* Problems with ssh-host-config and /var/run directory
@ 2017-05-25 20:58 Henning Peters
2017-05-25 21:11 ` Hans-Bernhard Bröker
2017-05-25 23:04 ` Brian Inglis
0 siblings, 2 replies; 5+ messages in thread
From: Henning Peters @ 2017-05-25 20:58 UTC (permalink / raw)
To: Cygwin
Hi,
I switched from 32bit to 64 bis a week ago, moved "cygwin" to "cygwin32" and
reinstalled from scratch into a new "cygwin" directory.
Setup:
Windows 7 Ultimate Ver 6.1 Build 7601 Service Pack 1
Cygwin DLL version info:
DLL version: 2.8.0
DLL epoch: 19
DLL old termios: 5
DLL malloc env: 28
Cygwin conv: 181
API major: 0
API minor: 309
Shared data: 5
DLL identifier: cygwin1
Mount registry: 3
Cygwin registry name: Cygwin
Installations name: Installations
Cygdrive default prefix:
Build date:
Shared id: cygwin1S5
when trying to setup sshd using ssh-host-config, I get this message when
using StrictModes (which I want to and did before on cygwin32 on this system):
*** Warning: The owner and the Administrators need
*** Warning: to have .w. permission to /var/run.
*** Warning: Here are the current permissions and ACLS:
*** Warning: drwxrwxrwt+ 1 faroul root 0 May 19 20:56 /var/run
*** Warning: # file: /var/run
*** Warning: # owner: faroul
*** Warning: # group: root
*** Warning: # flags: --t
*** Warning: user::rwx
*** Warning: group::rwx
*** Warning: group:root:rwx
*** Warning: group:SYSTEM:rwx
*** Warning: mask:rwx
*** Warning: other:rwx
*** Warning: default:user::rwx
*** Warning: default:group::rwx
*** Warning: default:other:r-x
*** Warning:
*** Warning: Please change the user and/or group ownership,
*** Warning: permissions, or ACLs of /var/run.
*** ERROR: Problem with /var/run directory. Exiting.
I tried a lot, but cannot find any solution.
Any hints?
Henning
--
Henning Peters / cygwin@faroul.de
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: Problems with ssh-host-config and /var/run directory 2017-05-25 20:58 Problems with ssh-host-config and /var/run directory Henning Peters @ 2017-05-25 21:11 ` Hans-Bernhard Bröker 2017-05-25 23:04 ` Brian Inglis 1 sibling, 0 replies; 5+ messages in thread From: Hans-Bernhard Bröker @ 2017-05-25 21:11 UTC (permalink / raw) To: cygwin Am 25.05.2017 um 21:24 schrieb Henning Peters: > Hi, > > I switched from 32bit to 64 bis a week ago, moved "cygwin" to "cygwin32" and > reinstalled from scratch into a new "cygwin" directory. I don't think that was a good strategy. Cygwin does use some registry entries pointing to absolute paths, i.e. you cannot just move a cygwin installation around and expect it to still work, just like that. That means your 32-bit Cygwin installation is now most likely quite broken, and I won't even speculate on the possible havoc running the orphaned 32-bit tools will cause in the 64-bit install now occupying their place. Just installing the 64-bit version to a new, aptly named folder cygwin64, would have been both simpler, and more likely to work. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Problems with ssh-host-config and /var/run directory 2017-05-25 20:58 Problems with ssh-host-config and /var/run directory Henning Peters 2017-05-25 21:11 ` Hans-Bernhard Bröker @ 2017-05-25 23:04 ` Brian Inglis 2017-05-26 7:51 ` Brian Inglis [not found] ` <59289C75.2020307@faroul.de> 1 sibling, 2 replies; 5+ messages in thread From: Brian Inglis @ 2017-05-25 23:04 UTC (permalink / raw) To: cygwin On 2017-05-25 13:24, Henning Peters wrote: > I switched from 32bit to 64 bis a week ago, moved "cygwin" to "cygwin32" and > reinstalled from scratch into a new "cygwin" directory. > when trying to setup sshd using ssh-host-config, I get this message when > using StrictModes (which I want to and did before on cygwin32 on this system): > *** Warning: The owner and the Administrators need > *** Warning: to have .w. permission to /var/run. > *** Warning: Here are the current permissions and ACLS: > *** Warning: drwxrwxrwt+ 1 faroul root 0 May 19 20:56 /var/run > *** Warning: # file: /var/run > *** Warning: # owner: faroul > *** Warning: # group: root > *** Warning: # flags: --t > *** Warning: user::rwx > *** Warning: group::rwx > *** Warning: group:root:rwx > *** Warning: group:SYSTEM:rwx > *** Warning: mask:rwx > *** Warning: other:rwx > *** Warning: default:user::rwx > *** Warning: default:group::rwx > *** Warning: default:other:r-x > *** Warning: > *** Warning: Please change the user and/or group ownership, > *** Warning: permissions, or ACLs of /var/run. > *** ERROR: Problem with /var/run directory. Exiting. > I tried a lot, but cannot find any solution. > Any hints? It's telling you that the Administrators group is missing write access. Do you have a root id on your system or are you using passwd and group files? You could either change group ownership from root to Administrators: $ chgrp -cR Administrators /var/run and if your admin id is not faroul: $ chown -cR <adminid> /var/run or, to add explicit Administrators group access, and default access to files created, explicit admin id ACL and DACL, and others read and search: $ setfacl -m g:Administrators:rwx,d:g:Administrators:rwx,\ u:<adminid>:rwx,d:g:<adminid>:rwx,o::r-x /var/run add Administrators and admin id to existing files: $ setfacl -m g:Administrators:rwx,u:<adminid>:rwx,\ o::r-x /var/run/* -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Problems with ssh-host-config and /var/run directory 2017-05-25 23:04 ` Brian Inglis @ 2017-05-26 7:51 ` Brian Inglis [not found] ` <59289C75.2020307@faroul.de> 1 sibling, 0 replies; 5+ messages in thread From: Brian Inglis @ 2017-05-26 7:51 UTC (permalink / raw) To: cygwin On 2017-05-25 15:36, Brian Inglis wrote: > On 2017-05-25 13:24, Henning Peters wrote: >> I switched from 32bit to 64bit a week ago, moved "cygwin" to >> "cygwin32" and reinstalled from scratch into a new "cygwin" >> directory. >> when trying to setup sshd using ssh-host-config, I get this message >> when using StrictModes (which I want to and did before on cygwin32 >> on this system): >> *** Warning: The owner and the Administrators need >> *** Warning: to have .w. permission to /var/run. >> *** Warning: Here are the current permissions and ACLS: >> *** Warning: drwxrwxrwt+ 1 faroul root 0 May 19 20:56 /var/run >> *** Warning: # file: /var/run >> *** Warning: # owner: faroul >> *** Warning: # group: root >> *** Warning: # flags: --t >> *** Warning: user::rwx >> *** Warning: group::rwx >> *** Warning: group:root:rwx >> *** Warning: group:SYSTEM:rwx >> *** Warning: mask:rwx >> *** Warning: other:rwx >> *** Warning: default:user::rwx >> *** Warning: default:group::rwx >> *** Warning: default:other:r-x >> *** Warning: >> *** Warning: Please change the user and/or group ownership, >> *** Warning: permissions, or ACLs of /var/run. >> *** ERROR: Problem with /var/run directory. Exiting. >> I tried a lot, but cannot find any solution. >> Any hints? > > It's telling you that the Administrators group is missing write > access. > > Do you have a root id on your system or are you using passwd and > group files? > > You could either change group ownership from root to Administrators: > $ chgrp -cR Administrators /var/run > > and if your admin id is not faroul: > $ chown -cR <adminid> /var/run > > or, to add explicit Administrators group access, and default access > to files created, explicit admin id ACL and DACL, and others read > and search: > $ setfacl -m g:Administrators:rwx,d:g:Administrators:rwx,\ > u:<adminid>:rwx,d:g:<adminid>:rwx,o::r-x /var/run Typos: $ setfacl -m g:Administrators:rwx,d:g:Administrators:rwx,\ u:<adminid>:rwx,d:u:<adminid>:rwx,o::r-x /var/run > add Administrators and admin id to existing files: > $ setfacl -m g:Administrators:rwx,u:<adminid>:rwx,\ > o::r-x /var/run/* $ setfacl -m g:Administrators:rw-,u:<adminid>:rw-,\ o::r-- /var/run/* -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <59289C75.2020307@faroul.de>]
* Re: Problems with ssh-host-config and /var/run directory [not found] ` <59289C75.2020307@faroul.de> @ 2017-05-27 8:17 ` Brian Inglis 0 siblings, 0 replies; 5+ messages in thread From: Brian Inglis @ 2017-05-27 8:17 UTC (permalink / raw) To: cygwin On 2017-05-26 15:21, Henning Peters wrote: > Am 25.05.17 23:36, schrieb Brian Inglis: >> On 2017-05-25 13:24, Henning Peters wrote: >>> I switched from 32bit to 64 bis a week ago, moved "cygwin" to "cygwin32" and >>> reinstalled from scratch into a new "cygwin" directory. >>> when trying to setup sshd using ssh-host-config, I get this message when >>> using StrictModes (which I want to and did before on cygwin32 on this system): >>> *** Warning: The owner and the Administrators need >>> *** Warning: to have .w. permission to /var/run. >>> *** Warning: Here are the current permissions and ACLS: >>> *** Warning: drwxrwxrwt+ 1 faroul root 0 May 19 20:56 /var/run >>> *** Warning: # file: /var/run >>> *** Warning: # owner: faroul >>> *** Warning: # group: root >>> *** Warning: # flags: --t >>> *** Warning: user::rwx >>> *** Warning: group::rwx >>> *** Warning: group:root:rwx >>> *** Warning: group:SYSTEM:rwx >>> *** Warning: mask:rwx >>> *** Warning: other:rwx >>> *** Warning: default:user::rwx >>> *** Warning: default:group::rwx >>> *** Warning: default:other:r-x >>> *** Warning: >>> *** Warning: Please change the user and/or group ownership, >>> *** Warning: permissions, or ACLs of /var/run. >>> *** ERROR: Problem with /var/run directory. Exiting. >>> I tried a lot, but cannot find any solution. >>> Any hints? >> It's telling you that the Administrators group is missing write access. >> Do you have a root id on your system or are you using passwd and group >> files? > passwd/group files. > root and admin entries: > root:S-1-5-32-544:0: > Administratoren:S-1-5-32-544:544: >> You could either change group ownership from root to Administrators: >> $ chgrp -cR Administrators /var/run >> and if your admin id is not faroul: >> $ chown -cR <adminid> /var/run >> or, to add explicit Administrators group access, and default access to >> files created, explicit admin id ACL and DACL, and others read and search: >> $ setfacl -m g:Administrators:rwx,d:g:Administrators:rwx,\ >> u:<adminid>:rwx,d:g:<adminid>:rwx,o::r-x /var/run >> add Administrators and admin id to existing files: >> $ setfacl -m g:Administrators:rwx,u:<adminid>:rwx,\ >> o::r-x /var/run/* > Nothing helps... (German Windows, "Administratoren" is "Administrators") > *** Warning: The owner and the Administrators need > *** Warning: to have .w. permission to /var/run. > *** Warning: Here are the current permissions and ACLS: > *** Warning: drwxrwxrwt+ 1 Administratoren root 0 May 25 21:07 /var/run > *** Warning: # file: /var/run > *** Warning: # owner: Administratoren > *** Warning: # group: root > *** Warning: # flags: --t > *** Warning: user::rwx > *** Warning: user:Administratoren:rwx > *** Warning: group::rwx > *** Warning: group:SYSTEM:rwx > *** Warning: mask:rwx > *** Warning: other:rwx > *** Warning: default:user::rwx > *** Warning: default:user:Administratoren:rwx > *** Warning: default:group::rwx > *** Warning: default:mask:rwx > *** Warning: default:other:r-x > *** Warning: > *** Warning: Please change the user and/or group ownership, > *** Warning: permissions, or ACLs of /var/run. > *** ERROR: Problem with /var/run directory. Exiting. > /var> la > total 18 > drwxr-xr-x+ 1 faroul None 0 May 25 21:17 ./ > drwxr-xr-x+ 1 faroul None 0 May 19 20:15 ../ > drwxr-xr-x+ 1 faroul None 0 May 18 23:21 cache/ > drwxr-xr-x+ 1 cyg_server root 0 May 18 23:25 empty/ > drwxr-xr-x+ 1 faroul None 0 May 18 23:21 lib/ > drwxrwxrwt+ 1 faroul None 0 May 19 21:40 log/ > drwxrwxrwt+ 1 Administratoren root 0 May 25 21:07 run/ I would expect the group owner to be Administratoren not root and the user owner of run to be faroul or root: # ls -dl /var/{run,empty}/ drwxr-xr-x+ 1 cyg_server Administrators 0 Nov 19 2013 /var/empty/ drwxrwxrwt+ 1 userid Administrators 0 May 23 19:01 /var/run/ except on my system actually /var/run -> ../run, as on Linux, and don't have any problems - I have a bunch of Linux-compatible symlinks all over, including to Windows directories for homes and other non-Cygwin stuff, and other similar customizations to make working with Windows from Cygwin easier, with no problems. You might want to try: # chgrp Administratoren /var/{empty,run} # chown root /var/run or compare your old and current directories: # ls -dl {/proc/cygdrive/c/cygwin32,}/var/{empty,run} and reset security by reference to your old directories: # chown --reference {/proc/cygdrive/c/cygwin32,}/var/empty # chgrp --reference {/proc/cygdrive/c/cygwin32,}/var/empty # chmod --reference {/proc/cygdrive/c/cygwin32,}/var/empty # chown --reference {/proc/cygdrive/c/cygwin32,}/var/run # chgrp --reference {/proc/cygdrive/c/cygwin32,}/var/run # chmod --reference {/proc/cygdrive/c/cygwin32,}/var/run Ensure your /etc/passwd and /etc/group files are complete by adding required entries with: # mkpasswd >> /etc/passwd # mkgroup >> /etc/group and edit those files carefully to remove any duplicates, and add any missing fields to root. Try typing: # id root and see if root has all of the required group memberships like: # id SYSTEM uid=18(SYSTEM) gid=18(SYSTEM) groups=544(Administrators),18(SYSTEM) # id Administrators uid=544(Administrators) gid=544(Administrators) groups=11(Authenticated Users),544(Administrators) and add any missing group memberships to root in /etc/group. Also check /etc/nsswitch.conf to ensure either the defaults, or your settings, are appropriate, comprehensive, and necessary for your setup. Last thought is to try: # find /var/run/ | xargs setfacl -bk to remove ACLs and use only straight POSIX permissions, but you may want to save those first by running getfacl once for each directory and file: # find /var/run/ | xargs savefacl.sh where savefacl.sh loops thru all args, runs getfacl on each file and saves each output in a unique file in some other directory like /tmp. The current default in /etc/sshd_config for StrictModes is yes so we should all be running like this unless manually changed, and no other problems have been reported with this, although most probably use SAM instead of files now. -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-05-27 4:58 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-05-25 20:58 Problems with ssh-host-config and /var/run directory Henning Peters
2017-05-25 21:11 ` Hans-Bernhard Bröker
2017-05-25 23:04 ` Brian Inglis
2017-05-26 7:51 ` Brian Inglis
[not found] ` <59289C75.2020307@faroul.de>
2017-05-27 8:17 ` Brian Inglis
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).