From: Brian Inglis <Brian.Inglis@SystematicSw.ab.ca>
To: cygwin@cygwin.com
Subject: Re: Problems with ssh-host-config and /var/run directory
Date: Fri, 26 May 2017 07:51:00 -0000 [thread overview]
Message-ID: <b7bc90d4-0cec-44f7-e6fa-199540e819ca@SystematicSw.ab.ca> (raw)
In-Reply-To: <63db7c1b-bb96-c809-4a47-e727089d0c8a@SystematicSw.ab.ca>
On 2017-05-25 15:36, Brian Inglis wrote:
> On 2017-05-25 13:24, Henning Peters wrote:
>> I switched from 32bit to 64bit a week ago, moved "cygwin" to
>> "cygwin32" and reinstalled from scratch into a new "cygwin"
>> directory.
>> when trying to setup sshd using ssh-host-config, I get this message
>> when using StrictModes (which I want to and did before on cygwin32
>> on this system):
>> *** Warning: The owner and the Administrators need
>> *** Warning: to have .w. permission to /var/run.
>> *** Warning: Here are the current permissions and ACLS:
>> *** Warning: drwxrwxrwt+ 1 faroul root 0 May 19 20:56 /var/run
>> *** Warning: # file: /var/run
>> *** Warning: # owner: faroul
>> *** Warning: # group: root
>> *** Warning: # flags: --t
>> *** Warning: user::rwx
>> *** Warning: group::rwx
>> *** Warning: group:root:rwx
>> *** Warning: group:SYSTEM:rwx
>> *** Warning: mask:rwx
>> *** Warning: other:rwx
>> *** Warning: default:user::rwx
>> *** Warning: default:group::rwx
>> *** Warning: default:other:r-x
>> *** Warning:
>> *** Warning: Please change the user and/or group ownership,
>> *** Warning: permissions, or ACLs of /var/run.
>> *** ERROR: Problem with /var/run directory. Exiting.
>> I tried a lot, but cannot find any solution.
>> Any hints?
>
> It's telling you that the Administrators group is missing write
> access.
>
> Do you have a root id on your system or are you using passwd and
> group files?
>
> You could either change group ownership from root to Administrators:
> $ chgrp -cR Administrators /var/run
>
> and if your admin id is not faroul:
> $ chown -cR <adminid> /var/run
>
> or, to add explicit Administrators group access, and default access
> to files created, explicit admin id ACL and DACL, and others read
> and search:
> $ setfacl -m g:Administrators:rwx,d:g:Administrators:rwx,\
> u:<adminid>:rwx,d:g:<adminid>:rwx,o::r-x /var/run
Typos:
$ setfacl -m g:Administrators:rwx,d:g:Administrators:rwx,\
u:<adminid>:rwx,d:u:<adminid>:rwx,o::r-x /var/run
> add Administrators and admin id to existing files:
> $ setfacl -m g:Administrators:rwx,u:<adminid>:rwx,\
> o::r-x /var/run/*
$ setfacl -m g:Administrators:rw-,u:<adminid>:rw-,\
o::r-- /var/run/*
--
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
next prev parent reply other threads:[~2017-05-26 7:39 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-25 20:58 Henning Peters
2017-05-25 21:11 ` Hans-Bernhard Bröker
2017-05-25 23:04 ` Brian Inglis
2017-05-26 7:51 ` Brian Inglis [this message]
[not found] ` <59289C75.2020307@faroul.de>
2017-05-27 8:17 ` Brian Inglis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b7bc90d4-0cec-44f7-e6fa-199540e819ca@SystematicSw.ab.ca \
--to=brian.inglis@systematicsw.ab.ca \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).