* xinetd: PID 2280: Service tftp missing attribute user - DISABLING
@ 2021-10-01 7:21 ilya Basin
2021-10-01 9:23 ` ilya Basin
0 siblings, 1 reply; 2+ messages in thread
From: ilya Basin @ 2021-10-01 7:21 UTC (permalink / raw)
To: cygwin
Hi. I installed xinetd and tftp-server recently, ran xinetd-config and tftpd-config, and enabled /etc/xinetd.d/tftp. However, I was getting the following error in Windows Event log:
xinetd: PID 2280: Service tftp missing attribute user - DISABLING
Workaround:
# The xinetd user name must exist in /etc/passwd
# We have to strip "MYHOST+" from "MYHOST+cyg_server" to make xinetd match the entry
mkpasswd.exe | sed 's/^[^:]*\(cyg_server\):/\1/;t;d' >>/etc/passwd
Commenting "user=cyg_server" is not needed and won't help because then xinetd looks for the current user in /etc/passwd
By the way, cygsshd runs fine as NT_AUTHORITY\SYSTEM on Windows 10 and can serve both local and domain users. I just had to strip the machine prefix in /etc/passwd for the local users. Perhaps /usr/share/doc/Cygwin/xinetd.README is outdated?
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: xinetd: PID 2280: Service tftp missing attribute user - DISABLING
2021-10-01 7:21 xinetd: PID 2280: Service tftp missing attribute user - DISABLING ilya Basin
@ 2021-10-01 9:23 ` ilya Basin
0 siblings, 0 replies; 2+ messages in thread
From: ilya Basin @ 2021-10-01 9:23 UTC (permalink / raw)
To: cygwin
Upd:
1)
There was a typo in the sed script. The correct one is:
mkpasswd.exe | sed 's/^[^:]*\(cyg_server\):/\1:/;t;d'
I also had to do the same for the unprivileged user "tftpd" created by /usr/bin/tftpd-config
2)
After being successfully started by xinetd the tftp server logs to Windows Event log:
tftpd: PID 2844: cannot drop privileges: No error
and in the Audit log there is a deny message with:
FailureReason %%2310 Account currently disabled.
Workaround:
net user tftpd /active:YES
and it makes me wonder how it worked in older versions. The user is created by csih_create_unprivileged_user() with the command:
net user "${unpriv_user}" \
/homedir:"${dos_var_empty}" \
/comment:'<cygwin home="/var/empty" shell="/bin/false"/>' \
/add /active:no
On 01.10.2021 10:21, ilya Basin wrote:
> Hi. I installed xinetd and tftp-server recently, ran xinetd-config and tftpd-config, and enabled /etc/xinetd.d/tftp. However, I was getting the following error in Windows Event log:
>
> xinetd: PID 2280: Service tftp missing attribute user - DISABLING
>
> Workaround:
>
> # The xinetd user name must exist in /etc/passwd
> # We have to strip "MYHOST+" from "MYHOST+cyg_server" to make xinetd match the entry
> mkpasswd.exe | sed 's/^[^:]*\(cyg_server\):/\1/;t;d' >>/etc/passwd
>
> Commenting "user=cyg_server" is not needed and won't help because then xinetd looks for the current user in /etc/passwd
>
> By the way, cygsshd runs fine as NT_AUTHORITY\SYSTEM on Windows 10 and can serve both local and domain users. I just had to strip the machine prefix in /etc/passwd for the local users. Perhaps /usr/share/doc/Cygwin/xinetd.README is outdated?
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2021-10-01 9:23 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-10-01 7:21 xinetd: PID 2280: Service tftp missing attribute user - DISABLING ilya Basin
2021-10-01 9:23 ` ilya Basin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).