This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: su questions


Rodrigo Serra wrote:
> 
> Pierre,
> 
> I follow your instructions and su command fails with "access denied"
> message. Attached file is the output of strace.
> 
> Rodrigo
>

 2070   29565 [main] su 2316 seterrno_from_win_error:
/netrel/src/cygwin-1.3.22-1/winsup/cygwin/sec_helper.cc:340 windows error 1300
  175   29740 [main] su 2316 geterrno_from_win_error: unknown windows error 1300, setting errno to
13
   58   29798 [main] su 2316 set_process_privilege: -1 = set_process_privilege
(SeCreateTokenPrivilege, 1)
   65   29863 [main] su 2316 create_token: -1 = create_token ()

So on your machine, SYSTEM does not have SeCreateTokenPrivilege
That's unexpected. "id" was showing that you were running as SYSTEM
when you issued the su command. Correct?

Does any one know about the peculiarities of "Windows.NET
Server 2003" RC2 and how to enable this privilege?

Pierre


> -----Mensaje original-----
> De: cygwin-owner at cygwin dot com [mailto:cygwin-owner at cygwin dot com] En nombre de
> Pierre A. Humblet
> Enviado el: Viernes, 04 de Abril de 2003 11:40 a.m.
> Para: Rodrigo Serra
> CC: cygwin at cygwin dot com
> Asunto: Re: su questions
> 
> Rodrigo Serra wrote:
> >
> > Pierre,
> >
> > The cygwin environment is binmode ntsec tty. This following string is
> > extracted from cygwin1.dll "1.3.22-dontuse-21". Windows is "Windows.NET
> > Server 2003" RC2.
> >
> > This happen only when try to use no password authentication.
> >
> OK, It may have to do with your version of Windows
> I need your help for some debugging
> 
> 1) Edit /etc/passwd to
>    a) remove the passwd of SYSTEM
>    b) add a home directory for SYSTEM (e.g. /)
>    c) add a shell for SYSTEM
>    d) remove your password (uid 1003)
> 2) telnet localhost and login as SYSTEM
>    It should let you in without password
>    You are now running as SYSTEM, confirm with "id"
> 3) su yourself (uid 1003)
>    If that fails:
> 4) strace -o trace su yourself
>    and send me the trace
> 5) Put the SYSTEM password back if your machine is directly accessible.
> 
> Pierre

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]