This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
Re: Suggestions for cron/suid script? (accessing network shares)
- From: Don Dwiggins <dond at advancedmp dot com>
- To: Jason Dufair <jase at dufair dot org>
- Cc: cygwin at cygwin dot com
- Date: 02 Jul 2002 12:55:36 -0700
- Subject: Re: Suggestions for cron/suid script? (accessing network shares)
- References: <3D2077F5.1000505@dufair.org>
Jason Dufair writes:
> I recently got cron set up on my Win2K box. What a treat not to have to use
> Windows' built in scheduler! Given that cron runs as SYSTEM, what I'm
> wondering is this: Is there any way to get cron to see my network shares?
> Specifically, I'm tar/gzipping my Cygwin home dir and want to copy the
> tarball to a directory on my LAN (Novell share) for which my account for
> which my logged-in account is the only trustee. When I run a script that
> tries to map it with "net use", I get an error that implies a permissions
> issue. I'm not likely to be able to convince the network folks to change
> permissions to add my local SYSTEM acct to this share, so I wonder if
> there's some way to do it with, say, an SUID perl script or something. I
> briefly tried creating one, but not being super familiar with suid, I'm
> having no luck. Any advice would be welcome. Thanks!
There are some earlier messages in the archives on this (including a recent
one from me). The short answer seems to be "sorry, you can't do it".
Being a nosy type, and a bit stubborn, I'm still trying to either:
a) Understand exactly why I can't do it, or better
b) Figure out how to do it.
Pursuing a):
I put an "id" and an "env" and a "net use" in one of the scripts I run from
cron.
"id" returns:
uid=11823(dond) gid=18(SYSTEM) groups=0(Everyone),18(SYSTEM),\
10513(Domain Users),11459(Special)
("dond" is my domain user login; I broke the line myself.) The only
difference here from running under the Cygwin shell is the gid; in the
latter case, the gid is 11459. It appears that crond is indeed "su"ing to
my user, although keeping its own group.
Among the "env" output occurs the following:
CYGWIN=tty ntsec
"net use" gives:
Status Local Remote Network
-------------------------------------------------------------------------------
Unavailable H: \\server1\d$ Microsoft Windows Network
Unavailable I: \\server2\d$ Microsoft Windows Network
Unavailable K: \\server3\users Microsoft Windows Network
Disconnected \\server4\common Microsoft Windows Network
The command completed successfully.
Finally, I tried "net use u: '\\server5\Users\dond'", and got the following:
System error 53 has occurred.
The network path was not found.
New connections will be remembered.
So, the question seems to become: why doesn't "su"ing to my domain user give
the process "enough power" to see network paths?
Regards,
--
Don Dwiggins "The truth will make you free,
d.l.dwiggins@computer.org but first it will make you miserable"
-- Tom DeMarco
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/