Mail Archives: cygwin/2007/11/09/18:31:03

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2007/11/09/18:31:03

X-Recipient: archive-cygwin AT delorie DOT com

X-Spam-Check-By: sourceware.org

Message-ID: <4734EDA4.FAE2802E@dessent.net>

Date: Fri, 09 Nov 2007 15:30:44 -0800

From: Brian Dessent <brian AT dessent DOT net>

X-Mailer: Mozilla 4.79 [en] (Windows NT 5.0; U)

MIME-Version: 1.0

To: cygwin AT cygwin DOT com

Subject: Re: Permissions/acl problem

References: <fh114b$d0u$1 AT ger DOT gmane DOT org> <47349DE5 DOT 6020500 AT cygwin DOT com> <fh2psn$qg8$1 AT ger DOT gmane DOT org>

X-IsSubscribed: yes

Reply-To: cygwin AT cygwin DOT com

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Jerome Fong wrote:

> This doesn't seem to help.  I re-ran cron_diagnose.sh and made sure I
> had ntsec and smbntsec define, but that doesn't seem to help.  Am I
> suppose to add it to my .profile?

I think Larry might have been a little quick on the trigger to suggest
smbntsec, as I don't see how that would be relevant in this situation. 
(And ntsec is the default if not specified, so there's no reason really
to ever specify it.)

The problem is that the cron daemon runs as the system and impersonates
each user when it goes to execute a job from their crontab.  But the
cron daemon does not have the user's password (exactly analogous to the
case when logging on to the sshd daemon with pubkey auth) so any network
shares that require authentication will not be accessible from the
cronjob.  There's a FAQ entry about this, but the solutions amount to
basically:

- use network paths accessible to guests
- run cron daemon as the desired user, which requires giving the user's
password once when installing service but not subsequently.  (But you
can only ever run jobs as that user as impersonation is not possible
without extra privileges.)
- supply your password explicitly in the cronjob, i.e. by invoking "net
use" with username and password.  (Requires leaving password exposed in
crontab)

Brian

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
X-Spam-Check-By:	sourceware.org
Message-ID:	<4734EDA4.FAE2802E@dessent.net>
Date:	Fri, 09 Nov 2007 15:30:44 -0800
From:	Brian Dessent <brian AT dessent DOT net>
X-Mailer:	Mozilla 4.79 [en] (Windows NT 5.0; U)
MIME-Version:	1.0
To:	cygwin AT cygwin DOT com
Subject:	Re: Permissions/acl problem
References:	<fh114b$d0u$1 AT ger DOT gmane DOT org> <47349DE5 DOT 6020500 AT cygwin DOT com> <fh2psn$qg8$1 AT ger DOT gmane DOT org>
X-IsSubscribed:	yes
Reply-To:	cygwin AT cygwin DOT com
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com