public inbox for cygwin@cygwin.com
 help / color / mirror / Atom feed
From: Prentis Brooks <prentis@aol.net>
To: Tony Hain <tony@tndh.net>
Cc: Ulrich Voss <voss@vocalweb.de>, <cygwin@cygwin.com>,
	<mark@networksimplicity.com>
Subject: RE: cygwin & opensshd on .net enterprise server
Date: Fri, 17 May 2002 12:20:00 -0000	[thread overview]
Message-ID: <Pine.LNX.4.44.0205171400570.24880-100000@magetower.office.aol.com> (raw)
In-Reply-To: <IEEOIFENFHDKFJFILDAHAEHGEGAA.tony@tndh.net>

That is what I was saying, there are cases where mkpasswd and mkgroup do
not create clean files, primarily on Domain Controllers.  You need to
verify them manually.


On Fri, 17 May 2002, Tony Hain wrote:

> Ulrich Voss wrote:
> > I'll second everything Printis said and in addition please check, if
> > you have the correct user-id in your passwd and group. On my
> > W2K cygwin inserted (only) my local admin account to passwd,
> > while I log in with my domain admin account. So id, ls -l etc. all
> > look fine (admin admin), but nothing works, cause it is the false
> > admin account (the false SID). OK, you mention, that you only
> > have local users and no domain users, but make sure, that cygwin
> > thinks the same ;-)
> 
> I have deleted & regenerated both the passwd & group files a couple of
> times while playing around with various edits. It is easy to
> misconfigure them so that logging in via ssh fails, but when they are
> fresh generated via mkpasswd & mkgroup the ssh login succeeds as
> recorded in the event log, then the connection is immediately dropped. I
> assume that is because bash or sh also immediately exit when run from a
> command line under that user. When I run id under anything except the
> system account it hangs at 100% cpu. It also makes no difference when I
> set the account policies for the user to 'act as system', 'adjust memory
> quotoas', & 'replace process token'.
> 
> I didn't have any problems at all with the W2k install. This all
> happened when I moved to .net server. So far I haven't seen anyone
> acknowledge that they have cygwin working under .net server, so I don't
> know if the problem is local to my system, or something that MS has
> changed in account handling due to their recent 'focus on security'.
> 
> I did receive a suggestion to run strace, and I have the output of that
> for anyone that would care to look at it. (It doesn't seem like a good
> idea to send that to an open list in general, and it is also fairly
> long.) Short version below:
> 
> Tony
> 
> 
> C:\cygroot\bin>strace bash --login -i
> **********************************************
> Program name: C:\cygroot\bin\bash.exe (3776)
> App version:  1003.9, api: 0.51
> DLL version:  1003.10, api: 0.51
> DLL build:    2002-02-25 11:14
> OS version:   Windows NT-5.1
> Date/Time:    2002-05-17 10:30:09
> **********************************************
>  1994    3642 [main] bash 3776 environ_init: 0xA010420:
> !C:=C:\cygroot\bin
> ...
> ...
> ...
> 10233 1949651 [main] bash 3776 fhandler_console::output_tcsetattr: 0 =
> tcsetattr
>  (,C50018) (ENABLE FLAGS 3) (lflag 107 oflag 9)
>  9971 1959622 [main] bash 3776 dtable::init_std_file_from_handle: fd 2,
> handle 0
> xB
>  9747 1969369 [main] bash 3776 dll_list::init: here
>  5115 1974484 [main] bash 3776 dll_crt0_1: user_data->main 0x401208
> 
> C:\cygroot\bin>
> 

-- 
Prentis Brooks	| prentis@aol.net | 703-265-0914 | AIM: PrentisBrooks
Senior System Administrator - Web Infrastructure & Security

       A knight is sworn to valor.  His heart knows only virtue.  His blade
       defends the helpless.  His word speaks only truth.  His wrath undoes
       the wicked. - the old code of Bowen, last of the dragonslayers


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

  reply	other threads:[~2002-05-17 18:02 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-05-15 12:55 Tony Hain
2002-05-16  0:06 ` Christopher Faylor
2002-05-16  6:51 ` Tony Hain
2002-05-16 10:47   ` Larry Hall (RFK Partners, Inc)
2002-05-16 12:13   ` Tony Hain
2002-05-16 13:52 ` Prentis Brooks
2002-05-16 14:53   ` Prentis Brooks
2002-05-17 10:04   ` Ulrich Voss
2002-05-17 12:18     ` Tony Hain
2002-05-17 12:20       ` Prentis Brooks [this message]
2002-05-17 19:15         ` Tony Hain

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Pine.LNX.4.44.0205171400570.24880-100000@magetower.office.aol.com \
    --to=prentis@aol.net \
    --cc=cygwin@cygwin.com \
    --cc=mark@networksimplicity.com \
    --cc=tony@tndh.net \
    --cc=voss@vocalweb.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).