From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 117524 invoked by alias); 27 May 2017 21:23:58 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 117509 invoked by uid 89); 27 May 2017 21:23:57 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=2.0 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_2,RCVD_IN_DNSWL_LOW,SPAM_BODY1,SPF_PASS autolearn=no version=3.3.2 spammy=1680, i.s.o, UD:i.s.o, UD:s.o X-HELO: lb2-smtp-cloud2.xs4all.net Received: from lb2-smtp-cloud2.xs4all.net (HELO lb2-smtp-cloud2.xs4all.net) (194.109.24.25) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Sat, 27 May 2017 21:23:56 +0000 Received: from tmp.bEUy3eJvOD ([83.162.234.136]) by smtp-cloud2.xs4all.net with ESMTP id RZPv1v00A2xEdKF01ZPwhp; Sat, 27 May 2017 23:23:57 +0200 Date: Sun, 28 May 2017 13:46:00 -0000 Message-ID: <7d9f30328b3d2de60cd383dbcca55312@smtp-cloud2.xs4all.net> From: Houder To: cygwin@cygwin.com Subject: Re: Installing sshd on W7 reveals errors in CSIH_SCRIPT -- patch file against master References: In-Reply-to: Content-Type: text/plain; charset=UTF-8; format=fixed User-Agent: mua.awk 0.99 X-SW-Source: 2017-05/txt/msg00457.txt.bz2 On Sat, 27 May 2017 14:01:09, Houder wrote: > --=_f8e475c11eb2497bb7b3a74fbbff7888 > Content-Transfer-Encoding: 7bit > Content-Type: text/plain; charset=US-ASCII; > format=flowed > > On 2017-05-26 21:35, Houder wrote: > > Hi, > > > > Installing sshd on W7 reveals errors in CSIH_SCRIPT ... > > > > CSIH_SCRIPT = /usr/share/csih/cygwin-service-installation-helper.sh > > Retrieved CSIH_SCRIPT from the master (January 19 2017) here: > > https://cygwin.com/git/?p=cygwin-apps/csih.git;a=summary > > Attached patch file against master ... Oh, by the way ... My sshd daemon works flawlessly on W7 ... despite the fact the I am still using /etc/passwd and /etc/group as the "database" (i.s.o. Windows' SAM). (despite F-Secure SAFE, being a mandatory requirement for my machine). (and, of course, despite the consequences of the errors in CSIH_SCRIPT; I took care of them). Regards, Henri ----- /etc/nsswitch.conf: # 31 10 2014 # "db" = any 'place' where Windows keeps account info (my case: local SAM?) # as far as I can tell, the next two lines forces the Cygwin1.dll to retrieve the account # info solely from /etc/passwd and /etc/group, i.e. Windows' "db" is ignored ... # passwd: files group: files # as far as I can tell, this line applies to getent (i.e. getpwent() and getgrent()) db_enum: files /etc/passwd: SYSTEM:*:18:18:U-NT AUTHORITY\SYSTEM,S-1-5-18:/home/SYSTEM:/bin/bash LOCAL SERVICE:*:19:19:,S-1-5-19:/:/sbin/nologin NETWORK SERVICE:*:20:20:,S-1-5-20:/:/sbin/nologin Administrators:*:544:544:,S-1-5-32-544:/:/sbin/nologin .. cyg_server:*:1014:513:Privileged server,U-Seven\cyg_server,S-1-5-21-91509220-1575020443-2714799223-1014:/var/empty:/bin/bash Henri:*:1000:513:U-Seven\Henri,S-1-5-21-91509220-1575020443-2714799223-1000:/home/Henri:/bin/bash .. sshd:*:1013:513:U-Seven\sshd,S-1-5-21-91509220-1575020443-2714799223-1013:/var/empty:/bin/bash /etc/group: SYSTEM:S-1-5-18:18: .. Administrators:S-1-5-32-544:544: .. None:S-1-5-21-91509220-1575020443-2714799223-513:513: .. @@ ls -ld ~ ~/.ssh drwxr-xr-x+ 1 Henri None 0 May 27 08:16 /home/Henri # modified by me? (744 => 700) ... not really required ... drwx------+ 1 Henri None 0 May 26 13:22 /home/Henri/.ssh @@ ls -l /etc/ssh* -rw-r--r-- 1 cyg_server Administrators 1680 May 26 13:15 /etc/ssh_config -rw------- 1 cyg_server Administrators 668 Jul 25 2016 /etc/ssh_host_ -rw-r--r-- 1 cyg_server Administrators 601 Jul 25 2016 /etc/ssh_host_.pub -rw-r--r-- 1 cyg_server Administrators 3225 May 26 16:44 /etc/sshd_config @@ ls -ld /var/empty /var/run drwxr-xr-x+ 1 cyg_server Administrators 0 May 26 12:45 /var/empty drwxrwxrwt+ 1 Henri None 0 May 26 21:28 /var/run - "/var/empty must be owned by root and not group or world-writable." - that is, owned by "cyg_server" (the privileged account, acting as the root user here) @@ ls -l /var/run -rw-r--r-- 1 cyg_server None 5 May 27 07:54 sshd.pid # modified permissions to 660 for aestetic reason only -rw-rw---- 1 Henri None 640 May 26 18:50 utmp @@ ls -l /var/log/sshd.log # file exists if one has redirected the output of sshd.exe ... -rw-r--r-- 1 cyg_server None 1767 May 26 21:28 /var/log/sshd.log @@ getfacl /var/tmp # relevant here is ownership by cyg_server ... # file: /var/empty # owner: cyg_server # group: Administrators user::rwx group::r-x group:SYSTEM:r-x group:Administrators:r-x mask:r-x other:r-x default:user::rwx default:group::r-x default:other:r-x @@ getfacl /var/run # file: /var/run # owner: Henri # group: None # flags: --t user::rwx group::rwx group:SYSTEM:rwx group:Administrators:rwx mask:rwx other:rwx default:user::rwx default:group::r-x default:other:r-x ===== -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple