Mail Archives: cygwin/2003/12/17/14:28:05
This is a follow-up to my original post. I've done some work offline with a
couple of people on this, but wanted to bring the issue, and current
findings, back to the list.
Summary: Windows 2003 server, set up crond per Corinna's directions (posted
below). Once a user (pick a user, any user) does a 'crontab -e', crond
reports 'CANT OPEN (tabs/user)'
At this point, the tabs/user file is owned by user.SYSTEM If I change the
ownership to user.Administrators, crond is happy and so am I because my cron
jobs run.
So, I have a workaround (manually change the protection on the tabs/user
file to user.Administrators after a 'crontab -e'). I'm posting this in case
others run into the problem, and with the hope that a future rev of cron
will address this problem.
Thanks
Benn
From: "Benn Schreiber" <bls at starwhite dot net>
To: <cygwin at cygwin dot com>
Date: Tue, 16 Dec 2003 08:51:26 -0800
Subject: Re: Windows 2003 Server & Cygwin Cron
I am running on Windows 2003 server, and set up cron_server per this note.
The cron server starts just fine, but reports that it can't open
tabs/theuser (where theuser is the user account name).
The protection on tabs/theuser is 640 o.g is user.SYSTEM which is probably
why cron server can't open it. I changed the group to administrators, which
cron_server is part of, but unfortunately, a 'crontab -e' resets the group
to SYSTEM.
Thanks
Benn
From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
To: cygwin at cygwin dot com
Date: Tue, 11 Nov 2003 10:02:53 +0100
Subject: Re: Windows 2003 Server & Cygwin Cron
References: <NPEOLGGPKHICABBIJEIBCELECCAA DOT brian AT cruik DOT org>
Reply-to: cygwin at cygwin dot com
________________________________________
On Mon, Nov 10, 2003 at 03:26:07PM -0700, Brian Cruikshank wrote:
> I have tried putting
> the everyone group on the Local Security policies for "Create a token
> object", "Logon as service", and "Replace a process level token". The
> problem still happens.
URGH! Don't do this. Remove the Everyone group from these rights
again. The easiest way is to follow the ssh-host-config script in
creating a special account:
net user cron_server <passwd> /add /yes
net localgroup <administrators_group_name> cron_server /add
editrights -a SeAssignPrimaryTokenPrivilege -u cron_server
editrights -a SeCreateTokenPrivilege -u cron_server
editrights -a SeIncreaseQuotaPrivilege -u cron_server
editrights -a SeServiceLogonRight -u cron_server
mkpasswd -l -u cron_server >> /etc/passwd
For security reasons:
editrights -a SeDenyInteractiveLogonRight -u cron_server
editrights -a SeDenyNetworkLogonRight -u cron_server
editrights -a SeDenyRemoteInteractiveLogonRight -u cron_server
And then create a cron service using that account:
cygrunsrv -I cron -p /usr/sbin/cron -a -D -u cron_server -w <passwd>
> By the way, I see reference to a cron README file that should have been in
> the install. I cannot find it anywhere yet. Did it get lost in the new
> releases or is it hiding somewhere other than /usr/doc?
/usr/share/doc/...
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin AT cygwin DOT com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -