delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2002/07/07/20:25:01

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Date: Sun, 7 Jul 2002 17:34:09 -0700
From: David MacMahon <cygwin AT smartsc DOT com>
To: cygwin AT cygwin DOT com
Subject: cron and NT domains
Message-ID: <20020707173409.A1652@SmartSC.com>
Mime-Version: 1.0
User-Agent: Mutt/1.3.22.1i 

I've been trying to get Cygwin cron to work and I ran into some "can't
switch user context" problems.  After reading many messages in the archives
and trying all of the suggested settings, it finally dawned on me what is
happening.  I haven't seen this explanation in the archives, so I'm
sending this in the hopes that it will prevent others from getting too
frustrated.  I think this really belongs in Cygwin's README for cron.

cron tries to "switch user context WITHOUT a password" before running
the commands in a user's crontab file.  The problem, I think, is that
cron is running as a service under the "LocalSystem" user and as such it
cannot "switch user context WITHOUT a password" to a domain user (that
would be a huge security hole).  Other cygwin programs (e.g. telnet and
ftp) do not have this problem because they do not "switch user context
WITHOUT a password".  The user provides the password to these programs
interactively so they can "switch user context WITH a password" (even to
an NT domain user).  Unfortunately, cron is non-interactive so there is
no password available for it to use when switching user context.

Here's how I verified this theory: When logged in to NT using my domain
account, cron kept putting the "can't switch user context" error into
event viewer.  As soon as I renamed "/var/cron/tabs/<domain_user>" to
"/var/cron/tabs/<local_user>" (where "<local_user>" is a user local to my
NT box, not part of a domain), cron worked fine.

The simplest workaround is to not setup a crontab if you are logged in as a
domain user (duh).  If you want to use cron, setup a local NT and cygwin
user and do all your cron stuff from that local account.

If I'm wrong and there is a way to get cron to run crontabs for domain
users, please let me know how.

Dave

--
David MacMahon, President
Smart Software Consulting
http://www.smartsc.com

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019