Troubles using xinetd

richard dje djensam@yahoo.com
Tue May 13 08:15:00 GMT 2003 

Hi,

 --- Elfyn McBratney <elfyn@ubertales.co.uk> a écrit : > On Tue, 13 May 2003,
richard dje wrote:
> 
> > Hi,
> > 
> > 
> > Beside my 'sshd/multi-user' problem which is still pending, I am facing
> > an other issue on getting xinetd to work.
> > 
> > I tried to follow the Good pratices described in
> > 
> > http://www.cygwin.com/ml/cygwin/2003-01/msg00282.html
> > 
> > But it seems that i am really 'unlucky' these days.
> > 
> > I re-installed 
> >  sysvinit
> >  chkconfig
> >  initscripts
> > 
> > then re-ran 'init-config', taking care to respond 'no' to
> > 'overwrite an existing /etc/inittab ?' question.
> > 'init' was then successfully installed and started as a windows service.
> > 
> > a 'ps -a' told me that 
> >  cygrunsrv
> >  init
> >  xinetd
> > 
> > were started with UID=18
> > 
> > Trying 'telnet -l USER1@serve_ip_address' gave me
> > "telnet: Unable to connect to remote host: Connection refused"
> >  
> > 
> > I decided to try running xinetd alone in debug mode '-d', for that i did
> the
> > following
> > $ cygrunsrv -E init
> > $ xinetd -d               (UID= that of USER1)
> > 
> > I could check that 'telnet' was well configured
> > -----------------------------------------------
> > Service configuration: telnet
> >         id = telnet
> >         flags = REUSE IPv4
> >         socket_type = stream
> >         Protocol (name,number) = (tcp,6)
> >         port = 23
> >         Groups = no
> >         Bind = All addresses.
> >         Server = /usr/sbin/in.telnetd
> >         Server argv = in.telnetd
>                         ^^^^^^^^^^
> 
> >         Only from: All sites
> >         No access: No blocked sites
> >         Logging to common log file
> >         Log_on_success flags = HOST PID HOST
> >         Log_on_failure flags = HOST USERID
> 
> IIRC, xinetd doesn't require you to pass the name of the app as inetd did. 
> Maybe removing that would help..


Can you tell where to modify this ? 
Because adding 'server_args = ', that is, with an empty value did not
changed anything.

/etc/xinetd/telnet content is as follows
----------------------------------------
# default: on
# description: The telnet server serves telnet sessions; it uses \
#       unencrypted username/password pairs for authentication.
service telnet
{
        flags           = REUSE
        socket_type     = stream        
        wait            = no
        server          = /usr/sbin/in.telnetd
        server_args     =
        log_on_failure  += USERID
        user                    = SYSTEM
        disable         = no
}
----------------------------------------

while /etc/xinetd.conf content is
----------------------------------------
#
# Simple configuration file for xinetd
#
# Some defaults, and include /etc/xinetd.d/

defaults
{
        instances               = 60
        log_type                = FILE /var/log/servicelog
        log_on_success          = HOST PID
        log_on_failure          = HOST
        cps                     = 25 30
}

includedir /etc/xinetd.d
----------------------------------------

> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service:
> chargen-stream
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service:
> chargen-dgram
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service:
> daytime-stream
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service:
> daytime-dgram
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service: echo-stream
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service: echo-dgram
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service: ftp
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service: exec
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service: login
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service: servers
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service: services
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service: talk
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} Started service: telnet
> > 03/5/13@08:12:49: DEBUG: {cnf_start_services} mask_max = 19,
> services_started =
> > 13
> > 03/5/13@08:12:49: NOTICE: {main} xinetd Version 2.3.9 started with no
> options
> > compiled in.
> > 03/5/13@08:12:49: NOTICE: {main} Started working: 13 available services
> > 03/5/13@08:12:49: DEBUG: {main_loop} active_services = 13
> > 
> > -----------------------------------------------
> >  
> > I then opened another shell and tried 'telnet -l USER1 server_ip_address'
> > 
> > xinetd printed out the following
> > ----------------------------------------------
> > 03/5/13@08:15:01: ERROR: {set_credentials} setuid failed: Permission denied
> > (errno = 13)
> > 03/5/13@08:15:01: DEBUG: {main_loop} active_services = 13
> > 03/5/13@08:15:01: DEBUG: {main_loop} select returned 1
> > 03/5/13@08:15:01: DEBUG: {check_pipe} Got signal 20 (Child status changed)
> > 03/5/13@08:15:01: DEBUG: {child_exit} waitpid returned = 1552
> > 03/5/13@08:15:01: DEBUG: {server_end} telnet server 1552 exited
> > 03/5/13@08:15:01: INFO: {conn_free} freeing connection
> > 03/5/13@08:15:01: DEBUG: {child_exit} waitpid returned = -1
> > 03/5/13@08:15:01: DEBUG: {main_loop} active_services = 13
> > ----------------------------------------------
> 
> Uhm, what OS are you using? XP (Home), perhaps? Whatever the OS, it looks 
> like the user that started xinetd (LocalSystem?) doesn't have permission 
> to impersonate a user (thus the setuid error).


You'll find attached 'cyhcheck.out' the output of 'cygcheck -svr'
> Elfyn
> 
> > telnet printed out the following
> > ----------------------------------------------
> > Trying 'server_ip_address'...
> > Connected to pomerol.
> > Escape character is '^]'.
> > Connection closed by foreign host.
> > ----------------------------------------------
> > 
> > 
> > USER1 already has the three additional user rights mentioned in
> >  http://cygwin.com/cygwin-ug-net/ntsec.html#NTSEC-SETUID
> > 
> > 
> > Any help would be appreciated
> > -Richard
> 
> -- 
> Elfyn McBratney
> Systems Administrator
> ABCtales.com
> 
> 
> 
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Problem reports:       http://cygwin.com/problems.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
>  

Thanks,
-Richard

___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.com
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: cygcheck.out
URL: <http://cygwin.com/pipermail/cygwin/attachments/20030513/8cf90a37/attachment.ksh>
-------------- next part --------------
--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

More information about the Cygwin mailing list