Mail Archives: cygwin/2013/09/16/16:14:27

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2013/09/16/16:14:27

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:message-id:date:from:reply-to:mime-version:to

:subject:references:in-reply-to:content-type

:content-transfer-encoding; q=dns; s=default; b=ehbEN7ShPL5a0oKu

uZvkeAvBNvsoldrtgUhxBZEkpWxsdcckeS0p5Ih4JAMPrQV0UdqzgVLGLLBtMXtp

gLFnvzf3ZbidVgPkWhDCLl28CI5n9cMhxSE2eMBSKPScVJ3tHSdM8cvjrloAGa/P

reaQEbA3hQpOgWmuTG0Hgf9krCs=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:message-id:date:from:reply-to:mime-version:to

:subject:references:in-reply-to:content-type

:content-transfer-encoding; s=default; bh=fWpd0PTO0T9WhFZT73Ib7J

R4LIQ=; b=n7xEeZ2XK7yMYAJAIEjJzvnkV3+AvkDUT+LWdtRLArz23KR48NhkoQ

KFg/tr3XctrTLagCgxVbTyBGnWcc7xTZ3q7/BXOL8ZiEeXfl24M+HnD1AkWKTJCO

cvAKgXtar80MHbJwgxi7jPuzA9MUrfDW+3cLa2/ttacvMm2hgI7Rw=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-4.0 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00,KHOP_THREADED autolearn=ham version=3.3.2

X-HELO: vms173005pub.verizon.net

Message-id: <52376683.1000804@cygwin.com>

Date: Mon, 16 Sep 2013 16:13:55 -0400

From: "Larry Hall (Cygwin)" <reply-to-list-only-lh AT cygwin DOT com>

Reply-to: cygwin AT cygwin DOT com

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130801 Thunderbird/17.0.8

MIME-version: 1.0

To: cygwin AT cygwin DOT com

Subject: Re: Fwd: Way to test cyglsa?

References: <CAMhuX2BzMOmeLeJSUcsm8yMd4gw8THBiBG=+iorVgv1uDwveJQ AT mail DOT gmail DOT com> <CAMhuX2BoDhcVUyv_ba4jXC+Y0fX=Fa50OOFfzK_fBBQe9N=o-A AT mail DOT gmail DOT com> <5237373E DOT 1070905 AT cygwin DOT com> <CAMhuX2ALMEw+2D5_urYo_MPhbjvebROs5UAY4L0Gx1a0rAagSA AT mail DOT gmail DOT com> <523748CD DOT 5070205 AT cygwin DOT com> <CAMhuX2CvmLJs4c4HANjCXZBARzCRrrBe3L5dpsBTDqMrhXz+7Q AT mail DOT gmail DOT com> <523752B8 DOT 2010306 AT cygwin DOT com> <CAMhuX2CCzUvwqkpg7drPAohVbkL+rE-sLJbK0tk5v7pTT6Xh0A AT mail DOT gmail DOT com> <52375AF0 DOT 6030600 AT cygwin DOT com> <CAMhuX2D5sA_+D+J+UZw+NyA_ctGraO7AjU4DYPRSmXnugG_UQw AT mail DOT gmail DOT com>

In-reply-to: <CAMhuX2D5sA_+D+J+UZw+NyA_ctGraO7AjU4DYPRSmXnugG_UQw@mail.gmail.com>

On 9/16/2013 3:56 PM, Evan Rowley wrote:
> The user cyg_server was generated by the ssh-host-config script and
> while the server itself is on a domain, all the users involved with
> cygwin / ssh / sshd are local users.
>
> I've noticed that along with the local cyg_server account, there is
> also a local sshd account. It appears to be disabled. Is that normal?

Yes.  That's for privilege separation.  It's fine.

> What can I do to be sure that seteuid can be called by cyg_server? The
> user is in the Administrators group and to my knowledge, that should
> be a qualifier to run seteuid.

The only thing I can think of here is that cyglsa isn't doing what it
should.  Why don't you send along your cygcheck output
(<http://cygwin.com/problems.html>) in case there's something there
that would help there.

> I went ahead and reconfigured /etc/passwd, the sshd service via
> ssh-host-config, and the LSA passwords for the users. I'm still
> experiencing the same problem but now with a new and odd variation.
> Attempting to connect via ssh yeilds the same result as before but
> additionally causes the sshd service to stop. No errros are being
> reported in the event logs and the /var/log/sshd.log file looks the
> same as before. Output is below:

<snip>

Yep, that's expected when you run sshd as debug.  That's another
reason I set up a separate service for the debug version.  Keeps me
from needing to edit anything to switch back and forth and I never
have to worry about the "limitations" of running a debug version
when I don't mean to be. :-)


-- 
Larry

_____________________________________________________________________

A: Yes.
 > Q: Are you sure?
 >> A: Because it reverses the logical flow of conversation.
 >>> Q: Why is top posting annoying in email?

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:reply-to:mime-version:to
	:subject:references:in-reply-to:content-type
	:content-transfer-encoding; q=dns; s=default; b=ehbEN7ShPL5a0oKu
	uZvkeAvBNvsoldrtgUhxBZEkpWxsdcckeS0p5Ih4JAMPrQV0UdqzgVLGLLBtMXtp
	gLFnvzf3ZbidVgPkWhDCLl28CI5n9cMhxSE2eMBSKPScVJ3tHSdM8cvjrloAGa/P
	reaQEbA3hQpOgWmuTG0Hgf9krCs=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:message-id:date:from:reply-to:mime-version:to
	:subject:references:in-reply-to:content-type
	:content-transfer-encoding; s=default; bh=fWpd0PTO0T9WhFZT73Ib7J
	R4LIQ=; b=n7xEeZ2XK7yMYAJAIEjJzvnkV3+AvkDUT+LWdtRLArz23KR48NhkoQ
	KFg/tr3XctrTLagCgxVbTyBGnWcc7xTZ3q7/BXOL8ZiEeXfl24M+HnD1AkWKTJCO
	cvAKgXtar80MHbJwgxi7jPuzA9MUrfDW+3cLa2/ttacvMm2hgI7Rw=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-4.0 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00,KHOP_THREADED autolearn=ham version=3.3.2
X-HELO:	vms173005pub.verizon.net
Message-id:	<52376683.1000804@cygwin.com>
Date:	Mon, 16 Sep 2013 16:13:55 -0400
From:	"Larry Hall (Cygwin)" <reply-to-list-only-lh AT cygwin DOT com>
Reply-to:	cygwin AT cygwin DOT com
User-Agent:	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130801 Thunderbird/17.0.8
MIME-version:	1.0
To:	cygwin AT cygwin DOT com
Subject:	Re: Fwd: Way to test cyglsa?
References:	<CAMhuX2BzMOmeLeJSUcsm8yMd4gw8THBiBG=+iorVgv1uDwveJQ AT mail DOT gmail DOT com> <CAMhuX2BoDhcVUyv_ba4jXC+Y0fX=Fa50OOFfzK_fBBQe9N=o-A AT mail DOT gmail DOT com> <5237373E DOT 1070905 AT cygwin DOT com> <CAMhuX2ALMEw+2D5_urYo_MPhbjvebROs5UAY4L0Gx1a0rAagSA AT mail DOT gmail DOT com> <523748CD DOT 5070205 AT cygwin DOT com> <CAMhuX2CvmLJs4c4HANjCXZBARzCRrrBe3L5dpsBTDqMrhXz+7Q AT mail DOT gmail DOT com> <523752B8 DOT 2010306 AT cygwin DOT com> <CAMhuX2CCzUvwqkpg7drPAohVbkL+rE-sLJbK0tk5v7pTT6Xh0A AT mail DOT gmail DOT com> <52375AF0 DOT 6030600 AT cygwin DOT com> <CAMhuX2D5sA_+D+J+UZw+NyA_ctGraO7AjU4DYPRSmXnugG_UQw AT mail DOT gmail DOT com>
In-reply-to:	<CAMhuX2D5sA_+D+J+UZw+NyA_ctGraO7AjU4DYPRSmXnugG_UQw@mail.gmail.com>