From: Aaron Digulla <digulla@hepe.com>
To: cygwin@cygwin.com
Subject: Re: /bin/bash: Operation not permitted
Date: Fri, 11 Mar 2016 14:05:00 -0000 [thread overview]
Message-ID: <56E2D09F.3020508@hepe.com> (raw)
In-Reply-To: <56E042DD.2090804@gmail.com>
Am 09.03.2016 um 16:35 schrieb Marco Atzeri:
> On 09/03/2016 16:25, Achim Gratz wrote:
>> Francis Korning <fkorning <at> yahoo.ca> writes:
>>> Specifically, ssh-host-config needs these following lines:
>>
>> The cyg_server account is actually set up in
>> /usr/share/csih/cygwin-service-installation-helper.sh and guess what, it
>> already does this. It also warns if a pre-existing account does not
>> have
>> these privileges enabled.
>
> It is correct Achim,
> however I have seen in corporate environment that some of those
> setting were removed by security scripts...at every boot.
How about a check in the code of sshd to make sure it has the necessary
permissions?
I'm wondering if it would be better to do those check when it starts or
when someone logs in. The former would show the problem early but the
admin would have to look in the event log to see the error message
(especially after a reboot).
The latter would allow to send the error message to the local console
(local to the user, remote from the point of view of sshd) and there
would be a human who can read it.
Regards,
--
Aaron "Optimizer" Digulla a.k.a. Philmann Dark
"It's not the universe that's limited, it's our imagination.
Follow me and I'll show you something beyond the limits."
http://blog.pdark.de/
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
next prev parent reply other threads:[~2016-03-11 14:05 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <60610071.5233701.1457534241961.JavaMail.yahoo.ref@mail.yahoo.com>
2016-03-09 14:37 ` Francis Korning
2016-03-09 15:26 ` Achim Gratz
2016-03-09 15:36 ` Marco Atzeri
2016-03-11 14:05 ` Aaron Digulla [this message]
2015-08-11 11:45 stephane
2015-08-12 8:16 ` stephane
-- strict thread matches above, loose matches on Subject: below --
2012-08-21 17:37 michael pitoniak
2012-08-22 0:11 ` Larry Hall (Cygwin)
2012-08-27 15:08 ` michael pitoniak
2012-08-28 6:31 ` Larry Hall (Cygwin)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56E2D09F.3020508@hepe.com \
--to=digulla@hepe.com \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).