sshd and network share permissions
Joseph Hetrick
cygwin@bitjanitor.net
Thu Apr 6 15:58:00 GMT 2006
Hello,
I've been through the list archives and have googled fairly heavily and
am up against a wall.
I've set cygwin sshd up according to the following (which seems to be
what is posted to the list at various intervals).
http://pigtail.net/LRP/printsrv/cygwin-sshd.html
I'm having a problem gaining access to remote shares. Attached is my
cygcheck out and I'll add the following:
1) Logged in as a normal user, I find that attempts to net use resources
on samba shares and I see:
Username MY.AD.DOMAIN\WIN007$ is invalid on this system
Windows shares generate similar errors in the eventlog as the
machinename WIN007 is carried over instead of a proper username.
I've looked through the archives and the general discussion indicates
that this breakage happens when folks are using RSAAuth...I am not.
I've forced passwd auth, and I've restarted sshd without success.
Is this a symptom of sshd running as SYSTEM?
There is a single public share I do have access too, and mounting that
shows that on the unix side my permissions are mapped and look like I
should have r/w access. In practice, however, I do not. Similar errors
as the above samba error show up in the event log for the 2k3 host doing
the file serving.
Additionally:
If I do navigate to a public mountpoint and find a spot I have write
access to, what I see happen is that when I create a file, from the
ssh'd shell, things look as I would expect as far as ownership goes:
ex:
-rw-r--r-- 1 user_wa Domain Users 0 Apr 6 09:53 test
If I go there and look from a local shell:
-rwx------+ 1 ??????????? Domain Computers 0 Apr 6 09:53 test
(user_wa is an Admin)
Clearly the perms I think are applied are not, and I must have something
misconfigured of I'm misunderstanding something.
Am I miss understanding something about ntsec or smbntsec in this instance?
As a little background, I'm a Unix Admin trying to create a unixified
win host to do some management design, so, the nuances of win security
are a bit new to me.
Thanks,
Joe
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: cygcheck.out
URL: <http://cygwin.com/pipermail/cygwin/attachments/20060406/7e3a5858/attachment.ksh>
-------------- next part --------------
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list