This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Installing sshd on W7 reveals errors in CSIH_SCRIPT -- patch file against master


On Sat, 27 May 2017 14:01:09, Houder wrote:
> --=_f8e475c11eb2497bb7b3a74fbbff7888
> Content-Transfer-Encoding: 7bit
> Content-Type: text/plain; charset=US-ASCII;
>  format=flowed
> 
> On 2017-05-26 21:35, Houder wrote:
> > Hi,
> > 
> > Installing sshd on W7 reveals errors in CSIH_SCRIPT ...
> > 
> > CSIH_SCRIPT = /usr/share/csih/cygwin-service-installation-helper.sh
> 
> Retrieved CSIH_SCRIPT from the master (January 19 2017) here:
> 
>      https://cygwin.com/git/?p=cygwin-apps/csih.git;a=summary
> 
> Attached patch file against master ...

Oh, by the way ...

My sshd daemon works flawlessly on W7 ... despite the fact the I am still
using /etc/passwd and /etc/group as the "database" (i.s.o. Windows' SAM).

(despite F-Secure SAFE, being a mandatory requirement for my machine).

(and, of course, despite the consequences of the errors in CSIH_SCRIPT; I
 took care of them).

Regards,

Henri

-----
/etc/nsswitch.conf:

# 31 10 2014

# "db" = any 'place' where Windows keeps account info (my case: local SAM?)

# as far as I can tell, the next two lines forces the Cygwin1.dll to retrieve the account
# info solely from /etc/passwd and /etc/group, i.e. Windows' "db" is ignored ...
#
passwd: files
group: files

# as far as I can tell, this line applies to getent (i.e. getpwent() and getgrent())
db_enum: files

/etc/passwd:

SYSTEM:*:18:18:U-NT AUTHORITY\SYSTEM,S-1-5-18:/home/SYSTEM:/bin/bash
LOCAL SERVICE:*:19:19:,S-1-5-19:/:/sbin/nologin
NETWORK SERVICE:*:20:20:,S-1-5-20:/:/sbin/nologin
Administrators:*:544:544:,S-1-5-32-544:/:/sbin/nologin
..
cyg_server:*:1014:513:Privileged server,U-Seven\cyg_server,S-1-5-21-91509220-1575020443-2714799223-1014:/var/empty:/bin/bash
Henri:*:1000:513:U-Seven\Henri,S-1-5-21-91509220-1575020443-2714799223-1000:/home/Henri:/bin/bash
..
sshd:*:1013:513:U-Seven\sshd,S-1-5-21-91509220-1575020443-2714799223-1013:/var/empty:/bin/bash

/etc/group:

SYSTEM:S-1-5-18:18:
..
Administrators:S-1-5-32-544:544:
..
None:S-1-5-21-91509220-1575020443-2714799223-513:513:
..

@@ ls -ld ~ ~/.ssh
drwxr-xr-x+ 1 Henri None 0 May 27 08:16 /home/Henri
# modified by me? (744 => 700) ... not really required ...
drwx------+ 1 Henri None 0 May 26 13:22 /home/Henri/.ssh

@@ ls -l /etc/ssh*
-rw-r--r-- 1 cyg_server Administrators 1680 May 26 13:15 /etc/ssh_config
-rw------- 1 cyg_server Administrators  668 Jul 25  2016 /etc/ssh_host_<X-key>
-rw-r--r-- 1 cyg_server Administrators  601 Jul 25  2016 /etc/ssh_host_<X-key>.pub
-rw-r--r-- 1 cyg_server Administrators 3225 May 26 16:44 /etc/sshd_config

@@ ls -ld /var/empty /var/run
drwxr-xr-x+ 1 cyg_server Administrators 0 May 26 12:45 /var/empty
drwxrwxrwt+ 1 Henri      None           0 May 26 21:28 /var/run

 - "/var/empty must be owned by root and not group or world-writable."
 - that is, owned by "cyg_server" (the privileged account, acting as the root user here)

@@ ls -l /var/run
-rw-r--r-- 1 cyg_server None   5 May 27 07:54 sshd.pid
# modified permissions to 660 for aestetic reason only
-rw-rw---- 1 Henri      None 640 May 26 18:50 utmp

@@ ls -l /var/log/sshd.log # file exists if one has redirected the output of sshd.exe ...
-rw-r--r-- 1 cyg_server None 1767 May 26 21:28 /var/log/sshd.log

@@ getfacl /var/tmp # relevant here is ownership by cyg_server ...
# file: /var/empty
# owner: cyg_server
# group: Administrators
user::rwx
group::r-x
group:SYSTEM:r-x
group:Administrators:r-x
mask:r-x
other:r-x
default:user::rwx
default:group::r-x
default:other:r-x

@@ getfacl /var/run
# file: /var/run
# owner: Henri
# group: None
# flags: --t
user::rwx
group::rwx
group:SYSTEM:rwx
group:Administrators:rwx
mask:rwx
other:rwx
default:user::rwx
default:group::r-x
default:other:r-x

=====


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]