Re: cygrunsrv no longer allows domain user
On 03/31/2015 06:04 AM, Corinna Vinschen wrote: On Mar 30 14:07, Len Giambrone wrote: This used to work (before Corinna's db work): $ cygrunsrv -I myservice -d 'myservice' -u 'ISCINTERNAL\build' -w donotuseme -p /cygdrive/f/tut/install.sh cygrunsrv: Error installing a service: CreateService: Win32 error 1057: The account name is invalid or does not exist, or the password is invalid for the account name specified. Using + doesn't help either: $ cygrunsrv -I myservice -d 'myservice' -u 'ISCINTERNAL+build' -w donotuseme -p /cygdrive/f/tut/install.sh cygrunsrv: Error installing a service: CreateService: Win32 error 1057: The account name is invalid or does not exist, or the password is invalid for the account name specified. Is there an incantation that will work? Uhm, not with Cygwin 1.7.35, unless your domain is the primary domain of your machine, in which case you just omit the leading domain: cygrunsrv [...] -u 'build' This is a bug in Cygwin. Cygrunsrv calls getpwnam(ISCINTERNAL\\build) and the underlying code fails to recognize this as invalid Cygwin user name. Instead, it constructs a user entry for a user ISCINTERNAL+ISCINTERNAL\build and carries on. Ok, so reading your patch, you just don't allow fully qualified usernames and return an error. What if I have two users foo, one local to the machine, and one that is in the domain the machine is a member of? How do I make the distinction? Right now -u foo (by empirical evidence) translates to DOMAIN\foo; how to I specify LOCALMACHINE\foo? I fixed that in the repo and uploaded new developer snapshots 2015-03-31 with this patch to https://cygwin.com/snapshots/. Please give them a try. Thanks, Corinna -- -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: cygrunsrv no longer allows domain user
On 03/31/2015 02:00 PM, Len Giambrone wrote: On 03/31/2015 06:04 AM, Corinna Vinschen wrote: On Mar 30 14:07, Len Giambrone wrote: This used to work (before Corinna's db work): $ cygrunsrv -I myservice -d 'myservice' -u 'ISCINTERNAL\build' -w donotuseme -p /cygdrive/f/tut/install.sh cygrunsrv: Error installing a service: CreateService: Win32 error 1057: The account name is invalid or does not exist, or the password is invalid for the account name specified. Using + doesn't help either: $ cygrunsrv -I myservice -d 'myservice' -u 'ISCINTERNAL+build' -w donotuseme -p /cygdrive/f/tut/install.sh cygrunsrv: Error installing a service: CreateService: Win32 error 1057: The account name is invalid or does not exist, or the password is invalid for the account name specified. Is there an incantation that will work? Uhm, not with Cygwin 1.7.35, unless your domain is the primary domain of your machine, in which case you just omit the leading domain: cygrunsrv [...] -u 'build' This is a bug in Cygwin. Cygrunsrv calls getpwnam(ISCINTERNAL\\build) and the underlying code fails to recognize this as invalid Cygwin user name. Instead, it constructs a user entry for a user ISCINTERNAL+ISCINTERNAL\build and carries on. Ok, so reading your patch, you just don't allow fully qualified usernames and return an error. What if I have two users foo, one local to the machine, and one that is in the domain the machine is a member of? How do I make the distinction? Right now -u foo (by empirical evidence) translates to DOMAIN\foo; how to I specify LOCALMACHINE\foo? Never mind, I answered my own question: build@wx64lg ~ $ cygrunsrv -I myservice -u build -p /cygdrive/c/Cygwin/bin/perl.exe Enter password of user `ISCINTERNAL\build': Reenter, please: Sorry, passwords do not match. Enter password of user `ISCINTERNAL\build': Reenter, please: build@wx64lg ~ $ cygrunsrv -R myservice build@wx64lg ~ $ cygrunsrv -I myservice -u WX64LG+build -p /cygdrive/c/Cygwin/bin/perl.exe Enter password of user `WX64LG\build': Reenter, please: I fixed that in the repo and uploaded new developer snapshots 2015-03-31 with this patch to https://cygwin.com/snapshots/. Please give them a try. Thanks, Corinna -- -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
cygrunsrv no longer allows domain user
This used to work (before Corinna's db work): $ cygrunsrv -I myservice -d 'myservice' -u 'ISCINTERNAL\build' -w donotuseme -p /cygdrive/f/tut/install.sh cygrunsrv: Error installing a service: CreateService: Win32 error 1057: The account name is invalid or does not exist, or the password is invalid for the account name specified. Using + doesn't help either: $ cygrunsrv -I myservice -d 'myservice' -u 'ISCINTERNAL+build' -w donotuseme -p /cygdrive/f/tut/install.sh cygrunsrv: Error installing a service: CreateService: Win32 error 1057: The account name is invalid or does not exist, or the password is invalid for the account name specified. Is there an incantation that will work? -- -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
gid doesn't display correctly on SAMBA share using AD
Using the latest cygwin: $ cygcheck -c cygwin Cygwin Package Information Package VersionStatus cygwin 1.7.34-6 OK I've asked my admin to update the uidNumber and gidNumber in AD. He has done so: DistinguishedName : CN=build,OU=GroupAccounts,OU=Users,OU=Cambridge,DC=iscinternal,DC=com Enabled : True gidNumber : 999 GivenName : build Name : build ObjectClass : user ObjectGUID: 0901b540-b044-437f-a167-53e1453eab94 SamAccountName: build SID : S-1-5-21-112145844-1872675854-1690816760-17189 Surname : uidNumber : 56191 UserPrincipalName : bu...@iscinternal.com The username displays correctly, but the group name does not: $ ls -la foo -rw-rw-r-- 1 build Unix_Group+999 0 Feb 25 10:52 foo And this is confirmed by running getent: $ getent passwd build build:*:1065765:1049089:U-ISCINTERNAL\build,S-1-5-21-112145844-1872675854-1690816760-17189:/home/build:/bin/bash $ getent passwd group I've read https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch-gecos 'til I'm blue in the face, and I think this should work. What am I missing? How can I debug? -- -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: gid doesn't display correctly on SAMBA share using AD
On 02/25/2015 11:18 AM, Corinna Vinschen wrote: On Feb 25 11:01, Len Giambrone wrote: Using the latest cygwin: $ cygcheck -c cygwin Cygwin Package Information Package VersionStatus cygwin 1.7.34-6 OK I've asked my admin to update the uidNumber and gidNumber in AD. He has done so: DistinguishedName : CN=build,OU=GroupAccounts,OU=Users,OU=Cambridge,DC=iscinternal,DC=com Enabled : True gidNumber : 999 GivenName : build Name : build ObjectClass : user ObjectGUID: 0901b540-b044-437f-a167-53e1453eab94 SamAccountName: build SID : S-1-5-21-112145844-1872675854-1690816760-17189 Surname : uidNumber : 56191 UserPrincipalName : bu...@iscinternal.com The username displays correctly, but the group name does not: $ ls -la foo -rw-rw-r-- 1 build Unix_Group+999 0 Feb 25 10:52 foo And this is confirmed by running getent: $ getent passwd build build:*:1065765:1049089:U-ISCINTERNAL\build,S-1-5-21-112145844-1872675854-1690816760-17189:/home/build:/bin/bash $ getent passwd group I've read https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch-gecos 'til I'm blue in the face, and I think this should work. What am I missing? How can I debug? If your admin changed your user account to have a gidNumber 999 only, then that won't help, Consider: Cygwin tries to find a group with gidNumber set to 999. How is it supposed to evaluate the right gidNumber value from some arbitrary user account? What Cygwin needs to get the right connection between a Windows group and a gidNumber value is that the *group* entry in AD itself has the gidNumber set to the right value. I don't know if that's really the problem in your case, but that seems the most likely. Please report back. I'm excited that I'm not the only one interested in getting this connection between unix and windows ids working :) It worked. :) Now I just have to persuade my admin to populate uidNumber and gidNumber for all our current and new users... Corinna -- -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: gid doesn't display correctly on SAMBA share using AD
On 02/25/2015 12:20 PM, Corinna Vinschen wrote: On Feb 25 11:51, Len Giambrone wrote: On 02/25/2015 11:18 AM, Corinna Vinschen wrote: On Feb 25 11:01, Len Giambrone wrote: [...] The username displays correctly, but the group name does not: $ ls -la foo -rw-rw-r-- 1 build Unix_Group+999 0 Feb 25 10:52 foo And this is confirmed by running getent: $ getent passwd build build:*:1065765:1049089:U-ISCINTERNAL\build,S-1-5-21-112145844-1872675854-1690816760-17189:/home/build:/bin/bash $ getent passwd group I've read https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch-gecos 'til I'm blue in the face, and I think this should work. What am I missing? How can I debug? If your admin changed your user account to have a gidNumber 999 only, then that won't help, Consider: Cygwin tries to find a group with gidNumber set to 999. How is it supposed to evaluate the right gidNumber value from some arbitrary user account? What Cygwin needs to get the right connection between a Windows group and a gidNumber value is that the *group* entry in AD itself has the gidNumber set to the right value. I don't know if that's really the problem in your case, but that seems the most likely. Please report back. I'm excited that I'm not the only one interested in getting this connection between unix and windows ids working :) It worked. :) Now I just have to persuade my admin to populate uidNumber and gidNumber for all our current and new users... I'm glad to read that. Thanks for your feedback! If I can't get my admin to cooperate, then I have to resort to using mkpasswd/mkgroup -U. But this gives output like this: $ ls -la foo -rw-rw-r-- 1 Unix_User+build Unix_Group+releng 0 Feb 25 10:52 foo Is that expected? (The Unix_User+/Unix_Group+ prefix). Corinna -- -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: gid doesn't display correctly on SAMBA share using AD
On 02/25/2015 12:34 PM, Corinna Vinschen wrote: On Feb 25 12:26, Len Giambrone wrote: On 02/25/2015 12:20 PM, Corinna Vinschen wrote: On Feb 25 11:51, Len Giambrone wrote: On 02/25/2015 11:18 AM, Corinna Vinschen wrote: On Feb 25 11:01, Len Giambrone wrote: [...] The username displays correctly, but the group name does not: $ ls -la foo -rw-rw-r-- 1 build Unix_Group+999 0 Feb 25 10:52 foo And this is confirmed by running getent: $ getent passwd build build:*:1065765:1049089:U-ISCINTERNAL\build,S-1-5-21-112145844-1872675854-1690816760-17189:/home/build:/bin/bash $ getent passwd group I've read https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch-gecos 'til I'm blue in the face, and I think this should work. What am I missing? How can I debug? If your admin changed your user account to have a gidNumber 999 only, then that won't help, Consider: Cygwin tries to find a group with gidNumber set to 999. How is it supposed to evaluate the right gidNumber value from some arbitrary user account? What Cygwin needs to get the right connection between a Windows group and a gidNumber value is that the *group* entry in AD itself has the gidNumber set to the right value. I don't know if that's really the problem in your case, but that seems the most likely. Please report back. I'm excited that I'm not the only one interested in getting this connection between unix and windows ids working :) It worked. :) Now I just have to persuade my admin to populate uidNumber and gidNumber for all our current and new users... I'm glad to read that. Thanks for your feedback! If I can't get my admin to cooperate, then I have to resort to using mkpasswd/mkgroup -U. But this gives output like this: $ ls -la foo -rw-rw-r-- 1 Unix_User+build Unix_Group+releng 0 Feb 25 10:52 foo Is that expected? (The Unix_User+/Unix_Group+ prefix). Yes, that's expected. After all, they are users different from your Windows account, see the SIDs. That's what I thought. If you don't want the prefix, you can still override this by manually dropping the prefixes, along the lines of what you could already do in the former implementation. Should be a last resort, of course. I actually tried that; I removed the Unix_User/Group+ prefix from the passwd entry to see if it worked. It did, but then I couldn't ssh in as that user: build@wx64lg /etc $ cat /etc/passwd lgiambro:*:4278246287:9:,S-1-22-1-56207:: build@wx64lg /etc $ cat /etc/group releng:S-1-22-2-999:4278191079: lgiambro@ubuntu ~/perforce/dev/latest/build/tools $ ssh -o PubkeyAuthentication=no wx64lg lgiambro@wx64lg's password: Connection to wx64lg closed by remote host. Connection to wx64lg closed. The other, better way not restricted to Cygwin is to install Samba's winbind. We are running winbind. It just doesn't help for existing UNIX accounts, afaics. I don't know how winbind works. If it doesn't work with existing UNIX accounts, then when _would_ it have an effect? Corinna -- -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: bug in csih?
Yes, WX64LG is the machine name.
$ net user sshd /delete
The command completed successfully.
$ net user cyg_server /delete
The user name could not be found.
More help is available by typing NET HELPMSG 2221.
$ cygrunsrv -Q sshd
$ ssh-host-config -y -w X
...
*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Create new privileged user account 'WX64LG\cyg_server'
(Cygwin name: 'cyg_server')? (yes/no) yes
*** Info: User 'cyg_server' has been created with password 'X'.
*** Info: If you change the password, please remember also to change the
*** Info: password for the installed services which use (or will soon use)
*** Info: the 'cyg_server' account.
*** Warning: Expected privileged user 'cyg_server' does not exist.
*** Warning: Defaulting to 'SYSTEM'
I will see if I can figure out why the Cygwin name is failing to become
WX64LG+cyg_server and get back to you.
On 02/23/2015 09:47 AM, Corinna Vinschen wrote:
On Feb 23 13:05, Corinna Vinschen wrote:
On Feb 20 18:32, Len Giambrone wrote:
Running the latest version:
$ cygcheck -c cygwin openssh csih
Cygwin Package Information
Package VersionStatus
csih 0.9.8-5OK
cygwin 1.7.34-6 OK
openssh 6.7p1-2OK
When I run
ssh-host-config -y -w X
I get this:
*** Query: Create new privileged user account 'WX64LG\cyg_server' (Cygwin
name: 'cyg_server')? (yes/no) yes
WX64LG is the local machine, right? If you're in a domain, the Cygwin
name should have been WX64LG+cyg_server, not just cyg_server.
I just tried that myself and that's what I see:
*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) no
*** Query: Create new privileged user account 'VMBERT8164\cyg_server' (Cygwin
name: 'vmbert8164+cyg_server')? (yes/no)
See that the Cygwin username is vmbert8164+cyg_server? That's the
expected result on a dmain member machine.
Sorry, I don't see how it's possible that the csih script came up with
cyg_server alone in your case, unless it's a domain controller.
In theory, this piece of code in
/usr/share/csih/cygwin-service-installation-helper.sh does the trick:
Function csih_select_privileged_username(), line 2869ff:
csih_PRIVILEGED_USERNAME=${username}
if ! csih_use_file_etc passwd
then
# This test succeeds on domain member machines only, not on DCs.
if [ ${COMPUTERNAME,,*} != ${LOGONSERVER,,*} ]
then
# Lowercase of USERDOMAIN
csih_PRIVILEGED_USERNAME=${COMPUTERNAME,,*}+${username}
fi
fi
csih_PRIVILEGED_USERDOMAIN=${COMPUTERNAME}
csih_PRIVILEGED_USERWINNAME=${username}
The only reason this didn't work would be if the test
if [ ${COMPUTERNAME,,*} != ${LOGONSERVER,,*} ]
didn't have the desired result, but I don't see why that would occur.
Any chance you can find out what happened in your scenario?
environment?
Thanks,
Corinna
--
-Len
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: bug in csih?
csih_use_file_etc returns 0 on my system (as it should with no passwd
file, right?)
If so, then this block will not be executed:
if ! csih_use_file_etc passwd
then
# This test succeeds on domain member machines only, not on DCs.
if [ ${COMPUTERNAME,,*} != ${LOGONSERVER,,*} ]
then
# Lowercase of USERDOMAIN
csih_PRIVILEGED_USERNAME=${COMPUTERNAME,,*}+${username}
fi
fi
So I'm guessing you should remove the !.
On 02/23/2015 11:15 AM, Len Giambrone wrote:
Yes, WX64LG is the machine name.
$ net user sshd /delete
The command completed successfully.
$ net user cyg_server /delete
The user name could not be found.
More help is available by typing NET HELPMSG 2221.
$ cygrunsrv -Q sshd
$ ssh-host-config -y -w X
...
*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Create new privileged user account 'WX64LG\cyg_server'
(Cygwin name: 'cyg_server')? (yes/no) yes
*** Info: User 'cyg_server' has been created with password 'X'.
*** Info: If you change the password, please remember also to change the
*** Info: password for the installed services which use (or will soon
use)
*** Info: the 'cyg_server' account.
*** Warning: Expected privileged user 'cyg_server' does not exist.
*** Warning: Defaulting to 'SYSTEM'
I will see if I can figure out why the Cygwin name is failing to
become WX64LG+cyg_server and get back to you.
On 02/23/2015 09:47 AM, Corinna Vinschen wrote:
On Feb 23 13:05, Corinna Vinschen wrote:
On Feb 20 18:32, Len Giambrone wrote:
Running the latest version:
$ cygcheck -c cygwin openssh csih
Cygwin Package Information
Package VersionStatus
csih 0.9.8-5OK
cygwin 1.7.34-6 OK
openssh 6.7p1-2OK
When I run
ssh-host-config -y -w X
I get this:
*** Query: Create new privileged user account 'WX64LG\cyg_server'
(Cygwin
name: 'cyg_server')? (yes/no) yes
WX64LG is the local machine, right? If you're in a domain, the Cygwin
name should have been WX64LG+cyg_server, not just cyg_server.
I just tried that myself and that's what I see:
*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Do you want to use a different name? (yes/no) no
*** Query: Create new privileged user account 'VMBERT8164\cyg_server'
(Cygwin name: 'vmbert8164+cyg_server')? (yes/no)
See that the Cygwin username is vmbert8164+cyg_server? That's the
expected result on a dmain member machine.
Sorry, I don't see how it's possible that the csih script came up with
cyg_server alone in your case, unless it's a domain controller.
In theory, this piece of code in
/usr/share/csih/cygwin-service-installation-helper.sh does the trick:
Function csih_select_privileged_username(), line 2869ff:
csih_PRIVILEGED_USERNAME=${username}
if ! csih_use_file_etc passwd
then
# This test succeeds on domain member machines only, not on DCs.
if [ ${COMPUTERNAME,,*} != ${LOGONSERVER,,*} ]
then
# Lowercase of USERDOMAIN
csih_PRIVILEGED_USERNAME=${COMPUTERNAME,,*}+${username}
fi
fi
csih_PRIVILEGED_USERDOMAIN=${COMPUTERNAME}
csih_PRIVILEGED_USERWINNAME=${username}
The only reason this didn't work would be if the test
if [ ${COMPUTERNAME,,*} != ${LOGONSERVER,,*} ]
didn't have the desired result, but I don't see why that would occur.
Any chance you can find out what happened in your scenario?
environment?
Thanks,
Corinna
--
-Len
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: bug in csih?
If that is the case, then there is a bug in csih_old_cygwin: build@wx64lg /usr/share/csih $ uname -a CYGWIN_NT-6.1 wx64lg 1.7.34(0.285/5/3) 2015-02-04 12:14 x86_64 Cygwin build@wx64lg /usr/share/csih $ less cygwin-service-installation-helper.sh build@wx64lg /usr/share/csih $ . cygwin-service-installation-helper.sh build@wx64lg /usr/share/csih $ csih_old_cygwin build@wx64lg /usr/share/csih $ echo $? 1 My nsswitch.conf is the default: $ cat /etc/nsswitch.conf # /etc/nsswitch.conf # #This file is read once by the first process in a Cygwin process tree. #To pick up changes, restart all Cygwin processes. For a description #see https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch # # Defaults: # passwd: files db # group:files db # db_home: cygwin desc # db_shell: cygwin desc # db_gecos: cygwin desc On 02/23/2015 12:34 PM, Corinna Vinschen wrote: On Feb 23 11:48, Len Giambrone wrote: csih_use_file_etc returns 0 on my system (as it should with no passwd file, right?) Uhm, no. It should return 0 if you *use* the files (0 == true in the shell), That should be only the case if you're running Cygwin 1.7.33 or if your nsswitch.conf file says so. What's the content of your /etc/nsswitch.conf? Corinna -- -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: bug in csih?
My bad, csih_old_cygwin works as documented.
But there is a bug in csih_use_file_etc:
$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
#This file is read once by the first process in a Cygwin process tree.
#To pick up changes, restart all Cygwin processes. For a description
#see https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch
#
# Defaults:
# passwd: files db
# group:files db
# db_home: cygwin desc
# db_shell: cygwin desc
# db_gecos: cygwin desc
This is not working correctly:
if [ ${use_file} -ne 0 -a -f /etc/nsswitch.conf ]
then
grep -Eq ^${file}: /etc/nsswitch.conf
grep -Eq ^${file}:[^#]*\db\ /etc/nsswitch.conf ||
use_file=0
fi
$ grep -Eq ^${file}: /etc/nsswitch.conf grep -Eq
^${file}:[^#]*\db\ /etc/nsswitch.conf || echo foo
foo
I don't think that's what you want. Both of the greps are false
(returning 1) and use_file is being set to 0.
On 02/23/2015 12:55 PM, Len Giambrone wrote:
If that is the case, then there is a bug in csih_old_cygwin:
build@wx64lg /usr/share/csih
$ uname -a
CYGWIN_NT-6.1 wx64lg 1.7.34(0.285/5/3) 2015-02-04 12:14 x86_64 Cygwin
build@wx64lg /usr/share/csih
$ less cygwin-service-installation-helper.sh
build@wx64lg /usr/share/csih
$ . cygwin-service-installation-helper.sh
build@wx64lg /usr/share/csih
$ csih_old_cygwin
build@wx64lg /usr/share/csih
$ echo $?
1
My nsswitch.conf is the default:
$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
#This file is read once by the first process in a Cygwin process
tree.
#To pick up changes, restart all Cygwin processes. For a description
#see
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch
#
# Defaults:
# passwd: files db
# group:files db
# db_home: cygwin desc
# db_shell: cygwin desc
# db_gecos: cygwin desc
On 02/23/2015 12:34 PM, Corinna Vinschen wrote:
On Feb 23 11:48, Len Giambrone wrote:
csih_use_file_etc returns 0 on my system (as it should with no
passwd file,
right?)
Uhm, no. It should return 0 if you *use* the files (0 == true in the
shell), That should be only the case if you're running Cygwin 1.7.33
or if your nsswitch.conf file says so. What's the content of your
/etc/nsswitch.conf?
Corinna
--
-Len
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: bug in csih?
Perhaps you want:
grep -Eq ^{file}: /etc/nsswitch.conf { grep -Eq
^${file}:[^#]*\db\ /etc/nsswitch.conf || use_file=0 }
Or even more simply (since the first clause is really subsumed by the
second):
grep -Eq ^${file}:[^#]*\db\ /etc/nsswitch.conf || use_file=0
On 02/23/2015 01:37 PM, Len Giambrone wrote:
My bad, csih_old_cygwin works as documented.
But there is a bug in csih_use_file_etc:
$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
#This file is read once by the first process in a Cygwin process
tree.
#To pick up changes, restart all Cygwin processes. For a description
#see
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch
#
# Defaults:
# passwd: files db
# group:files db
# db_home: cygwin desc
# db_shell: cygwin desc
# db_gecos: cygwin desc
This is not working correctly:
if [ ${use_file} -ne 0 -a -f /etc/nsswitch.conf ]
then
grep -Eq ^${file}: /etc/nsswitch.conf
grep -Eq ^${file}:[^#]*\db\ /etc/nsswitch.conf ||
use_file=0
fi
$ grep -Eq ^${file}: /etc/nsswitch.conf grep -Eq
^${file}:[^#]*\db\ /etc/nsswitch.conf || echo foo
foo
I don't think that's what you want. Both of the greps are false
(returning 1) and use_file is being set to 0.
On 02/23/2015 12:55 PM, Len Giambrone wrote:
If that is the case, then there is a bug in csih_old_cygwin:
build@wx64lg /usr/share/csih
$ uname -a
CYGWIN_NT-6.1 wx64lg 1.7.34(0.285/5/3) 2015-02-04 12:14 x86_64 Cygwin
build@wx64lg /usr/share/csih
$ less cygwin-service-installation-helper.sh
build@wx64lg /usr/share/csih
$ . cygwin-service-installation-helper.sh
build@wx64lg /usr/share/csih
$ csih_old_cygwin
build@wx64lg /usr/share/csih
$ echo $?
1
My nsswitch.conf is the default:
$ cat /etc/nsswitch.conf
# /etc/nsswitch.conf
#
#This file is read once by the first process in a Cygwin process
tree.
#To pick up changes, restart all Cygwin processes. For a
description
#see
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch
#
# Defaults:
# passwd: files db
# group:files db
# db_home: cygwin desc
# db_shell: cygwin desc
# db_gecos: cygwin desc
On 02/23/2015 12:34 PM, Corinna Vinschen wrote:
On Feb 23 11:48, Len Giambrone wrote:
csih_use_file_etc returns 0 on my system (as it should with no
passwd file,
right?)
Uhm, no. It should return 0 if you *use* the files (0 == true in the
shell), That should be only the case if you're running Cygwin 1.7.33
or if your nsswitch.conf file says so. What's the content of your
/etc/nsswitch.conf?
Corinna
--
-Len
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
bug in csih?
Running the latest version:
$ cygcheck -c cygwin openssh csih
Cygwin Package Information
Package VersionStatus
csih 0.9.8-5OK
cygwin 1.7.34-6 OK
openssh 6.7p1-2OK
When I run
ssh-host-config -y -w X
I get this:
*** Query: Create new privileged user account 'WX64LG\cyg_server'
(Cygwin name: 'cyg_server')? (yes/no) yes
*** Info: User 'cyg_server' has been created with password 'X'.
*** Info: If you change the password, please remember also to change the
*** Info: password for the installed services which use (or will soon use)
*** Info: the 'cyg_server' account.
*** Warning: Expected privileged user 'cyg_server' does not exist.
*** Warning: Defaulting to 'SYSTEM'
Even though it successfully creates the account, it refuses to use it.
I believe this is because of the following code in
csih_service_should_run_as()
if csih_privileged_account_exists $csih_PRIVILEGED_USERNAME 12
then
# it already existed before this script was launched
echo $csih_PRIVILEGED_USERNAME
return
elif /usr/bin/getent passwd ${csih_PRIVILEGED_USERNAME}
/dev/null 21
then
# we probably just created it
echo $csih_PRIVILEGED_USERNAME
return
else
# a failure somewhere
csih_warning Expected privileged user
'${csih_PRIVILEGED_USERNAME}' does not exist. 12
csih_warning Defaulting to 'SYSTEM' 12
echo SYSTEM
return
fi
I am on a machine in a domain. /usr/bin/getent passwd cyg_server
returns nothing:
$ getent passwd cyg_server
Even though it exists:
$ net user cyg_server
User namecyg_server
Full NamePrivileged server
Comment cygwin home=/var/empty shell=/bin/false/
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set2/20/2015 6:18:39 PM
Password expires Never
Password changeable 2/20/2015 6:18:39 PM
Password requiredYes
User may change password Yes
Workstations allowed All
Logon script
User profile
Home directory C:\cygwin\var\empty
Last logon Never
Logon hours allowed All
Local Group Memberships *Administrators *Users
Global Group memberships *None
The command completed successfully.
Running it through strace, I see it's looking for DOMAIN\cyg_server, and
not the local account.
--
-Len
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: cygwin 1.7.13-1: can't execute shell scripts on samba share
-Len On Apr 19, 2012, at 4:29 AM, Michel Bardiaux wrote: 2 suggestions: 1. What happens if len.sh is in your Cygwin home, that is on the local drive? lgiambro@lorien ~ $ ./len.sh it works 2. What happens with sh -x ./len.sh (on the network drive)? lgiambro@lorien //kitserver/kits $ sh -x ./len.sh + echo it works it works HaND, -Original Message- No. That works. presumably because it's executing bash and not the script itself. -Len On Apr 18, 2012, at 1:49 PM, Earnie Boyd wrote: On Wed, Apr 18, 2012 at 11:44 AM, Len Giambrone len.giambr...@intersystems.com wrote: I'm can't execute shell scripts on a samba share served by our linux boxes. lgiambro@lorien //kitserver/kits $ ls -la len.sh -rwx-- 1 lgiambro releng 24 Apr 18 10:48 len.sh lgiambro@lorien //kitserver/kits $ cat len.sh #!/bin/sh echo it works lgiambro@lorien //kitserver/kits $ ./len.sh -bash: ./len.sh: Permission denied I suppose the same happens if you execute len.sh similar to the following? $ bash -x ./len.sh -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
cygwin 1.7.13-1: can't execute shell scripts on samba share
I'm can't execute shell scripts on a samba share served by our linux boxes. lgiambro@lorien //kitserver/kits $ ls -la len.sh -rwx-- 1 lgiambro releng 24 Apr 18 10:48 len.sh lgiambro@lorien //kitserver/kits $ cat len.sh #!/bin/sh echo it works lgiambro@lorien //kitserver/kits $ ./len.sh -bash: ./len.sh: Permission denied I can execute a .bat file from a cmd window just fine, so this makes me think this might be a Cygwin issue. (If it's not an equivalent or good test, please let me know a better one). getfacl says: lgiambro@lorien //kitserver/kits $ getfacl len.sh # file: len.sh # owner: lgiambro # group: releng user::rwx group::--- mask:rwx other:--- cacls says its executable: lgiambro@lorien //kitserver/kits $ cacls len.sh \\kitserver\kits\len.sh Account Domain not found(special access:) READ_CONTROL WRITE_DAC WRITE_OWNER SYNCHRONIZE FILE_GENERIC_READ FILE_GENERIC_WRITE FILE_GENERIC_EXECUTE FILE_READ_DATA FILE_WRITE_DATA FILE_APPEND_DATA FILE_READ_EA FILE_WRITE_EA FILE_EXECUTE FILE_DELETE_CHILD FILE_READ_ATTRIBUTES FILE_WRITE_ATTRIBUTES Account Domain not found(special access:) Everyone:(special access:) What else can/should I look for? Any help would be appreciated. -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: cygwin 1.7.13-1: can't execute shell scripts on samba share
No. That works. presumably because it's executing bash and not the script itself. -Len On Apr 18, 2012, at 1:49 PM, Earnie Boyd wrote: On Wed, Apr 18, 2012 at 11:44 AM, Len Giambrone len.giambr...@intersystems.com wrote: I'm can't execute shell scripts on a samba share served by our linux boxes. lgiambro@lorien //kitserver/kits $ ls -la len.sh -rwx-- 1 lgiambro releng 24 Apr 18 10:48 len.sh lgiambro@lorien //kitserver/kits $ cat len.sh #!/bin/sh echo it works lgiambro@lorien //kitserver/kits $ ./len.sh -bash: ./len.sh: Permission denied I suppose the same happens if you execute len.sh similar to the following? $ bash -x ./len.sh -- Earnie -- https://sites.google.com/site/earnieboyd -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Putty and pre-shared keys with Cygwin's sshd
That looks like an SSH2 key, not an OpenSSH key. I downloaded puttygen to see exactly what you see. And after you load a key (generate one) right at the top it says: Public key for pasting into OpenSSH authorized_keys file: _key here_ For example, here is what it says for the key I just generated: ssh-dss B3NzaC1kc3MAAACBAMbwMxkFnVJF63DM+nfpD1gv6setf/Roin5qEc7ydRfaUHKZv5GVZiKnUGAaAMNFL74A71GAw6xi0+7JpsL1h+OkXmawFXC9KSgR+RA2VpxN2f7FWny1ShfhZq4N26ZG8PfHKH6C4FtnTZYgn6BK8kVBXCkC9JM+q7q5K02/8RupFQDQciLPjAQRgYreE+phPeNImQjfiQAAAIACMU7jvQJKUIWPhPOcEdRVy2vCg0D8K3Z22GhLGRwtnFA2qklcoBwc/uPwe+nJ8aVYBeJ7b/XXS5MJWJGfHkP9aYQHg7GQ5iZYBx596Txz4pHhzh5XW0iCWlzHX9vTY8xjSgwfK6wBk+Q/5WXmf7pO1wQ6Bh8OZKQ1KvCbUFSL6wAAAIEAg/GvMBJ1dvB94EBlkqwl2FTZ5XFYLOTpPtIbgiY1Tewljhoy9NuYmsZZjKD4T2HihhNhDDlVYgNSGrSw1rX/8ZfzjgIhzYSZGHswZ+AMxcWn+6k1E7i7xgvjcEqldyF/6O6ofq3TRPliONE3euQSA6SRbH7YKIKmb1+HqxTOy+A= dsa-key-20120123 THIS is what your OpenSSH public key should look like. -Len On Jan 23, 2012, at 2:01 PM, Andrew DeFaria wrote: You're right. I made a mistake. Corrected it: Ltsdo-adefaria:cat /tmp/sshkey_public BEGIN SSH2 PUBLIC KEY Comment: dsa-key-20120121 B3NzaC1kc3MAAACBAMj5GQUtOJvnb7j47Mj7Tfmvx8gKidp1om5c135lFI6+ gslqvjjWbuOBKenYDnYsnwsl4L31zs1DUEGge55GSAFZF4fuitYfZP++UWs9GAhT jy++A8fg6ssVG2Y3+5iP8FNtYWKU3aMVmKIRJKvilI4801JuWqP5Rhd8XFzZmuEh FQDRZu5keejWsFQn7+ZUlgf5RNrT/QAAAIEAjt/rOWTGhZz7SOnHjsL6lSn4 E1aCZQQ/RKZXyoR9bwm9KHvvd/BiC2wB+iz/4Y+pztX5TKwpPY1r7mw6CoAtJfrJ 8sGLTEADYjJOhG2se6kAAACAOS7f1yopMnELx7GhAtEtREN1zDikwa8dVhilM1M3 8+eZH4Z0Wd/3H9W2iKKYjgj8lIIYGiXUxjEWhA3n/3N6HDT0O5X97Pp+dM7oHlAa KtGl0Y9ao+ZnSmXSquCsokL+1mh1baIe+VcyV2EA7Uat/B0zIlGpwfq4bQv0DmCj l4g= Added this to ~/.ssh/authorized_keys. Still fails - same way. Does OpenSSH accept these multiline keys? -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Putty and pre-shared keys with Cygwin's sshd
Well, try adding the key to authorized_keys on a box where you have ssh working and see if it works. If not, you know you have a key problem. If so, you know you have a permissions problem. -Len On Jan 23, 2012, at 3:40 PM, Andrew DeFaria wrote: On 1/23/2012 11:59 AM, Len Giambrone wrote: That looks like an SSH2 key, not an OpenSSH key. I downloaded puttygen to see exactly what you see. And after you load a key (generate one) right at the top it says: Public key for pasting into OpenSSH authorized_keys file: _key here_ For example, here is what it says for the key I just generated: ssh-dss B3NzaC1kc3MAAACBAMbwMxkFnVJF63DM+nfpD1gv6setf/Roin5qEc7ydRfaUHKZv5GVZiKnUGAaAMNFL74A71GAw6xi0+7JpsL1h+OkXmawFXC9KSgR+RA2VpxN2f7FWny1ShfhZq4N26ZG8PfHKH6C4FtnTZYgn6BK8kVBXCkC9JM+q7q5K02/8RupFQDQciLPjAQRgYreE+phPeNImQjfiQAAAIACMU7jvQJKUIWPhPOcEdRVy2vCg0D8K3Z22GhLGRwtnFA2qklcoBwc/uPwe+nJ8aVYBeJ7b/XXS5MJWJGfHkP9aYQHg7GQ5iZYBx596Txz4pHhzh5XW0iCWlzHX9vTY8xjSgwfK6wBk+Q/5WXmf7pO1wQ6Bh8OZKQ1KvCbUFSL6wAAAIEAg/GvMBJ1dvB94EBlkqwl2FTZ5XFYLOTpPtIbgiY1Tewljhoy9NuYmsZZjKD4T2HihhNhDDlVYgNSGrSw1rX/8ZfzjgIhzYSZGHswZ+AMxcWn+6k1E7i7xgvjcEqldyF/6O6ofq3TRPliONE3euQSA6SRbH7YKIKmb1+HqxTOy+A= dsa-key-20120123 THIS is what your OpenSSH public key should look like. I agree 100%. And I did that - to start with, and did it again many times to verify it, etc. Problem is it constantly fails. I think the problem is really one of permissions, not the appropriate key. Seem ssh to local host even prompts me. -- Andrew DeFaria http://defaria.com An ounce of practice is worth more than tons of preaching. - Mohandas Gandhi -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Putty and pre-shared keys with Cygwin's sshd
I believe that PuTTy is SSH2, while Cygwin is OpenSSH. You can convert them using ssh-keygen: ssh-keygen -f putty_key -i openssh_key -Len On Jan 22, 2012, at 1:47 AM, Andrew DeFaria wrote: On 01/21/2012 07:28 PM, Andrey Repin wrote: Well, *I* am using Cygwin SSH and PuTTY. And I've had no issues other than what I have explained. One way or another, back or forth, to my Linux box, or from it, from my Windows box to any imaginable server around the globe - no problem. The scenario here is going from one Windows box using PuTTY to another Windows box using OpenSSH in Cygwin. Using puttygen to create new keys, or converting keys from OpenSSH to PuTTY, or the other way around to use for Cygwin's ssh in test box. It just works. Exactly as described in PuTTY help file, chapter 8.2. I'm glad it's working for you, I wish it were working for me. You mention converting keys from OpenSSH to PuTTY, or the other way around. What is this conversion process that you speak of? How do you convert a PuTTY key to an OpenSSH key? Because so far nobody's mentioned where in this process I need to convert between the two. Check Windows event log. Though, it's obvious. Also keep an eye on nearby discussion regarding SSHD issues. It may be your case too. I will check when I get back into work (don't run Windows nor PuTTY at home to check things) but I thought Cygwin's sshd logs to /var/log/sshd.log. Otherwise why would I have a file there at all? -- Andrew DeFaria http://defaria.com Indecision is the key to flexibility. -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: Who's using CYGWIN=tty and why?
This time with a subject; apologies if the first one gets through. We use windows native jam which spawns any number of cmd, cygwin, or studio processes. If we spawn it from a Cygwin terminal that doesn't have CYGWIN=tty set, we get: The handle is invalid. Every time output goes to the screen. If we use CYGWIN=tty, we get normal output. The only way I've figured out how to fix this is with CYGWIN=tty. If there is a better way, please enlighten me. -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
determining what user mounted a drive
Is there a way of determining with what user credentials a share was mounted? I suppose I could touch a file on the drive and then find out who the owner is, but that's not ideal. mount will tell me that it's a user mount, but won't tell me WHICH user. Is there some way (windows native or Cygwin) of getting this information? -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
combination of bash and cmd.exe causes fatal error when used under CYGWIN=tty
Greetings. If I set CYGWIN=tty, then cygwin programs die with *** fatal error - couldn't initialize fd 0 for /dev/ttyN Example: C:\cygwin\home\lgiambrobash -c cmd /c 'ls' 0 [main] ls 7440 C:\cygwin\bin\ls.exe: *** fatal error - couldn't initiali ze fd 0 for /dev/tty7 0 [main] ls 7440 C:\cygwin\bin\ls.exe: *** fatal error - couldn't initiali ze fd 0 for /dev/tty7 Stack trace: Frame Function Args 00283918 6102796B (00283918, , , ) 00283C08 6102796B (6117EC60, 8000, , 61180977) 00284C38 61004F1B (611A82B0, , 61243B04, 0001) End of stack trace Corinna had mentioned that she was aware of the problem and looking for the cause in http://cygwin.com/ml/cygwin/2010-09/msg00237.html Has any progress been made on this issue? Does anyone know of a way to get around it? -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
bash 4.1.10: SHELLOPTS questions -- different behavior between sh and bash
Greetings. I'm running the latest (as of a few days ago) Cygwin and bash. Cygwin Package Information Package VersionStatus bash 4.1.10-4 OK cygwin 1.7.9-1OK If I set -o igncr, and then export SHELLOPTS as stated in /usr/share/doc/Cygwin/bash.README: 4d. Added in the bash-3.2-2 release: export the environment variable SHELLOPTS with igncr included in it. It is read-only from within bash, but you can set it before invoking bash; once in bash, it auto-tracks the current state of 'set -o igncr'. If exported, then all bash child processes inherit the same option settings; with the exception added in 3.2.9-11 that certain interactive options are not inherited in non-interactive use. I get different behavior depending on whether I use bash or sh. Further, I only get an error message if I have a script that calls a script: $ cat foo echo foo ./bar $ cat bar echo bar $ set -o igncr $ export SHELLOPTS $ sh bar bar $ bash bar bar $ sh foo foo sh: SHELLOPTS: readonly variable bar $ bash foo foo bar I know bash and sh are the same program which behaves differently depending on how it's called. Is this expected behavior? Is there a way using sh to always avoid the error message? -Len -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Re: ssh-add cannot connect to authentication agent
I'm using XP. I disabled everything I could in McAfee, but still no luck. Did you figure out what in McAfee was causing the problem in W2K? -Len Tim Beuman [EMAIL PROTECTED] writes: I had the same problem on W2K. Seemed to be caused by McAfee. No problems with McAfee on WXP though. Tim Len Giambrone wrote: The agent starts correctly, but I can't get ssh-add to give me anything other than: Could not open a connection to your authentication agent. I'm running the latest Cygwin/packages. The socket is where it's supposed to be, the env variables are set. I've tried using ssh-agent -a and putting the socket in a different place in case it's a permissions issue, but no luck. I have it working on my laptop. A combination of comparing an strace of the failing and working ssh-add and a previous post of Corinna's leads me to believe the problem is here: 67 84289 [main] ssh-add 4264 cygwin_select: 4, 0x0, 0x22C870, 0x22C850, 0x0 117 84406 [main] ssh-add 4264 dtable::select_write: fd 3 49 84455 [main] ssh-add 4264 dtable::select_except: fd 3 47 84502 [main] ssh-add 4264 cygwin_select: to NULL, ms 51 84553 [main] ssh-add 4264 cygwin_select: sel.always_ready 0 115 84668 [main] ssh-add 4264 start_thread_socket: Handle 0x6D0 54 84722 [main] ssh-add 4264 start_thread_socket: Added to writefds 47 84769 [main] ssh-add 4264 start_thread_socket: Added to exceptfds 835 85604 [main] ssh-add 4264 start_thread_socket: opened new socket 0x6B8 70 85674 [main] ssh-add 4264 start_thread_socket: exitsock 0x6B8 54 85728 [main] ssh-add 4264 start_thread_socket: stuff_start 0x22C7D4 452 86180 [select_socket] ssh-add 4264 cygthread::stub: thread 'select_socke t', id 0x16B8, stack_ptr 0x1900CDC0 79 86259 [select_socket] ssh-add 4264 thread_socket: stuff_start 0x676F14 5405 91664 [main] ssh-add 4264 select_stuff::wait: m 2, ms 4294967295 993673 1085337 [select_socket] ssh-add 4264 thread_socket: Win32 select returned 1 85 1085422 [select_socket] ssh-add 4264 thread_socket: s 0x673ED0, testing fd 3 () 63 1085485 [select_socket] ssh-add 4264 thread_socket: except_ready *** In the working strace, this is write_ready *** 64 1085549 [main] ssh-add 4264 select_stuff::wait: woke up. wait_ret 1. ver ifying 51 1085600 [main] ssh-add 4264 select_stuff::wait: gotone 1 45 1085645 [main] ssh-add 4264 select_stuff::wait: returning 0 42 1085687 [main] ssh-add 4264 select_stuff::cleanup: calling cleanup routine s 44 1085731 [main] ssh-add 4264 socket_cleanup: si 0x673F00 si-thread 0x61104 F30 73 1085804 [main] ssh-add 4264 socket_cleanup: sent a byte to exitsock 0x6B8, res 1 86 1085890 [main] ssh-add 4264 socket_cleanup: reading a byte from exitsock 0 x6B8 58 1085948 [main] ssh-add 4264 socket_cleanup: recv returned 1 91 1086039 [main] ssh-add 4264 socket_cleanup: returning 50 1086089 [main] ssh-add 4264 peek_socket: considering handle 0x6D0 43 1086132 [main] ssh-add 4264 peek_socket: adding write fd_set , fd 3 54 1086186 [main] ssh-add 4264 peek_socket: WINSOCK_SELECT returned 0 43 1086229 [main] ssh-add 4264 set_bits: me 0x673ED0, testing fd 3 () 44 1086273 [main] ssh-add 4264 set_bits: ready 1 44 1086317 [main] ssh-add 4264 select_stuff::poll: returning 1 43 1086360 [main] ssh-add 4264 select_stuff::cleanup: calling cleanup routine s 43 1086403 [main] ssh-add 4264 select_stuff::~select_stuff: deleting select r ecords 96 1086499 [main] ssh-add 4264 cygwin_getsockopt: WinSock SO_ERROR = 10061 44 1086543 [main] ssh-add 4264 cygwin_getsockopt: 0 = getsockopt (3, 65535, 0 x1007, 0x22C8B4, 0x22C8B8) 46 1086589 [main] ssh-add 4264 __set_errno: int cygwin_connect(int, const soc kaddr*, socklen_t):806 val 111 According to Corinna, Winsock 1006 is connection refused. As she suggests in that post, I've disabled the firewall to see if that fixes the problem, but no luck. I've uninstalled and reinstalled ssh several times and of course rebooted several times. Still no luck. At this point, the only other thing I can think of to try is reinstalling Cygwin from scratch, but I'd like to avoid that if I can. Any suggestions on what else to try/look for? Cygcheck output follows. Cygwin Package Information Package VersionStatus _update-info-dir00517-1OK alternatives1.3.29a-1 OK apache 1.3.33-2 OK ash 20040127-3 OK base-files 3.7-1 OK base-passwd 2.2-1 OK bash3.2.17-15 OK bc 1.06-2 OK
ssh-add cannot connect to authentication agent
20k 2002/01/09 C:\cygwin\bin\cygmenu6.dll 29k 2003/08/09 C:\cygwin\bin\cygmenu7.dll 20k 2006/12/21 C:\cygwin\bin\cygminires.dll 67k 2006/11/15 C:\cygwin\bin\cygncurses++-8.dll 156k 2001/04/25 C:\cygwin\bin\cygncurses++5.dll 175k 2002/01/09 C:\cygwin\bin\cygncurses++6.dll 237k 2006/11/15 C:\cygwin\bin\cygncurses-8.dll 226k 2001/04/25 C:\cygwin\bin\cygncurses5.dll 202k 2002/01/09 C:\cygwin\bin\cygncurses6.dll 224k 2003/08/09 C:\cygwin\bin\cygncurses7.dll 12k 2006/11/15 C:\cygwin\bin\cygpanel-8.dll 15k 2001/04/25 C:\cygwin\bin\cygpanel5.dll 12k 2002/01/09 C:\cygwin\bin\cygpanel6.dll 19k 2003/08/09 C:\cygwin\bin\cygpanel7.dll 109k 2006/02/10 C:\cygwin\bin\cygpcre-0.dll 299k 2006/02/10 C:\cygwin\bin\cygpcrecpp-0.dll 7k 2006/02/10 C:\cygwin\bin\cygpcreposix-0.dll 1249k 2005/12/30 C:\cygwin\bin\cygperl5_8.dll 226k 2006/11/05 C:\cygwin\bin\cygpng12.dll 22k 2002/06/09 C:\cygwin\bin\cygpopt-0.dll 108k 2001/06/28 C:\cygwin\bin\cygreadline4.dll 148k 2003/08/10 C:\cygwin\bin\cygreadline5.dll 154k 2007/05/02 C:\cygwin\bin\cygreadline6.dll 231k 2006/10/04 C:\cygwin\bin\cygssl-0.9.7.dll 217k 2007/03/29 C:\cygwin\bin\cygssl-0.9.8.dll 282k 2003/08/11 C:\cygwin\bin\cygtiff4.dll 27k 2005/10/23 C:\cygwin\bin\cygungif-4.dll 65k 2006/10/16 C:\cygwin\bin\cygz.dll 1830k 2007/01/31 C:\cygwin\bin\cygwin1.dll Cygwin DLL version info: DLL version: 1.5.24 DLL epoch: 19 DLL bad signal mask: 19005 DLL old termios: 5 DLL malloc env: 28 API major: 0 API minor: 156 Shared data: 4 DLL identifier: cygwin1 Mount registry: 2 Cygnus registry name: Cygnus Solutions Cygwin registry name: Cygwin Program options name: Program Options Cygwin mount registry name: mounts v2 Cygdrive flags: cygdrive flags Cygdrive prefix: cygdrive prefix Cygdrive default prefix: Build date: Wed Jan 31 10:57:51 CET 2007 CVS tag: cr-0x5f1 Shared id: cygwin1S4 20k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygfontenc-1.dll 34k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygFS-6.dll 357k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygGL-1.dll 441k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygGLU-1.dll 74k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygICE-6.dll 8k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygoldX-6.dll 1662k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygOSMesa-4.dll 28k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygSM-6.dll 884k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygX11-6.dll 8k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXau-6.dll 250k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXaw-6.dll 354k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXaw-7.dll 360k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXaw-8.dll 275k 2004/01/13 C:\cygwin\usr\X11R6\bin\cygXaw3d-7.dll 7k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXcomposite-1.dll 30k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXcursor-1.dll 8k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXdamage-1.dll 16k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXdmcp-6.dll 7k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXevie-1.dll 50k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXext-6.dll 15k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXfixes-3.dll 56k 2004/03/11 C:\cygwin\usr\X11R6\bin\cygXft-1.dll 63k 2004/03/23 C:\cygwin\usr\X11R6\bin\cygXft-2.dll 26k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXi-6.dll 121k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygxkbfile-1.dll 11k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygxkbui-1.dll 74k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXmu-6.dll 10k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXmuu-1.dll 26k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXp-6.dll 54k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXpm-4.dll 10k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXrandr-2.dll 30k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXrender-1.dll 7k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXRes-1.dll 38k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygxrx-6.dll 24k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygxrxnest-6.dll 283k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXt-6.dll 27k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXTrap-6.dll 17k 2005/10/27 C:\cygwin\usr\X11R6\bin\cygXtst-6.dll Service : sshd Display name: CYGWIN sshd Current State : Running Controls Accepted : Stop Command : /usr/sbin/sshd -D -Len Giambrone -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: sshd problems
This will help getting you running from the command line: If your files are owned and only readable by SYSTEM, it's harder to run sshd from the command line. Try either: Changing /etc/ssh*key* to be owned by the user you are starting sshd as OR Specifying a new host key with -h: /usr/sbin/sshd -h your_host_key. You can either copy /etc/ssh*key somewhere, or create another one with ssh-keygen. -Len David Monk [EMAIL PROTECTED] writes: I had already checked that myself. $ ls -l /etc/ssh*key -rw---1 system system672 Oct 9 16:36 /etc/ssh_host_dsa_key -rw---1 system system530 Oct 9 16:36 /etc/ssh_host_key -rw---1 system system887 Oct 9 16:36 /etc/ssh_host_rsa_key David - Original Message - From: Harig, Mark A. [EMAIL PROTECTED] To: David Monk [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, October 10, 2002 12:21 PM Subject: RE: sshd problems What are the permissions of your host keys? SYSTEM needs to be the owner and only reader of these files. $ ls -l /etc/ssh*key -Original Message- From: David Monk [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 10, 2002 1:08 PM To: [EMAIL PROTECTED] Subject: Re: sshd problems Some of what you asked is in the cygcheck output, but here it is: (note, changing the cygdrive prefix, by mount -c / made no difference) dmonk@DIETPEPSI ~ $ mount C:\cygwin\bin on /usr/bin type user (binmode) C:\cygwin\lib on /usr/lib type user (binmode) C:\cygwin on / type user (binmode) c: on /cygdrive/c type user (binmode,noumount) h: on /cygdrive/h type user (binmode,noumount) dmonk@DIETPEPSI ~ $ mount -p Prefix Type Flags /cygdrive user binmode dmonk@DIETPEPSI ~ $ mount -c / dmonk@DIETPEPSI ~ $ mount -p Prefix Type Flags /cygdrive user binmode / system binmode dmonk@DIETPEPSI ~ $ /usr/sbin/sshd -d -d -d debug1: sshd version OpenSSH_3.4p1 Could not load host key: /etc/ssh_host_key Could not load host key: /etc/ssh_host_rsa_key Could not load host key: /etc/ssh_host_dsa_key Disabling protocol version 1. Could not load host key Disabling protocol version 2. Could not load host key sshd: no hostkeys available -- exiting. This is a pretty much default installation of cygwin, installed yesterday. I did add a few packages, such as bzip2, ncftp, openssh, vim and wget, maybe a few others. But, otherwise, this is a default installation with ssh-host-config run to setup openssh as a service. David - Original Message - From: Harig, Mark A. [EMAIL PROTECTED] To: David Monk [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Thursday, October 10, 2002 11:41 AM Subject: RE: sshd problems What are your mount points? $ mount What is your cygdrive prefix? $ mount -p If your cygdrive prefix is not '/', then consider changing it to '/': $ mount -c / -Original Message- From: David Monk [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 10, 2002 10:29 AM To: [EMAIL PROTECTED] Subject: sshd problems Hello all, I hate to start yet another thread on this, but I am just joining the list. I see there have been many varied reports of problems with sshd recently. I just wanted to throw in my experience to hopefully give some additional insight. I have been running cygwin with sshd as a Win2k service for nearly a year on this machine. I upgraded to openssh-3.4p1 using privlege separation without any noticed errors or problems when it became available. I can not say exactly what circumstances brought about my problems, but I noticed it about two weeks ago. I fought with it the day after I discovered the service was no longer running. I tried upgrading my packages. I tried reconfiguring ssh via ssh-host-config. I ignored it for a few days as I had other work related issues to deal with. I began futzing with it again two days ago. No joy. Tried reinstalling cygwin, by just moving c:\cygwin and installing again. Yesterday, I set out to remove any and all references to cygwin from my system, in the registry and filesystem, to do an absolutely fresh install. I noticed an odd thing. A c:\var directory, with a log subdir and a sshd.log file. How on earth did that get outside c:\cygwin?? Anyway, I removed everything, including that. I rebooted to ensure everything was sane. I setup the needed environment variable CYGWIN as ntsec glob tty notitle, which is what I had been using for the past year. I made a new c:\cygwin dir, removed all inheritability settings, for receiving and propogating permissions. I then did a completely fresh install. Once everything was installed, I rebooted,
Re: sshd problems
I would also try running sshd as a service configured with cygrunsrv -I sshd -d CYGWIN sshd -p /usr/sbin/sshd -a -D -e -e CYGWIN=binmode ntsec tty This will throw *all* your logging into /var/log/sshd.log rather than into the event log, and may provide some insight. -Len Harig, Mark A. [EMAIL PROTECTED] writes: According to /usr/doc/Cygwin/openssh-3.4p1-5.README: The new ssh-host-config script also adds the /var/empty directory needed by privilege separation. When creating the /var/empty directory by yourself, please note that in contrast to the README.privsep document the owner sshould not be root but the user which is running sshd. So, in the standard configuration this is SYSTEM. The ssh-host-config script chowns /var/empty accordingly. In /usr/bin/ssh-host-config is the following code: # Create /var/empty file used as chroot jail for privilege separation if [ -f /var/empty ] then echo Creating /var/empty failed\! else mkdir -p /var/empty # On NT change ownership of that dir to user system if [ $_nt -gt 0 ] then chown system.system /var/empty fi fi For me, I have the following permissions: $ ls -ld /var/empty drwxr-xr-x2 SYSTEM SYSTEM 0 Jul 24 11:39 /var/empty -Original Message- From: David Monk [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 10, 2002 2:31 PM To: Len Giambrone Cc: [EMAIL PROTECTED] Subject: Re: sshd problems Generating a new key worked, as far as finding the key goes. Then it presented me with a /var/empty ownership or permissions issue. So, thinking along the same lines, I chaned owner of that dir to myself. Finally, sshd runs. Not as a service unfortunately, but it does run. Also unfortunately, I can not log in under these circumstances. I get a password prompt, but it never accepts it. I can only guess this has something to do with privlege separation. Anyway, the main problem here, from the beginning of this thread, is that openssh was working fine, running as a service, using privlege separation until approx 2 weeks ago. The only thing I could have possibly done to break that was updating packages. So, somewhere, something in cygwin changed. Either specifically with the openssh package or with the some other aspect, but something has definitely changed. Again, this was working beautifully I know for absolute certainty 3 weeks ago, the server running as a service via cygrunsrv, utilizing the privlege separation. The only things that have been done to this system over the last few months has been regular virus updates, updates for Windows and cygwin updates. I have not messed with any configuration files, nor have I changed any file permissions within cygwin of it's file tree to cause this. David (a huge amount of text deleted) -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
1.3.12-4: editing /etc/passwd causes ssh to fail
This is on an installation using setup today with the latest packages on archive.progeny.net. It's running Win2k Server. I think I've also verified this on my XP HE box at home. I can happily ssh into my box. $ ssh Administrator@foo Warning: Remote host denied X11 forwarding. Last login: Tue Oct 8 21:01:53 2002 from bar Administrator@LORIEN ~ $ Now, I add the user foo: Administrator@LORIEN ~ $ net user foo bar /add I add the user to the password file Administrator@LORIEN ~ $ mkpasswd -l -u foo /etc/passwd And now I can't ssh in anymore: $ ssh Administrator@foo Warning: Remote host denied X11 forwarding. Connection to foo closed. $ ssh [EMAIL PROTECTED] Warning: Remote host denied X11 forwarding. Connection to 172.16.34.104 closed. $ If I remove the new user foo, I can once again login: Administrator@LORIEN ~ $ rm /etc/passwd; mkpasswd -l | grep -v ^foo /etc/passwd $ ssh Administrator@foo Warning: Remote host denied X11 forwarding. Last login: Tue Oct 8 21:18:09 2002 from bar Administrator@LORIEN ~ $ Has anyone seen this before? Can someone please confirm or deny that this happens to them? -Len -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: 1.3.12-4: editing /etc/passwd causes ssh to fail
I have only binary mounts: $ mount C:\cygwin\bin on /usr/bin type system (binmode) C:\cygwin\lib on /usr/lib type system (binmode) C:\cygwin on / type system (binmode) c: on /cygdrive/c type user (binmode,noumount) d: on /cygdrive/d type user (binmode,noumount) od confirms that the line added to /etc/passwd ends in '\n' only, just like all the other entries in the file. -Len Randall R Schulz [EMAIL PROTECTED] writes: Gentlemen, Have you verified that the line newly added to the password file is consistent w.r.t. to line-ending convention (Unix vs. Windows) with the rest of the password file and the mount via which it is accessed by your ssh server? Randall Schulz Mountain View, CA USA At 13:39 2002-10-08, Harig, Mark A. wrote: I have seen this problem also, on Windows NT4 SP6. I had the same solution -- back out my changes. I haven't had time to investigate what is causing the problem but it starting occurring in one of the recent releases of ssh in which privilege separation was added. -Original Message- From: Len Giambrone [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 08, 2002 4:18 PM To: [EMAIL PROTECTED] Subject: 1.3.12-4: editing /etc/passwd causes ssh to fail This is on an installation using setup today with the latest packages on archive.progeny.net. It's running Win2k Server. I think I've also verified this on my XP HE box at home. I can happily ssh into my box. $ ssh Administrator@foo Warning: Remote host denied X11 forwarding. Last login: Tue Oct 8 21:01:53 2002 from bar Administrator@LORIEN ~ $ Now, I add the user foo: Administrator@LORIEN ~ $ net user foo bar /add I add the user to the password file Administrator@LORIEN ~ $ mkpasswd -l -u foo /etc/passwd And now I can't ssh in anymore: $ ssh Administrator@foo Warning: Remote host denied X11 forwarding. Connection to foo closed. $ ssh [EMAIL PROTECTED] Warning: Remote host denied X11 forwarding. Connection to 172.16.34.104 closed. $ If I remove the new user foo, I can once again login: Administrator@LORIEN ~ $ rm /etc/passwd; mkpasswd -l | grep -v ^foo /etc/passwd $ ssh Administrator@foo Warning: Remote host denied X11 forwarding. Last login: Tue Oct 8 21:18:09 2002 from bar Administrator@LORIEN ~ $ Has anyone seen this before? Can someone please confirm or deny that this happens to them? -Len -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: 1.3.12-4: editing /etc/passwd causes ssh to fail
Hmm, some more data. It seems that the newest snapshot improves things a little; it fails an indeterminate number of times until it succeeds (I've seen 1,5,7 failures), and then succeeds thereafter. Even stranger was that I went back to the old dll, and was getting the same behavior. But the last three times I could not get a connection after *many* tries. For the record, if I restart sshd after adding the user, things work again. If I then delete the foo user, it fails to work again. -Len Randall R Schulz [EMAIL PROTECTED] writes: Gentlemen, Have you verified that the line newly added to the password file is consistent w.r.t. to line-ending convention (Unix vs. Windows) with the rest of the password file and the mount via which it is accessed by your ssh server? Randall Schulz Mountain View, CA USA At 13:39 2002-10-08, Harig, Mark A. wrote: I have seen this problem also, on Windows NT4 SP6. I had the same solution -- back out my changes. I haven't had time to investigate what is causing the problem but it starting occurring in one of the recent releases of ssh in which privilege separation was added. -Original Message- From: Len Giambrone [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 08, 2002 4:18 PM To: [EMAIL PROTECTED] Subject: 1.3.12-4: editing /etc/passwd causes ssh to fail This is on an installation using setup today with the latest packages on archive.progeny.net. It's running Win2k Server. I think I've also verified this on my XP HE box at home. I can happily ssh into my box. $ ssh Administrator@foo Warning: Remote host denied X11 forwarding. Last login: Tue Oct 8 21:01:53 2002 from bar Administrator@LORIEN ~ $ Now, I add the user foo: Administrator@LORIEN ~ $ net user foo bar /add I add the user to the password file Administrator@LORIEN ~ $ mkpasswd -l -u foo /etc/passwd And now I can't ssh in anymore: $ ssh Administrator@foo Warning: Remote host denied X11 forwarding. Connection to foo closed. $ ssh [EMAIL PROTECTED] Warning: Remote host denied X11 forwarding. Connection to 172.16.34.104 closed. $ If I remove the new user foo, I can once again login: Administrator@LORIEN ~ $ rm /etc/passwd; mkpasswd -l | grep -v ^foo /etc/passwd $ ssh Administrator@foo Warning: Remote host denied X11 forwarding. Last login: Tue Oct 8 21:18:09 2002 from bar Administrator@LORIEN ~ $ Has anyone seen this before? Can someone please confirm or deny that this happens to them? -Len -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: 1.3.12-4: editing /etc/passwd causes ssh to fail
And now the snapshot is failing consistently too. At least that's more consistent. -Len Randall R Schulz [EMAIL PROTECTED] writes: Gentlemen, Have you verified that the line newly added to the password file is consistent w.r.t. to line-ending convention (Unix vs. Windows) with the rest of the password file and the mount via which it is accessed by your ssh server? Randall Schulz Mountain View, CA USA At 13:39 2002-10-08, Harig, Mark A. wrote: I have seen this problem also, on Windows NT4 SP6. I had the same solution -- back out my changes. I haven't had time to investigate what is causing the problem but it starting occurring in one of the recent releases of ssh in which privilege separation was added. -Original Message- From: Len Giambrone [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 08, 2002 4:18 PM To: [EMAIL PROTECTED] Subject: 1.3.12-4: editing /etc/passwd causes ssh to fail This is on an installation using setup today with the latest packages on archive.progeny.net. It's running Win2k Server. I think I've also verified this on my XP HE box at home. I can happily ssh into my box. $ ssh Administrator@foo Warning: Remote host denied X11 forwarding. Last login: Tue Oct 8 21:01:53 2002 from bar Administrator@LORIEN ~ $ Now, I add the user foo: Administrator@LORIEN ~ $ net user foo bar /add I add the user to the password file Administrator@LORIEN ~ $ mkpasswd -l -u foo /etc/passwd And now I can't ssh in anymore: $ ssh Administrator@foo Warning: Remote host denied X11 forwarding. Connection to foo closed. $ ssh [EMAIL PROTECTED] Warning: Remote host denied X11 forwarding. Connection to 172.16.34.104 closed. $ If I remove the new user foo, I can once again login: Administrator@LORIEN ~ $ rm /etc/passwd; mkpasswd -l | grep -v ^foo /etc/passwd $ ssh Administrator@foo Warning: Remote host denied X11 forwarding. Last login: Tue Oct 8 21:18:09 2002 from bar Administrator@LORIEN ~ $ Has anyone seen this before? Can someone please confirm or deny that this happens to them? -Len -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
setup patch: local directory on command line
Here's a patch that allows you to install from any local directory from the
command line, building on what Harry did.
A Changelog entry is also attached.
-Len
Index: setup/localdir.cc
===
RCS file: /cvs/cygwin-apps/setup/localdir.cc,v
retrieving revision 2.11
diff -u -p -r2.11 localdir.cc
--- setup/localdir.cc 4 May 2002 12:15:56 - 2.11
+++ setup/localdir.cc 3 Oct 2002 18:44:25 -
@@ -158,18 +158,25 @@ LocalDirPage::OnInit ()
static int inited = 0;
if (!inited)
{
- io_stream *f =
- io_stream::open (cygfile:///etc/setup/last-cache, rt);
- if (!f)
- f = io_stream::open (file://last-cache, rt);
- if (f)
- {
- char localdir[1000];
- char *fg_ret = f-gets (localdir, 1000);
- delete f;
- if (fg_ret)
- local_dir = String (localdir);
- }
+ if (local_directory.size())
+{
+ local_dir = String (local_directory);
+}
+ else
+{
+ io_stream *f =
+ io_stream::open (cygfile:///etc/setup/last-cache, rt);
+ if (!f)
+ f = io_stream::open (file://last-cache, rt);
+ if (f)
+ {
+ char localdir[1000];
+ char *fg_ret = f-gets (localdir, 1000);
+ delete f;
+ if (fg_ret)
+ local_dir = String (localdir);
+ }
+}
inited = 1;
}
}
Index: setup/source.cc
===
RCS file: /cvs/cygwin-apps/setup/source.cc,v
retrieving revision 2.13
diff -u -p -r2.13 source.cc
--- setup/source.cc 21 Sep 2002 09:36:46 - 2.13
+++ setup/source.cc 3 Oct 2002 18:44:25 -
@@ -34,9 +34,10 @@ static const char *cvsid =
#include source.h
#include getopt++/BoolOption.h
+#include getopt++/StringOption.h
static BoolOption DownloadOption (false, 'D', download, Download from internet);
-static BoolOption LocalOption (false, 'L', local-install, Install from local
directory);
+static StringOption LocalOption (, 'L', local-install, Install from local
+directory);
static int rb[] =
{ IDC_SOURCE_NETINST, IDC_SOURCE_DOWNLOAD, IDC_SOURCE_CWD, 0 };
@@ -87,8 +88,11 @@ SourcePage::OnActivate ()
{
if (DownloadOption)
source = IDC_SOURCE_DOWNLOAD;
- else if (LocalOption)
- source = IDC_SOURCE_CWD;
+ else if (((string)LocalOption).size())
+{
+ source = IDC_SOURCE_CWD;
+ local_directory = (string)LocalOption;
+}
else
source = IDC_SOURCE_NETINST;
}
Index: setup/state.cc
===
RCS file: /cvs/cygwin-apps/setup/state.cc,v
retrieving revision 2.3
diff -u -p -r2.3 state.cc
--- setup/state.cc 21 Sep 2002 09:36:46 - 2.3
+++ setup/state.cc 3 Oct 2002 18:44:25 -
@@ -27,6 +27,7 @@ bool unattended_mode;
int source;
String local_dir;
+String local_directory;
int root_text;
int root_scope;
Index: setup/state.h
===
RCS file: /cvs/cygwin-apps/setup/state.h,v
retrieving revision 2.8
diff -u -p -r2.8 state.h
--- setup/state.h 21 Sep 2002 09:36:46 - 2.8
+++ setup/state.h 3 Oct 2002 18:44:25 -
@@ -33,6 +33,7 @@ extern bool unattended_mode;
extern int source;
extern String local_dir;
+extern String local_directory;
extern int root_text;
extern int root_scope;
2002-10-03 Len Giambrone [EMAIL PROTECTED]
* source.cc (SourcePage::OnActivate): Support specification of Local
install directory from command line.
* localdir.cc (LocalDirPage::OnInit): Initialize local_dir from command
line if available.
* state.cc: add local_directory.
* state.h: add local_directory.
Re: setup.exe and 'default/skip/install/reinstall' question
Ah, I didn't realize that you were suggesting changing the categories of the desired packages to be base. That makes a whole lot of sense. Thanks. -Len Robert Collins [EMAIL PROTECTED] writes: On Sat, 2002-09-28 at 03:21, Len Giambrone wrote: This will cause Setup to only list those packages in the chooser window. But will the non-base packages be installed by default? I.e., will they come up Skip or current-version in the chooser window? When I download to a directory, and then use that directory to install, I see only the packages I downloaded, but I still have to manually select to install the non-base packages I downloaded. Oops, missed a step. When you engineers install have them select both any official mirror, and your local mirror. Setup will merge the metadata, making the locally tagged base package base, even if they are not base for official mirrors. Rob -- --- GPG key available at: http://users.bigpond.net.au/robertc/keys.txt. ---
Re: setup.exe and 'default/skip/install/reinstall' question
Robert Collins [EMAIL PROTECTED] writes: On Fri, 2002-09-27 at 21:08, Leon KUKOVEC wrote: Hi, I read the documents about setup.hint and setup.ini but I could not find the answer to my question. I want to change the 'default' install behaviour of setup.exe so that it will include packages I want and not the vanilla-default ones. I also want to remove some of the packages from the vanilla-default list. In our company we use cygwin, but everytime a new engineer wants to install cygwin, that person pops in my cube and asks what packages should be installed. I am willing to automate that by either editing setup.ini or setup.hint or any other method, but I could not find the description how to do that. Setup a local mirror and a setup.ini. Include in the setup.ini simply the package names you want to include, and the category 'base' or 'misc'. This will cause Setup to only list those packages in the chooser window. But will the non-base packages be installed by default? I.e., will they come up Skip or current-version in the chooser window? When I download to a directory, and then use that directory to install, I see only the packages I downloaded, but I still have to manually select to install the non-base packages I downloaded. -Len You cannot safely remove pacakges from the default - we keep that as lean as we can. Thus, setup is *not designed* to enable you doing that. I will *consider* patches to do that though. Rob -- --- GPG key available at: http://users.bigpond.net.au/robertc/keys.txt. ---
setup HEAD (2.278) defaults to older packages
On the dialogs I choose: Download Source: Download from Internet OR Install from Internet Local package dir: C:\cygdist Internet Connection: Direct Connection Download Site: ftp://archive.progeny.com Now when the Chooser window comes up, I click on Base, and I see ash: 20020131-1 bash:2.05b-4 cygwin: 1.3.10-1 Despite the fact that the setup.ini says the current versions are: ash: 20020731-1 bash:2.05b-5 cygwin: 1.3.12-4 I can get at the latest version by clicking a few times, but shouldn't it default to the latest packages? I get the latest versions by default if I use version 2.249.2.5. Bug, or intentional? -Len
Re: unattended mode/command switches to setup
Great. It seems he also forgot to mention another option he added: -r --no-replaceonreboot Prevent the replacement of an in-use file on reboot. Is there an easy way to write a help/usage command other than searching through the source and manually finding all occurences of BoolOption and StringOption? Given the existence of all possible extra args to these functions, I would expect some function to seamlessly put it all together, but I can't find it. -Len Robert Collins [EMAIL PROTECTED] writes: On Mon, 2002-08-12 at 09:02, Len Giambrone wrote: I would dearly love to see setup able to be run fully from the command line. In the process of determining how to use the tools in libgetopt++ to do this, I came across this in the archives: http://cygwin.com/ml/cygwin-apps/2002-07/msg00570.html None of these patches seem to have made it to HEAD though. I don't want to reinvent what someone has already done; are these patches going to be incorporated? Yes, they will be incorporated. You should apply the patch to your sandbox before beginning development. Rob
Re: unattended mode/command switches to setup
Ooops. Sorry about that. -Len Harry Johnston [EMAIL PROTECTED] writes: Len Giambrone [EMAIL PROTECTED] wrote: Great. It seems he also forgot to mention another option he added: -r --no-replaceonreboot Prevent the replacement of an in-use file on reboot. For the record, this option already existed - it wasn't mine. Harry. --- Harry Johnston, http://www.cs.waikato.ac.nz/~harry
Re: unattended mode/command switches to setup
Are you referring to OptionSet::ParameterUsage? -Len Robert Collins [EMAIL PROTECTED] writes: On Mon, 2002-08-12 at 11:26, Len Giambrone wrote: Great. It seems he also forgot to mention another option he added: -r --no-replaceonreboot Prevent the replacement of an in-use file on reboot. Is there an easy way to write a help/usage command other than searching through the source and manually finding all occurences of BoolOption and StringOption? Given the existence of all possible extra args to these functions, I would expect some function to seamlessly put it all together, but I can't find it. Yes there is. It's in the GetOpt++ library, which is on my other OS - I can't get at easily just now. t Rob
1.3.10: cygrunsrv dumps core when passwd not present (.NET Server)
), set_has_acls(8) 455 2367250 [main] cygrunsrv 1232 __to_clock_t: dwHighDateTime 0, dwLowDateTime 468750 114 2367364 [main] cygrunsrv 1232 __to_clock_t: total 002E 114 2367478 [main] cygrunsrv 1232 __to_clock_t: dwHighDateTime 0, dwLowDateTime 312500 149 2367627 [main] cygrunsrv 1232 __to_clock_t: total 001F 1257 2368884 [main] cygrunsrv 1232 _pinfo::exit: Calling ExitProcess 101120 cygrunsrv.exe.stackdump: Exception: STATUS_ACCESS_VIOLATION at eip=61051919 eax=0001 ebx=0022E670 ecx= edx=0022ADA8 esi=0A010C70 edi=0220 ebp=0022E780 esp=0022D94C program=C:\bin\cygrunsrv.exe cs=001B ds=0023 es=0023 fs=003B gs= ss=0023 Stack trace: Frame Function Args 0022E780 61051919 (01F4, 0220, 61560230, 01A4) 0022E7C0 610521FB (01A4, 0022F810, 0022E7D8, 1000) 0022F820 61011789 (61560BD0, 0022F890, 00010201, 01A4) 0022F860 610184DD (61560BD0, 0022F890, 00010201, 01A4) 0022FBF0 61061EC1 (61068015, 00010201, 01A4, 610333EA) 0022FC10 6108C0F2 (61068015, 00010201, 01A4, 61068098) 0022FC50 610680B5 (0022FC80, 6106F0EC, , 0001) 0022FDC0 6106F1D1 (, , 007F, 6106F777) 0022FE80 6106F9F2 (0A10, 0001, 0022FED0, 6105A333) 0022FEA0 6106F24A (, , 001C, 6105A297) 0022FED0 6106F080 (, , E3E2E1E0, 002442B0) 0022FF10 61003C69 (, , E3E2E1E0, ) 0022FF40 61004236 (00404028, E3E2E1E0, 00780018, 0008) 0022FF60 61004275 (, , , 77F6) 0022FF90 0040740B (00404028, F6461CA0, 80065330, ) 0022FFC0 0040103D (E3E2E1E0, E7E6E5E4, 7FFDF000, ) End of stack trace (more stack frames may be present) -Len -- Len Giambrone, Akamai Technologies [EMAIL PROTECTED] Senior Systems Engineer (617) 444-3986 -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
