Re: proftpd as a service under 2003
On Thu, 26 Jul 2007, René Berber wrote: Chris Stromsoe wrote: How did you setup proftpd as service? cygrunsrv --install proftpd --path /usr/sbin/proftpd.exe --args "nodaemon" --type auto --disp "Cygwin proftpd" --desc "ProFTP FTP daemon" --user sshd_server -e CYGWIN="ntsec" Is that a typo? the option nodaemon is written as --nodaemon or -n. it's a typo. It's "--nodaemon". "cygrunsrv --start proftpd" after that fails. ... If I run without specifying --user, proftpd runs as SYSTEM. It does not change users at all. If I log in with other users and upload files, the files all end up owned by the SYSTEM user. I know all about that, but you can see your result, the error message you posted clearly states that the user could not change to SYSTEM... again: did you configyro proftpd correctly? It's the default configuration. Which, it turns out is the problem. Thanks for the hint. Apparently, the created user (sshd_server) can't switch to SYSTEM at startup, but has no problems switching to other users after proftpd is already running. So /etc/proftpd.conf needs to specify the same user that you give to cygrunsrv, or it won't start the service. -Chris -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: proftpd as a service under 2003
Chris Stromsoe wrote: ... >> How did you setup proftpd as service? > > cygrunsrv --install proftpd --path /usr/sbin/proftpd.exe --args > "nodaemon" --type auto --disp "Cygwin proftpd" --desc "ProFTP FTP > daemon" --user sshd_server -e CYGWIN="ntsec" Is that a typo? the option nodaemon is written as --nodaemon or -n. > "cygrunsrv --start proftpd" after that fails. > ... > If I run without specifying --user, proftpd runs as SYSTEM. It does not > change users at all. If I log in with other users and upload files, the > files all end up owned by the SYSTEM user. I know all about that, but you can see your result, the error message you posted clearly states that the user could not change to SYSTEM... again: did you configyro proftpd correctly? ... > I don't have inetd installed. It's a stripped down installation. In > any event, it's not clear to me that running from inetd would help. The > problem seems to be related changing users, which proftpd would still > have to do running under inetd. Yes, and it works fine under Win XP, so it must be something missing in your user sshd_server privileges. -- René Berber -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: proftpd as a service under 2003
On Thu, 26 Jul 2007, René Berber wrote: Chris Stromsoe wrote: I'm having trouble getting proftpd to run as a service under 2003. I read /usr/share/doc/Cyginw/openssh.README. I used ssh-host-config to create an account named sshd_server. I have ssh running fine. If I try to use the same account, I get the error How did you setup proftpd as service? cygrunsrv --install proftpd --path /usr/sbin/proftpd.exe --args "nodaemon" --type auto --disp "Cygwin proftpd" --desc "ProFTP FTP daemon" --user sshd_server -e CYGWIN="ntsec" "cygrunsrv --start proftpd" after that fails. Error starting a service: QueryServiceStatus: win32 error 1062: The service has not been started. Looking in the logs, I have: unable to set uid to 18, current uid: 1006 And 1006 is sshd_server? We know 18 is SYSTEM, whoever is 1006 has no privileges to change users... and it probably shouldn't (I have in my /etc/proftpd.conf User SYSTEM and Group None, it works fine in Win XP), if set as service the default is being run as SYSTEM, you must have changed that but not the proftpd configuration. If I run without specifying --user, proftpd runs as SYSTEM. It does not change users at all. If I log in with other users and upload files, the files all end up owned by the SYSTEM user. 1006 is sshd_server, which does have permissions to change users, otherwise sshd wouldn't work under 2003. http://www.cygwin.com/cygwin-ug-net/ntsec.html#ntsec-switch explains that the SYSTEM user does not have the "Create a token object" right under win2k3, which is required for set*id functions to work. ssh-host-config creates a user (sshd_server) which has those rights for running the ssh daemon. I am trying to re-use that user (which I have verified works with ssh) with proftpd Running /usr/sbin/proftpd from the command line gives me the same error, except the current uid is 500. The system is windows 2003 server. cygwin is 1.5.24. Any ideas? ProFtpd can be started from inetd... your choice; but there are advantages like using tcp_wrappers. I don't have inetd installed. It's a stripped down installation. In any event, it's not clear to me that running from inetd would help. The problem seems to be related changing users, which proftpd would still have to do running under inetd. -Chris -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: proftpd as a service under 2003
Chris Stromsoe wrote: > I'm having trouble getting proftpd to run as a service under 2003. I > read /usr/share/doc/Cyginw/openssh.README. I used ssh-host-config to > create an account named sshd_server. I have ssh running fine. > > If I try to use the same account, I get the error How did you setup proftpd as service? > Error starting a service: QueryServiceStatus: win32 error 1062: > The service has not been started. > > Looking in the logs, I have: > > unable to set uid to 18, current uid: 1006 And 1006 is sshd_server? We know 18 is SYSTEM, whoever is 1006 has no privileges to change users... and it probably shouldn't (I have in my /etc/proftpd.conf User SYSTEM and Group None, it works fine in Win XP), if set as service the default is being run as SYSTEM, you must have changed that but not the proftpd configuration. > Running /usr/sbin/proftpd from the command line gives me the same error, > except the current uid is 500. > > The system is windows 2003 server. cygwin is 1.5.24. > > Any ideas? ProFtpd can be started from inetd... your choice; but there are advantages like using tcp_wrappers. -- René Berber -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/