Mail Archives: cygwin/2007/04/12/00:40:39
hello..
i'm trying tu run a process with low privileges, (mysql) server, with
a mysql user, but this cannot be change, i'm using the Administrator
account as root. and i create a mysql user into de windows users and
expoted it to the passwd table.
a synopsis of this
[code]
svr ~ # cat /etc/passwd
SYSTEM:*:18:544:,S-1-5-18::
portage:*:250:250:,S-1-5-21-527237240-484763869-1202660629-1015:/usr/portae:/bin/false
apache:*:81:81:,S-1-5-21-527237240-484763869-1202660629-1019:/var/www:/bin/nologin
mysql:*:60:60:U-SVR\mysql,S-1-5-21-527237240-484763869-1202660629-1021:/var/lib/mysql:/bin/nologin
root:unused_by_nt/2000/xp:0:0:U-SVR\Administrador,S-1-5-21-527237240-484763869-1202660629-500:/home/Administrador:/bin/bash
Invitado:unused_by_nt/2000/xp:501:513:U-SVR\Invitado,S-1-5-21-527237240-484763869-1202660629-501:/home/Invitado:/bin/bash
svr ~ #
svr ~ # cat /etc/group
root:S-1-5-32-544:0:
portage:S-1-5-21-527237240-484763869-1202660629-1015:250:root
apache:S-1-5-21-527237240-484763869-1202660629-1019:81:
wheel:S-1-5-18:10:root
SYSTEM:S-1-5-18:18:
Ninguno:S-1-5-21-527237240-484763869-1202660629-513:513:
Administradores:S-1-5-32-544:0:
Duplicadores:S-1-5-32-552:552:
Invitados:S-1-5-32-546:546:
Operadores de configuración de red:S-1-5-32-556:556:
Operadores de copia:S-1-5-32-551:551:
Usuarios:S-1-5-32-545:545:
Usuarios avanzados:S-1-5-32-547:547:
Usuarios de escritorio remoto:S-1-5-32-555:555:
HelpServicesGroup:S-1-5-21-527237240-484763869-1202660629-1001:1001:
aweonao:S-1-5-32-544:500:
utmp:S-1-5-21-527237240-484763869-1202660629-1017:409:
mysql:S-1-5-21-527237240-484763869-1202660629-1021:60:
[/code]
for test, i'm using the following command...
[code]
svr test # start-stop-daemon --start -c mysql -q -x /usr/bin/yes
start-stop-daemon: Unable to set uid to mysql
svr test #
[/code]
when i made a strace for the procces, this is the result (cutted to
the point of problem)
[code]
120 2197588 [main] start-stop-daemon 1216 extract_nt_dom_user:
pw_gecos 6B1384 (U-SVR\mysql,S-1-5-
21-527237240-484763869-1202660629-1021)
87233 2284821 [main] start-stop-daemon 1216 initgroups32: 0 =
initgroups (mysql, 60)
95 2284916 [main] start-stop-daemon 1216 seteuid32: uid: 60
myself->uid: 0 myself->gid: 60
65 2284981 [main] start-stop-daemon 1216 seteuid32: Found token -1
2802 2287783 [main] start-stop-daemon 1216 seterrno_from_win_error:
/ext/build/netrel/src/cygwin-1.
5.24-2/winsup/cygwin/sec_helper.cc:422 windows error 1300
125 2287908 [main] start-stop-daemon 1216 geterrno_from_win_error:
unknown windows error 1300, set
ting errno to 13
50 2287958 [main] start-stop-daemon 1216 __set_errno: void
seterrno_from_win_error(const char*, i
nt, DWORD):310 val 13
52 2288010 [main] start-stop-daemon 1216 set_privilege: -1 =
set_privilege ((token 6BC) SeCreateT
okenPrivilege, 1)
9221 2297231 [main] start-stop-daemon 1216 seterrno_from_win_error:
/ext/build/netrel/src/cygwin-1.
5.24-2/winsup/cygwin/security.cc:889 windows error 1314
88 2297319 [main] start-stop-daemon 1216 geterrno_from_win_error:
unknown windows error 1314, set
ting errno to 13
49 2297368 [main] start-stop-daemon 1216 __set_errno: void
seterrno_from_win_error(const char*, i
nt, DWORD):310 val 13
1002 2298370 [main] start-stop-daemon 1216 create_token: -1 = create_token ()
149 2298519 [main] start-stop-daemon 1216 seteuid32: create token
failed, try subauthentication.
2872 2301391 [main] start-stop-daemon 1216 seterrno_from_win_error:
/ext/build/netrel/src/cygwin-1.
.
5.24-2 /winsup/cygwin/security.cc:961 windows error 5
1741 2306707 [main] start-stop-daemon 1216 geterrno_from_win_error:
windows error 5 == errno 13
109 2306816 [main] start-stop-daemon 1216 __set_errno: void
seterrno_from_win_error(const char*, i
nt, DWORD):310 val 13
81 2306897 [main] start-stop-daemon 1216 setuid32: real: 0, effective: 0
1591 2308488 [main] start-stop-daemon 1216 sig_send: sendsig 0x700,
pid 1216, signal -34, its_me 1
69 2308557 [main] start-stop-daemon 1216 sig_send: wakeup 0x6C8
3527 2312084 [main] start-stop-daemon 1216 sig_send: Waiting for
pack.wakeup 0x6C8
1793 2313877 [sig] start-stop-daemon 1216 wait_sig: signalling
pack.wakeup 0x6C8
70125 2384002 [main] start-stop-daemon 1216 sig_send: returning 0x0
from sending signal -34
181 2384183 [main] start-stop-daemon 1216 fhandler_base::write: binary write
start-stop-daemon: 791 2384974 [main] start-stop-daemon 1216
sig_send: sendsig 0x700, pid 1216, si
gnal -34, its_me 1
365 2385339 [main] start-stop-daemon 1216 sig_send: wakeup 0x6C8
77 2385416 [main] start-stop-daemon 1216 sig_send: Waiting for
pack.wakeup 0x6C8
798 2386214 [sig] start-stop-daemon 1216 wait_sig: signalling
pack.wakeup 0x6C8
676 2386890 [main] start-stop-daemon 1216 sig_send: returning 0x0
from sending signal -34
722 2387612 [main] start-stop-daemon 1216 fhandler_base::write: binary write
Unable to set uid to mysql 280 2387892 [main] start-stop-daemon 1216
sig_send: sendsig 0x700, pid 1216, signal -34, its_me 1
486 2388378 [main] start-stop-daemon 1216 sig_send: wakeup 0x6C8
72 2388450 [main] start-stop-daemon 1216 sig_send: Waiting for
pack.wakeup 0x6C8
327 2388777 [sig] start-stop-daemon 1216 wait_sig: signalling
pack.wakeup 0x6C8
814 2389591 [main] start-stop-daemon 1216 sig_send: returning 0x0
from sending signal -34
477 2390068 [main] start-stop-daemon 1216 fhandler_base::write: binary write
[/code]
i hope that something that's help me.... greetings.... and thanks
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
- Raw text -