From: Houder <houder@xs4all.nl>
To: cygwin@cygwin.com
Subject: Re: Installing sshd on W7 reveals errors in CSIH_SCRIPT -- patch file against master
Date: Sun, 28 May 2017 13:46:00 -0000 [thread overview]
Message-ID: <7d9f30328b3d2de60cd383dbcca55312@smtp-cloud2.xs4all.net> (raw)
In-Reply-To: <a2907cfe582879ff35f5357cf937c279@xs4all.nl>
On Sat, 27 May 2017 14:01:09, Houder wrote:
> --=_f8e475c11eb2497bb7b3a74fbbff7888
> Content-Transfer-Encoding: 7bit
> Content-Type: text/plain; charset=US-ASCII;
> format=flowed
>
> On 2017-05-26 21:35, Houder wrote:
> > Hi,
> >
> > Installing sshd on W7 reveals errors in CSIH_SCRIPT ...
> >
> > CSIH_SCRIPT = /usr/share/csih/cygwin-service-installation-helper.sh
>
> Retrieved CSIH_SCRIPT from the master (January 19 2017) here:
>
> https://cygwin.com/git/?p=cygwin-apps/csih.git;a=summary
>
> Attached patch file against master ...
Oh, by the way ...
My sshd daemon works flawlessly on W7 ... despite the fact the I am still
using /etc/passwd and /etc/group as the "database" (i.s.o. Windows' SAM).
(despite F-Secure SAFE, being a mandatory requirement for my machine).
(and, of course, despite the consequences of the errors in CSIH_SCRIPT; I
took care of them).
Regards,
Henri
-----
/etc/nsswitch.conf:
# 31 10 2014
# "db" = any 'place' where Windows keeps account info (my case: local SAM?)
# as far as I can tell, the next two lines forces the Cygwin1.dll to retrieve the account
# info solely from /etc/passwd and /etc/group, i.e. Windows' "db" is ignored ...
#
passwd: files
group: files
# as far as I can tell, this line applies to getent (i.e. getpwent() and getgrent())
db_enum: files
/etc/passwd:
SYSTEM:*:18:18:U-NT AUTHORITY\SYSTEM,S-1-5-18:/home/SYSTEM:/bin/bash
LOCAL SERVICE:*:19:19:,S-1-5-19:/:/sbin/nologin
NETWORK SERVICE:*:20:20:,S-1-5-20:/:/sbin/nologin
Administrators:*:544:544:,S-1-5-32-544:/:/sbin/nologin
..
cyg_server:*:1014:513:Privileged server,U-Seven\cyg_server,S-1-5-21-91509220-1575020443-2714799223-1014:/var/empty:/bin/bash
Henri:*:1000:513:U-Seven\Henri,S-1-5-21-91509220-1575020443-2714799223-1000:/home/Henri:/bin/bash
..
sshd:*:1013:513:U-Seven\sshd,S-1-5-21-91509220-1575020443-2714799223-1013:/var/empty:/bin/bash
/etc/group:
SYSTEM:S-1-5-18:18:
..
Administrators:S-1-5-32-544:544:
..
None:S-1-5-21-91509220-1575020443-2714799223-513:513:
..
@@ ls -ld ~ ~/.ssh
drwxr-xr-x+ 1 Henri None 0 May 27 08:16 /home/Henri
# modified by me? (744 => 700) ... not really required ...
drwx------+ 1 Henri None 0 May 26 13:22 /home/Henri/.ssh
@@ ls -l /etc/ssh*
-rw-r--r-- 1 cyg_server Administrators 1680 May 26 13:15 /etc/ssh_config
-rw------- 1 cyg_server Administrators 668 Jul 25 2016 /etc/ssh_host_<X-key>
-rw-r--r-- 1 cyg_server Administrators 601 Jul 25 2016 /etc/ssh_host_<X-key>.pub
-rw-r--r-- 1 cyg_server Administrators 3225 May 26 16:44 /etc/sshd_config
@@ ls -ld /var/empty /var/run
drwxr-xr-x+ 1 cyg_server Administrators 0 May 26 12:45 /var/empty
drwxrwxrwt+ 1 Henri None 0 May 26 21:28 /var/run
- "/var/empty must be owned by root and not group or world-writable."
- that is, owned by "cyg_server" (the privileged account, acting as the root user here)
@@ ls -l /var/run
-rw-r--r-- 1 cyg_server None 5 May 27 07:54 sshd.pid
# modified permissions to 660 for aestetic reason only
-rw-rw---- 1 Henri None 640 May 26 18:50 utmp
@@ ls -l /var/log/sshd.log # file exists if one has redirected the output of sshd.exe ...
-rw-r--r-- 1 cyg_server None 1767 May 26 21:28 /var/log/sshd.log
@@ getfacl /var/tmp # relevant here is ownership by cyg_server ...
# file: /var/empty
# owner: cyg_server
# group: Administrators
user::rwx
group::r-x
group:SYSTEM:r-x
group:Administrators:r-x
mask:r-x
other:r-x
default:user::rwx
default:group::r-x
default:other:r-x
@@ getfacl /var/run
# file: /var/run
# owner: Henri
# group: None
# flags: --t
user::rwx
group::rwx
group:SYSTEM:rwx
group:Administrators:rwx
mask:rwx
other:rwx
default:user::rwx
default:group::r-x
default:other:r-x
=====
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
next prev parent reply other threads:[~2017-05-27 21:23 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-26 19:38 Installing sshd on W7 reveals errors in CSIH_SCRIPT Houder
2017-05-27 11:35 ` Houder
2017-05-27 15:55 ` Installing sshd on W7 reveals errors in CSIH_SCRIPT -- patch file against master Houder
2017-05-28 13:46 ` Houder [this message]
2017-06-07 9:15 ` Corinna Vinschen
2017-06-07 11:58 ` Houder
2017-06-07 14:35 ` Corinna Vinschen
2017-06-07 18:17 ` Houder
2017-06-07 18:56 ` Corinna Vinschen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7d9f30328b3d2de60cd383dbcca55312@smtp-cloud2.xs4all.net \
--to=houder@xs4all.nl \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).