From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cygwin-return-192250-listarch-cygwin=sourceware.org@cygwin.com>
Received: (qmail 7144 invoked by alias); 4 Sep 2014 14:12:36 -0000
Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe@cygwin.com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-help@cygwin.com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner@cygwin.com
Mail-Followup-To: cygwin@cygwin.com
Received: (qmail 7131 invoked by uid 89); 4 Sep 2014 14:12:35 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-5.2 required=5.0 tests=AWL,BAYES_50,RCVD_IN_DNSWL_LOW,RCVD_NUMERIC_HELO,RP_MATCHES_RCVD,SPF_HELO_PASS,SPF_PASS,T_FSL_HELO_BARE_IP_2 autolearn=ham version=3.3.2
X-HELO: plane.gmane.org
Received: from plane.gmane.org (HELO plane.gmane.org) (80.91.229.3) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-SHA encrypted) ESMTPS; Thu, 04 Sep 2014 14:12:34 +0000
Received: from list by plane.gmane.org with local (Exim 4.69)	(envelope-from <goc-cygwin@m.gmane.org>)	id 1XPXm0-000511-Kb	for cygwin@cygwin.com; Thu, 04 Sep 2014 16:12:28 +0200
Received: from 217.10.52.10 ([217.10.52.10])        by main.gmane.org with esmtp (Gmexim 0.1 (Debian))        id 1AlnuQ-0007hv-00        for <cygwin@cygwin.com>; Thu, 04 Sep 2014 16:12:28 +0200
Received: from Stromeko by 217.10.52.10 with local (Gmexim 0.1 (Debian))        id 1AlnuQ-0007hv-00        for <cygwin@cygwin.com>; Thu, 04 Sep 2014 16:12:28 +0200
To: cygwin@cygwin.com
From: Achim Gratz <Stromeko@NexGo.DE>
Subject: Re: Windows Server 2012R2 64bit and 32bit Cygwin sshd
Date: Thu, 04 Sep 2014 14:12:00 -0000
Message-ID: <loom.20140904T152825-543@post.gmane.org>
References: <8761hphfps.fsf@Rainer.invalid> <loom.20140902T134545-288@post.gmane.org> <20140902140751.GD6056@calimero.vinschen.de> <loom.20140902T171114-72@post.gmane.org> <20140902153757.GE6056@calimero.vinschen.de> <loom.20140903T084528-450@post.gmane.org> <loom.20140903T145724-31@post.gmane.org> <20140903133728.GL6056@calimero.vinschen.de> <loom.20140904T130950-773@post.gmane.org> <20140904122845.GU6056@calimero.vinschen.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
User-Agent: Loom/3.14 (http://gmane.org/)
X-IsSubscribed: yes
X-SW-Source: 2014-09/txt/msg00084.txt.bz2

Corinna Vinschen <corinna-cygwin <at> cygwin.com> writes:
> > I couldn't start cygserver as a service with (just) the built DLL in place.
> 
> No idea why.  The patch just adds debug output to strace ouptput, nothing 
> else.

Whatever.  I've installed all the binaries from that build and things work
normally now.

> > So I started it in debug mode from the command line (which makes it have
> > less rights than it needs) and started the sshd in debug mode also.
> 
> In a cyg_server GUI session?  If so, you should have all rights required
> when starting this in an elevated shell.

Not the token privileges, I don't think so.  But I'm not sure how to check.

Here's the salient parts from the strace (attaching to the sshd running as a
service in sandbox mode, running with no privilege separation produces a
slightly different trace, but the events leading up to the error are the same):

 262 1161585 [main] sshd 2044 getpid: 2044 = getpid()
10593 1172178 [main] sshd 2044 get_logon_server: DC: server: \\SC301
   58 1172236 [main] sshd 2044 get_user_groups: Before NetUserGetGroups
--- Process 560, exception 00000005 at 75511D4D
 6543 1178779 [main] sshd 2044 get_user_groups: After NetUserGetGroups ret = 5
   56 1178835 [main] sshd 2044 seterrno_from_win_error:
../../../../source/cygwin-snapshot-20140903-1/winsup/cygwin/sec_auth.cc:265
windows error 5
   36 1178871 [main] sshd 2044 geterrno_from_win_error: windows error 5 ==
errno 13
   33 1178904 [main] sshd 2044 get_user_local_groups: Before
NetUserGetLocalGroups
--- Process 560, exception 00000005 at 75511D4D
 7964 1186868 [main] sshd 2044 get_user_local_groups: After
NetUserGetLocalGroups ret = 5
   50 1186918 [main] sshd 2044 seterrno_from_win_error:
../../../../source/cygwin-snapshot-20140903-1/winsup/cygwin/sec_auth.cc:318
windows error 5
   38 1186956 [main] sshd 2044 geterrno_from_win_error: windows error 5 ==
errno 13
   37 1186993 [main] sshd 2044 initgroups32: 0 = initgroups(gratz, 1049089)

It then proceeds to log on via the token and mounts the entries from my
personal fstab (that should fail if it was running as a different user for
some of the entries).  After checking for /etc/nologin this happens:

   35 5023308 [main] sshd 2248 setegid32: new egid: 1049089 current: 197121
   41 5023349 [main] sshd 2248 setegid32: NtSetInformationToken (hProcToken,
TokenPrimaryGroup), 0xC000005B
 3105 5026454 [main] sshd 2248 get_logon_server: DC: server: \\SC301
   44 5026498 [main] sshd 2248 get_user_groups: Before NetUserGetGroups
--- Process 2248, exception 00000005 at 75511D4D

The process apparently gets killed while in the NetUserGetGroups call (much
as you suspected).  I'm not sure this tells us anything new, though. :-(


Regards,
Achim.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple