delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2007/10/11/23:45:17

X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Message-ID: <470EED9F.1090809@cygwin.com>
Date: Thu, 11 Oct 2007 23:44:31 -0400
From: "Larry Hall (Cygwin)" <reply-to-list-only-lh AT cygwin DOT com>
Reply-To: cygwin AT cygwin DOT com
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.3) Gecko/20070505 Remi/2.0.0.0-3.fc4.remi Thunderbird/2.0.0.0 Mnenhy/0.7.5.0
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: Re: File permissions... Mounting...
References: <A1E46867FD0F4B47A821D626D858F3CF189004 AT RWCEXC01 DOT HQ DOT DeCru DOT com>
In-Reply-To: <A1E46867FD0F4B47A821D626D858F3CF189004@RWCEXC01.HQ.DeCru.com>
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Eric Uratchko wrote:
> That's just it-- I've changed the domain user to a million different
> things. Right now there is no authentication, it's set to full perms to
> everyone. I can open it in everything. I can go to /cygdrive and see c
> and z, z is the mapped network share.
> 
> Then I SSH in to the box and z is gone ... Anything that's mapped to it
> is inaccessible.


Ah, OK.  Now you let it slip that your problem is actually related to
'ssh'. ;-)  Do you see now why I originally pointed you to:

<http://cygwin.com/problems.html>

Can you show us what you're doing exactly?


> I've tried chown -hR sshd_server:SYSTEM z ... And it acts like it takes
> it. I do an ls -la and see that it hasn't actually changed.


It's far preferable to use POSIX syntax for pathnames.

Cygwin won't change permissions on network drives without being told to.
You need to set "smbntsec" in your CYGWIN environment variable.  See:

<http://cygwin.com/cygwin-ug-net/using-cygwinenv.html>

You might also want to take a look at the security section in the Cygwin
Users Guide if you have not already:

<http://cygwin.com/cygwin-ug-net/ntsec.html>


> Is it possible to access network drives while ssh'd into cygwin? Or has
> noone ever gotten that to work? Searching finds posts where people can't
> get it to work, with suggestions that don't work and then "I don't know
> why this is doing that" ... 


There's an FAQ entry for this actually:

<http://cygwin.com/faq/faq-nochunks.html#faq.using.shares>

If this doesn't help, I'd again invite you to read and follow the problem
reporting guidelines outlined here:

<http://cygwin.com/problems.html>

It's really better for us to know exactly what you're doing and exactly
what your configuration is before too much discussion ensues.  Otherwise,
we're just left guessing about allot of things or there's lengthy "Did you
try this?", "How did you do that?", and "How do you have that configured?"
for all the bootstrap stuff that can be more efficiently dealt with in an
initial problem report.


> It doesn't matter if it's NFS, cifs.. I can make it either. I don't
> care, all I need is to access the drive. Is there any way to just
> disable permissions?


If you're sure that it's just file-based permissions that are in your
way, then use "nontsec" in you CYGWIN environment variable.  But I'm still
left with enough questions about your environment and what you're doing
that I can't make any firm recommendations here.


> Please forgive my ignorance, I'm new to this. If I could just get sshd
> to run as administrator, would that fix this problem?


No.  Not if you expect to be able to switch user contexts (i.e. ssh in as
different users).  If you don't want/need that, well then the answer may be
yes.


> Basically everything works fine locally .. And when I ssh in, it's
> broken. I know that sshd is being called via sshd_server .. And I've
> even made a domain account name sshd_server and granted it full privs,
> it makes no difference as it's not logging in with a domain account.
> I've given that local account full perms too. I can map a network share
> as that account even. Still no difference.


Don't try to defeat the system.  If you find you're turning things upside-
down to try to get them to work then you're probably just working against
yourself.

We need more information about your system configuration, how you set up
sshd, how you're sshing into it, and what the mysterious "z" network drive
is before offering any specific advice.  Assuming the general pointers I've
given you so far aren't enough to help you piece together a solution, please
file a proper problem report with any follow-up so someone here can
understand the details of your specific configuration issue.


-- 
Larry Hall                              http://www.rfk.com
RFK Partners, Inc.                      (508) 893-9779 - RFK Office
216 Dalton Rd.                          (508) 893-9889 - FAX
Holliston, MA 01746

_____________________________________________________________________

A: Yes.
 > Q: Are you sure?
 >> A: Because it reverses the logical flow of conversation.
 >>> Q: Why is top posting annoying in email?

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019