From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 67641 invoked by alias); 15 Mar 2019 19:39:25 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 67599 invoked by uid 89); 15 Mar 2019 19:39:25 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-2.1 required=5.0 tests=AWL,BAYES_00,NORMAL_HTTP_TO_IP,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.1 spammy=huh, disposal, do, it! X-HELO: lb2-smtp-cloud7.xs4all.net Received: from lb2-smtp-cloud7.xs4all.net (HELO lb2-smtp-cloud7.xs4all.net) (194.109.24.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 15 Mar 2019 19:39:23 +0000 Received: from tmp.Lw13BJSgUm ([83.162.234.136]) by smtp-cloud7.xs4all.net with ESMTPSA id 4sfnh3X2NLMwI4sfohP48x; Fri, 15 Mar 2019 20:39:20 +0100 Date: Fri, 15 Mar 2019 19:39:00 -0000 Message-ID: <7dcabfa538edb7ed869b8b26205aeee9@smtp-cloud7.xs4all.net> From: Houder Reply-To: cygwin@cygwin.com To: cygwin@cygwin.com Subject: Re: sshd: fatal: seteuid XXX : No such device or address References: <011a01d4da5a$96247330$c26d5990$@giraudbtp.com> <20190314172918.GJ3785@calimero.vinschen.de> <20190315134247.GR3785@calimero.vinschen.de> In-Reply-to: <20190315134247.GR3785@calimero.vinschen.de> Content-Type: text/plain; charset=UTF-8; format=fixed User-Agent: mua.awk 0.99 X-SW-Source: 2019-03/txt/msg00415.txt.bz2 On Fri, 15 Mar 2019 14:42:47, Corinna Vinschen wrote: > On Mar 15 14:06, Houder wrote: > > One is forced to create the exact same environment (system) as the > > person who is complaining, fire up the debugger (like sticking > > a thermometer in a patient's rear end) in order to find out where > > the code failed ... > > > > Meaning, within the context of the recent sshd problems, possibly only ^^^^ > > you know where the error ERROR_FILE_INVALID (resulting in the error ^^^ strace, yes. But only if one has the exact same "network" at one's disposal as the one where the problem occurred (like you have at your place; while I only have one simple computer) ... That is decisive. > > message "No such device or address") was generated ... (and by which > > Windows function). > > The only interface an application has is by checking the POSIX > errno value. This is what Cygwin is about :) > > If you need more details what's going on under the hood, you have > to use strace. > > > Oh well, this cannot be helped ... > > Well, there *is* a solution by using strace. And hey, we now know what > ENXIO returned from seteuid means, don't we? It's not all bad :) You do! I do not :-) (as I do not have the machinery at my disposal that is required to provoke this error). A simple STC to emphasize my statement (i.e. a problem that I can strace on my computer). int main() { errno = 0; if (seteuid( (uid_t)1004) != 0) { // 1004, not being me :-) printf("seteuid: errno = %d, errstr = %s\n", errno, strerror(errno) ); // seteuid: errno = 13, errstr = Permission denied => EACCES // ... while only EPERM en EINVAL are documented ... } else printf("1004, OK\n"); } 64-@@ ./seteuid seteuid: errno = 13, errstr = Permission denied ... huh? On Linux this simple "Simple Test Case" will result in: seteuid: errno = 1, errstr = Operation not permitted ... Got it! Fortunately, I have now have the strace output at my disposal: ... studying the strace output and the source code, I am now able to tell what is going on ... see below: seteuid (syscalls.cc) .lsaprivkeyauth (sec_auth.cc) <==== fails; as result NULL (token) is returned by lsaprivkeyauth ... ...lsa_open_policy (sec_auth.cc) <==== fails; as result NULL (lsa) is returned by lsa_open_policy ... # errno, set by lsa_open_policy, is ignored # seteuid() chooses NOT to bail out, but # to attempt "Service For User Logon" (s4u) ... .s4uauth (sec_auth.cc) <==== fails (because LsaRegisterLogonProcess fails), returning the status (0xC0000041) to seteuid() # /usr/include/w32api/ntstatus.h: # defines STATUS_PORT_CONNECTION_REFUSED ((NTSTATUS)0xC0000041) # now seteuid chooses to bail out (i.e. setuid() fails) Q: errno? s4uauth calls __seterrno_from_nt_status (0xC0000041), which in turn calls RtlNtStatusToDosError(0xC0000041), which in turn calls geterrno_from_win_error(5,...): 0xC0000041 is mapped to 5, which in turn is mapped to 13 (EACCES). Henri -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple