From: Achim Gratz <Stromeko@NexGo.DE>
To: cygwin@cygwin.com
Subject: Re: Windows Server 2012R2 64bit and 32bit Cygwin sshd
Date: Thu, 04 Sep 2014 11:24:00 -0000 [thread overview]
Message-ID: <loom.20140904T130950-773@post.gmane.org> (raw)
In-Reply-To: <20140903133728.GL6056@calimero.vinschen.de>
Corinna Vinschen <corinna-cygwin <at> cygwin.com> writes:
> You already built your own Cygwin DLL, right? What you could do is to
> do some good old printf debugging. First let's try to find out if it's
> really one of the NetUser calls:
It looks like I need to install more than the DLL to make this work? I
couldn't start cygserver as a service with (just) the built DLL in place.
So I started it in debug mode from the command line (which makes it have
less rights than it needs) and started the sshd in debug mode also. Due to
presumably the missing rights mentioned I could only log in with an
administrative account (domain account, but restricted to run on the server
only). I didn't get any failure from the debug_printf instrumented
functions. With my normal user account I got a "/bin/bash: Operation not
permitted". The cygserver debug output also showed unfettered access to the
AD. With the sshd running without privilege separation I've noticed some
requests to the cygserver that seemed to indicate memory corruption: Early
on in starting the daemon it would normally try to get account information
for Administrators:544, but the debug output from cygserver was showing
sshdrs as the account name being asked for. Also there are (probably
unrelated since they are also present on x86_64) complaints about requests
of illegal length (11).
Going back to the original snapshot and using the same debugging setup the
behaviour was still the same. Since I could now start the services again, I
did that and am back to the original behaviour. I've asked our IT if there
are restrictions specifically targetting 32bit services or processes, but
got no answer so far (I'm not even sure this is possible).
I'm not sure what to make of these results, but at the moment I've ran out
of time anyway.
Regards,
Achim.
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
next prev parent reply other threads:[~2014-09-04 11:24 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-18 17:26 Achim Gratz
2014-08-19 13:37 ` Achim Gratz
2014-08-19 17:02 ` Corinna Vinschen
2014-08-19 17:21 ` Achim Gratz
2014-08-19 19:09 ` Corinna Vinschen
2014-08-19 19:21 ` Achim Gratz
2014-09-02 11:52 ` Achim Gratz
2014-09-02 14:07 ` Corinna Vinschen
2014-09-02 15:16 ` Achim Gratz
2014-09-02 15:38 ` Corinna Vinschen
2014-09-02 17:32 ` Achim Gratz
2014-09-03 7:17 ` Achim Gratz
2014-09-03 13:03 ` Achim Gratz
2014-09-03 13:37 ` Corinna Vinschen
2014-09-04 11:24 ` Achim Gratz [this message]
2014-09-04 12:28 ` Corinna Vinschen
2014-09-04 14:12 ` Achim Gratz
2014-09-04 14:59 ` Achim Gratz
2014-09-05 11:16 ` Corinna Vinschen
2014-09-05 11:56 ` Corinna Vinschen
2014-09-05 18:17 ` Achim Gratz
2014-09-03 13:26 ` Corinna Vinschen
2014-09-02 16:25 ` Achim Gratz
2014-09-02 19:14 ` Corinna Vinschen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=loom.20140904T130950-773@post.gmane.org \
--to=stromeko@nexgo.de \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).