xinetd: PID 2280: Service tftp missing attribute user - DISABLING
ilya Basin
basinilya@gmail.com
Fri Oct 1 09:23:31 GMT 2021
Upd:
1)
There was a typo in the sed script. The correct one is:
mkpasswd.exe | sed 's/^[^:]*\(cyg_server\):/\1:/;t;d'
I also had to do the same for the unprivileged user "tftpd" created by /usr/bin/tftpd-config
2)
After being successfully started by xinetd the tftp server logs to Windows Event log:
tftpd: PID 2844: cannot drop privileges: No error
and in the Audit log there is a deny message with:
FailureReason %%2310 Account currently disabled.
Workaround:
net user tftpd /active:YES
and it makes me wonder how it worked in older versions. The user is created by csih_create_unprivileged_user() with the command:
net user "${unpriv_user}" \
/homedir:"${dos_var_empty}" \
/comment:'<cygwin home="/var/empty" shell="/bin/false"/>' \
/add /active:no
On 01.10.2021 10:21, ilya Basin wrote:
> Hi. I installed xinetd and tftp-server recently, ran xinetd-config and tftpd-config, and enabled /etc/xinetd.d/tftp. However, I was getting the following error in Windows Event log:
>
> xinetd: PID 2280: Service tftp missing attribute user - DISABLING
>
> Workaround:
>
> # The xinetd user name must exist in /etc/passwd
> # We have to strip "MYHOST+" from "MYHOST+cyg_server" to make xinetd match the entry
> mkpasswd.exe | sed 's/^[^:]*\(cyg_server\):/\1/;t;d' >>/etc/passwd
>
> Commenting "user=cyg_server" is not needed and won't help because then xinetd looks for the current user in /etc/passwd
>
> By the way, cygsshd runs fine as NT_AUTHORITY\SYSTEM on Windows 10 and can serve both local and domain users. I just had to strip the machine prefix in /etc/passwd for the local users. Perhaps /usr/share/doc/Cygwin/xinetd.README is outdated?
>
More information about the Cygwin
mailing list