sshd: fatal: seteuid XXX : No such device or address
Houder
houder@xs4all.nl
Fri Mar 15 19:39:00 GMT 2019
On Fri, 15 Mar 2019 14:42:47, Corinna Vinschen wrote:
> On Mar 15 14:06, Houder wrote:
> > One is forced to create the exact same environment (system) as the
> > person who is complaining, fire up the debugger (like sticking
> > a thermometer in a patient's rear end) in order to find out where
> > the code failed ...
> >
> > Meaning, within the context of the recent sshd problems, possibly only
^^^^
> > you know where the error ERROR_FILE_INVALID (resulting in the error
^^^
strace, yes. But only if one has the exact same "network" at one's disposal
as the one where the problem occurred (like you have at your place; while I
only have one simple computer) ... That is decisive.
> > message "No such device or address") was generated ... (and by which
> > Windows function).
>
> The only interface an application has is by checking the POSIX
> errno value. This is what Cygwin is about :)
>
> If you need more details what's going on under the hood, you have
> to use strace.
>
> > Oh well, this cannot be helped ...
>
> Well, there *is* a solution by using strace. And hey, we now know what
> ENXIO returned from seteuid means, don't we? It's not all bad :)
You do! I do not :-) (as I do not have the machinery at my disposal that
is required to provoke this error).
A simple STC to emphasize my statement (i.e. a problem that I can strace
on my computer).
int
main()
{
errno = 0;
if (seteuid( (uid_t)1004) != 0) { // 1004, not being me :-)
printf("seteuid: errno = %d, errstr = %s\n", errno, strerror(errno) );
// seteuid: errno = 13, errstr = Permission denied => EACCES
// ... while only EPERM en EINVAL are documented ...
} else printf("1004, OK\n");
}
64-@@ ./seteuid
seteuid: errno = 13, errstr = Permission denied ... huh?
On Linux this simple "Simple Test Case" will result in:
seteuid: errno = 1, errstr = Operation not permitted ... Got it!
Fortunately, I have now have the strace output at my disposal:
... studying the strace output and the source code, I am now able to
tell what is going on ... see below:
seteuid (syscalls.cc)
.lsaprivkeyauth (sec_auth.cc) <==== fails; as result NULL (token)
is returned by lsaprivkeyauth ...
...lsa_open_policy (sec_auth.cc) <==== fails; as result NULL (lsa)
is returned by lsa_open_policy ...
# errno, set by lsa_open_policy, is ignored
# seteuid() chooses NOT to bail out, but
# to attempt "Service For User Logon" (s4u) ...
.s4uauth (sec_auth.cc) <==== fails (because LsaRegisterLogonProcess
fails), returning the status (0xC0000041)
to seteuid()
# /usr/include/w32api/ntstatus.h:
# defines STATUS_PORT_CONNECTION_REFUSED ((NTSTATUS)0xC0000041)
# now seteuid chooses to bail out (i.e. setuid() fails)
Q: errno?
s4uauth calls __seterrno_from_nt_status (0xC0000041), which in turn
calls RtlNtStatusToDosError(0xC0000041), which in turn
calls geterrno_from_win_error(5,...):
0xC0000041 is mapped to 5, which in turn is mapped to 13 (EACCES).
Henri
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list