Cygwin > > Set up pure-ftp passwd file first with pure-pw -f filename.passwd > then convert to puredb format with    pure-pw mkdb filename.pdb -f  > filename.passwd > > Note that sometimes pure-pw and/or pure-ftpd imply a /etc prefix for  > the filename, > seems that's overridden if you use an absolute pathname. > > Run pure-ftpd as you. From the ftp client login as you with the > puredb file password not the Windows password. > > Your starting directory once logged in will be the homne directory as set up > in the puredb entry for your username ... probably /home/yourloginname > (as viewed from inside Cygwin). > > --- end recipe > > Re anonymous login ... > > Internally pure-ftpd translates "anonymous" to "ftp" > > Anonymous login is not checked in the -l puredb file, it does > a getpwnam() call, so "ftp" ** must ** be a user in Windows > > Needs /home/ftp (pathname from inside Cygwin) and perhaps > ~/home/ftp for user running pure-ftpd > > For any ftp login, if the ftp username is not the same as the Windows > user running pure-ftpd, pure-ftpd fails on seteuid() ... see Windows > event logger (or Cygwin syslog if that's installed), the ftp client > sees "Unable to set up secure anonymous FTP" > > This happens even if running pure-ftpd from Explorer by > "Run as Administrator" > > So for anonymous login you have to run pure-ftpd as Windows user ftp > > More generally, because of that seteuid issue, if you want to > ftp login as uuu then you need to run pure-ftpd as Windows user uuu ... > although having uuu in a pure-pw database permits the password to > be different from the Windows login password. > > Nb: if you run pure-ftpd directly from Explorer (incl "Run as Administrator") > the place it looks for the home directory may be ./ or the Windows user's > home (C:\Users\uuu) and I have also seen failures setting user shell > because it's looking for e.g. /bin/bash somewhere else. > > > > -- > Problem reports:      https://cygwin.com/problems.html > FAQ:                  https://cygwin.com/faq/ > Documentation:        https://cygwin.com/docs.html > Unsubscribe info:    https://cygwin.com/ml/#unsubscribe-simple >   > > -- > Problem reports:      https://cygwin.com/problems.html > FAQ:                  https://cygwin.com/faq/ > Documentation:        https://cygwin.com/docs.html > Unsubscribe info:    https://cygwin.com/ml/#unsubscribe-simple ----- End message from matthew patton -----