This is the mail archive of the
cygwin
mailing list for the Cygwin project.
RE: proftpd + mod_tsl + cygwin under win2003
- From: Igor Peshansky <pechtcha at cs dot nyu dot edu>
- To: Dave Korn <dave dot korn at artimi dot com>
- Cc: cygwin at cygwin dot com
- Date: Fri, 24 Feb 2006 11:25:41 -0500 (EST)
- Subject: RE: proftpd + mod_tsl + cygwin under win2003
- References: <008701c6395d$cee650a0$a501a8c0@CAM.ARTIMI.COM>
- Reply-to: cygwin at cygwin dot com
On Fri, 24 Feb 2006, Dave Korn wrote:
> On 24 February 2006 16:07, Igor Peshansky wrote:
>
> > On Fri, 24 Feb 2006, Dave Korn wrote:
> >
> >> On 24 February 2006 15:24, Tyler Durden wrote:
> >>
> >>> server (client.domain.com[10.0.0.28]) -
> >>> PRIVS_RELINQUISH: unable to seteuid(PR_ROOT_UID):
> >>> Permission denied
> >>
> >> Looks a lot like you will need to set up a specialised user a/c for
> >> the service to run under so that you can grant it the "Create a token
> >> object" privilege. See
> >>
> >> http://www.cygwin.com/cygwin-ug-net/ntsec.html#ntsec-switch
> >
> > Also, see /usr/share/doc/Cygwin/openssh.README (seems unrelated, I know).
> >
> > It would probably be a good idea to have a proftpd-host-config (similar to
> > ssh-host-config) that sets up that specialized user automatically when
> > needed.
>
> "When needed", in this case, would be "When doing a non-standard
> install from home-built sources and not using the cygwin packaged
> version at all"..... so I don't think adding a script to the package
> would help! (Of course, if the package maintainer ever wants to start
> building with mod_tls enabled rather than disabled, this would change.)
Nope, "when needed" means on Win2k3, where SYSTEM doesn't have enough
privileges to switch the effective userid. Any program/package that needs
to perform such a switch would benefit from a config script.
The fact that nobody else complained so far means that either nobody else
tried installing proftpd as a service on Win2k3, or that the people who
did were diligent enough to read the Cygwin documentation (gasp!).
Igor
--
http://cs.nyu.edu/~pechtcha/
|\ _,,,---,,_ pechtcha@cs.nyu.edu | igor@watson.ibm.com
ZZZzz /,`.-'`' -. ;-;;,_ Igor Peshansky, Ph.D. (name changed!)
|,4- ) )-,_. ,\ ( `'-' old name: Igor Pechtchanski
'---''(_/--' `-'\_) fL a.k.a JaguaR-R-R-r-r-r-.-.-. Meow!
"Las! je suis sot... -Mais non, tu ne l'es pas, puisque tu t'en rends compte."
"But no -- you are no fool; you call yourself a fool, there's proof enough in
that!" -- Rostand, "Cyrano de Bergerac"
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/