Windows Server 2012R2 64bit and 32bit Cygwin sshd
Corinna Vinschen
corinna-cygwin@cygwin.com
Fri Sep 5 11:16:00 GMT 2014
On Sep 4 14:12, Achim Gratz wrote:
> Corinna Vinschen <corinna-cygwin <at> cygwin.com> writes:
> > > I couldn't start cygserver as a service with (just) the built DLL in place.
> >
> > No idea why. The patch just adds debug output to strace ouptput, nothing
> > else.
>
> Whatever. I've installed all the binaries from that build and things work
> normally now.
>
> > > So I started it in debug mode from the command line (which makes it have
> > > less rights than it needs) and started the sshd in debug mode also.
> >
> > In a cyg_server GUI session? If so, you should have all rights required
> > when starting this in an elevated shell.
>
> Not the token privileges, I don't think so. But I'm not sure how to check.
Windows whoami /all
> Here's the salient parts from the strace (attaching to the sshd running as a
> service in sandbox mode, running with no privilege separation produces a
> slightly different trace, but the events leading up to the error are the same):
> [...]
> 44 5026498 [main] sshd 2248 get_user_groups: Before NetUserGetGroups
> --- Process 2248, exception 00000005 at 75511D4D
>
> The process apparently gets killed while in the NetUserGetGroups call (much
> as you suspected). I'm not sure this tells us anything new, though. :-(
No, it just confirms it.
Please remove the debug_printf patch and try this instead:
Index: sec_auth.cc
===================================================================
RCS file: /cvs/src/src/winsup/cygwin/sec_auth.cc,v
retrieving revision 1.57
diff -u -p -r1.57 sec_auth.cc
--- sec_auth.cc 22 May 2014 16:40:13 -0000 1.57
+++ sec_auth.cc 5 Sep 2014 11:12:01 -0000
@@ -20,6 +20,7 @@ details. */
#include "fhandler.h"
#include "dtable.h"
#include "cygheap.h"
+#include "exception.h"
#include "ntdll.h"
#include "tls_pbuf.h"
#include <lm.h>
@@ -255,9 +256,13 @@ get_user_groups (WCHAR *logonserver, cyg
DWORD cnt, tot, len;
NET_API_STATUS ret;
- /* Look only on logonserver */
- ret = NetUserGetGroups (logonserver, user, 0, (LPBYTE *) &buf,
- MAX_PREFERRED_LENGTH, &cnt, &tot);
+ {
+ /* Experimental SEH */
+ exception protect;
+ /* Look only on logonserver */
+ ret = NetUserGetGroups (logonserver, user, 0, (LPBYTE *) &buf,
+ MAX_PREFERRED_LENGTH, &cnt, &tot);
+ }
if (ret)
{
__seterrno_from_win_error (ret);
@@ -306,9 +311,14 @@ get_user_local_groups (PWCHAR logonserve
DWORD cnt, tot;
NET_API_STATUS ret;
- ret = NetUserGetLocalGroups (logonserver, user, 0, LG_INCLUDE_INDIRECT,
- (LPBYTE *) &buf, MAX_PREFERRED_LENGTH,
- &cnt, &tot);
+ {
+ /* Experimental SEH */
+ exception protect;
+
+ ret = NetUserGetLocalGroups (logonserver, user, 0, LG_INCLUDE_INDIRECT,
+ (LPBYTE *) &buf, MAX_PREFERRED_LENGTH,
+ &cnt, &tot);
+ }
if (ret)
{
__seterrno_from_win_error (ret);
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://cygwin.com/pipermail/cygwin/attachments/20140905/1ea98e16/attachment.sig>
More information about the Cygwin
mailing list