This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

RE: proftpd + mod_tsl + cygwin under win2003


On Fri, 24 Feb 2006, Dave Korn wrote:

> On 24 February 2006 16:07, Igor Peshansky wrote:
>
> > On Fri, 24 Feb 2006, Dave Korn wrote:
> >
> >> On 24 February 2006 15:24, Tyler Durden wrote:
> >>
> >>> server (client.domain.com[10.0.0.28]) -
> >>> PRIVS_RELINQUISH: unable to seteuid(PR_ROOT_UID):
> >>> Permission denied
> >>
> >>   Looks a lot like you will need to set up a specialised user a/c for
> >> the service to run under so that you can grant it the "Create a token
> >> object" privilege.  See
> >>
> >> http://www.cygwin.com/cygwin-ug-net/ntsec.html#ntsec-switch
> >
> > Also, see /usr/share/doc/Cygwin/openssh.README (seems unrelated, I know).
> >
> > It would probably be a good idea to have a proftpd-host-config (similar to
> > ssh-host-config) that sets up that specialized user automatically when
> > needed.
>
>   "When needed", in this case, would be "When doing a non-standard
> install from home-built sources and not using the cygwin packaged
> version at all"..... so I don't think adding a script to the package
> would help!  (Of course, if the package maintainer ever wants to start
> building with mod_tls enabled rather than disabled, this would change.)

Nope, "when needed" means on Win2k3, where SYSTEM doesn't have enough
privileges to switch the effective userid.  Any program/package that needs
to perform such a switch would benefit from a config script.

The fact that nobody else complained so far means that either nobody else
tried installing proftpd as a service on Win2k3, or that the people who
did were diligent enough to read the Cygwin documentation (gasp!).
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_	    pechtcha@cs.nyu.edu | igor@watson.ibm.com
ZZZzz /,`.-'`'    -.  ;-;;,_		Igor Peshansky, Ph.D. (name changed!)
     |,4-  ) )-,_. ,\ (  `'-'		old name: Igor Pechtchanski
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"Las! je suis sot... -Mais non, tu ne l'es pas, puisque tu t'en rends compte."
"But no -- you are no fool; you call yourself a fool, there's proof enough in
that!" -- Rostand, "Cyrano de Bergerac"

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]