Mail Archives: cygwin/2002/12/10/00:47:10
I have a problem with getting the CRON service to run under an account other than SYSTEM. The
reason I need to get CRON to run under an alternate account is so that jobs spawned from CRON will
be able to access network shares. I first started this exercise by getting the SSHd service to run
under an alternate with network rights. The modifications necessary to the account policies have
been discussed many times in this list
1. Act as part of the OS
2. Create new tokens
3. Incread quotas
4. Log on as a service
5. Replace process level tokens
I created a new account called "REPL-SERVICE" and sucessfully installed SSHd under these
credentials using CYGRUNSRV. Now, SFTP clients were able to access UNC network paths on the
server.
Next I used CYGRUNSRV to install CRON as a service using the "REPL-SERVICE" account. SFTP scripts
run via CRON were not able to access network shares. A quick look at TOP revealed that despite how
CRON was installed as a service, it always reverts back to SYSTEM, UID 18.
Why is CRON coded to always revert to SYSTEM, and as a consequence, never about to access network
shares, despite the fact that SSHd can be started under alternate credentials and gain access to
network shares? Is there another way to change the account that CRON runs under other that
CYGRUNSRV?
I am running CYGWIN1.DLL version: 1.3.17, CRON ver 3.0.1-7 on a WinNT4.0SP6a system using "ntsec"
environment option.
Thanks in advance,
Mike
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -