X-Spam-Check-By:	sourceware.org
To:	cygwin AT cygwin DOT com
From:	Andrew DeFaria <Andrew AT DeFaria DOT com>
Subject:	Re: rsh with command hangs, rlogin works
Date:	Tue, 23 May 2006 08:33:18 -0700
Lines:	149
Message-ID:	<e4v9vv$4ff$1@sea.gmane.org>
References:	<000001c67e59$fc698240$ba00a8c0 AT Brum>
Mime-Version:	1.0
User-Agent:	Thunderbird 1.5.0.2 (Windows/20060308)
In-Reply-To:	<000001c67e59$fc698240$ba00a8c0@Brum>
X-IsSubscribed:	yes
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Unsubscribe:	<mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com

Lars Björnfot wrote:
> Hi all,
>
> This is my first mail on the list...
>
> I want to run rsh but this happens
>
>  $ rsh localhost ls 	HANGS for any command
>  $ rsh localhost 	works fine
>
>
> I have set up inetd for cygrunsrv
>
> $ cygrunsrv -I inetd -d "CYGWIN inetd" -p /usr/sbin/inetd -a "-D -d" -e
> "CYGWIN=binmode tty ntsec"
>
>   -D  to allow inetd to run under cygrunsrv
>   -d  to debug output
>
> $ cygrunsrv -V -Q inetd
> Service             : inetd
> Display name        : CYGWIN inetd
> Current State       : Running
> Controls Accepted   : Stop
> Command             : /usr/sbin/inetd -D -d
> stdin path          : /dev/null
> stdout path         : /var/log/inetd.log
> stderr path         : /var/log/inetd.log
> Environment         : CYGWIN="binmode tty ntsec" 
> Process Type        : Own Process
> Startup             : Automatic
> Account             : LocalSystem
>
>
> --------------------------------------------
> 1. rsh with command (in.rshd) - failing case
> --------------------------------------------
>
> $ rsh localhost ls
> 		[Hangs]
>
> $ tail -f inetd.log 
> someone wants shell
> accept, ctrl 3
> + Closing from 20
> 2148 execl /usr/sbin/in.rshd
> 2148 reaped, status 0x8b		[comes immediately after execl]
>
>
> $ strace rsh localhost ls > rsh.log
>
> When it hangs I kill the process but these are the final lines:
>
>  5267   38986 [main] rsh 3692 __dup_ent: duping servent "cmd",
> 0x191A4FA8
>   153   39139 [main] rsh 3692 __dup_ent: duped servent "cmd", 0x4B21E0
>    68   39207 [main] rsh 3692 cygwin_getservbyname: 0x4B21E0 =
> getservbyname (sh
>
> -------------------------------------------------
> 2. rsh with no command (in.rlogin) - working case
> -------------------------------------------------
>
> $ rsh localhost
> Last login: Tue May 23 09:57:22 from localhost
> Fanfare!!!
> You are successfully logged in to this server!!!
>
>
> $ tail -f inetd.log 
> someone wants login
> accept, ctrl 3
> + Closing from 20
> 200 execl /usr/sbin/in.rlogind
> 200 reaped, status 0x100		[comes on exit from shell]
>
>
>
> $ strace rsh localhost > rlogin.log
>
> Same three lines as above, here it continues "normally".
>
>  5452   12528 [main] rlogin 3636 __dup_ent: duping servent "login",
> 0x186B4FA8
>   138   12666 [main] rlogin 3636 __dup_ent: duped servent "login",
> 0x4B08E0
>    56   12722 [main] rlogin 3636 cygwin_getservbyname: 0x4B08E0 =
> getservbyname (login, tcp)
> [snip]
>
>
>
> It seems like inetd is configured ok, permissions are ok etc.
>
>
> Relevant lines from inetd.conf:
>
> shell   stream  tcp     nowait  root    /usr/sbin/in.rshd in.rshd -L
> login   stream  tcp     nowait  root    /usr/sbin/in.rlogind in.rlogind
>
>
> Relevant lines from c:/WINDOWS/system32/drivers/etc/services
>
> login             513/tcp                           #Remote Login
> who               513/udp    whod
> cmd               514/tcp    shell
> syslog            514/udp
>
>
> I have no /etc/hosts.allow or /etc/hosts.equiv but I have .rhosts
>
> $ cat ~/.rhosts 
> localhost lars
> grizzly lars
>
>
> I have updated all Cygwin packages to the current, but it didn't help.
>
> "cygcheck -s" is attached.
>
> Any help is apprecieated! I'm out of ideas...  
>   
I have a similar problem. I see you're on Windows 2003 Server. 2003 
tightened security a bit. Given the above the cygrunsrv will be running 
as SYSTEM no? Does SYSTEM have the proper rights?

Question: Since 2003's SYSTEM account doesn't have enough rights to 
switch user doesn't sshd, inetd (considering services like rsh, rlogin, 
telnet, ftp, etc) and even cron need to switch users thus needs to run 
under an account with elevated privileges? The ssh-host-config script 
attempts to address this but nothing is done for these other desirable 
Cygwin services. Personally I think a new user, shared amongst services 
that need such privileges perhaps called daemon should be created and 
maybe a general install_services script concocted to handle adding this 
common services properly.

I'm struggling with trying to get both sshd and rsh access on a Windows 
2003 server (see other thread). Somehow my playing with this apparently 
screwed up IPSEC on the server and it wouldn't even boot! For a time I 
was able to rsh but not rsh with a command like you. Ssh would attempt 
to work but fail trying to load C:\Windows\system32\ws2_32.dll. But 
commandless rsh was working. Then it too broke. Now the system's all 
messed up. The IPSEC problem has been fixed but I'm not sure what to do.

-- 

Andrew DeFaria <http://defaria.com>
Why do banks charge you a non-sufficient funds fee on money they already 
know you don't have?


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -