| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=s/Fv3MZlyxSVhQPAL2HHiJm4Oxk01zsGixV8k0uGV0Pltup4tosqW | |
| ailUKtjust/Daos/SqkWmm5m/qXT1jq6J/sw4gJe0cHYUwHyBiUhT7F5WeNN4fWe | |
| dnCJ+bjEG9/lNo3NYDH0j7CavqbsU1cJGnFmPzc5tmc4V0Ak9TC+to= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=+b3Ce7166PQHI+pKE/eOgZitCBg=; b=t+do0YLIopqVlbQrzY4BQw9F/zzt | |
| 8/XhT7j0w/ITNqALCXosV4B3A6uKaen+gytxjsIjEWOm0CIiJZBVM4RZcHZDNm4D | |
| gWUqZiew/BT41jhlX9jZjNCiYxUqB/s1YJri4eYmXUUGxIxw8AIvIdRFor1785lM | |
| +0LQ4voqyj4NxOk= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=0.5 required=5.0 tests=AWL,BAYES_50,RDNS_NONE,URIBL_BLOCKED autolearn=no version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Mon, 4 Nov 2013 13:03:07 +0100 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: Still confused about cyg_server vs. user id when logging in via ssh |
| Message-ID: | <20131104120307.GE2731@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <21110 DOT 44071 DOT 195847 DOT 904212 AT consult DOT pretender> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <21110.44071.195847.904212@consult.pretender> |
| User-Agent: | Mutt/1.5.21 (2010-09-15) |
--o0ZfoUVt4BxPQnbU Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Nov 3 15:03, frigging raw email address wrote: > When I login via ssh, I *appear* at first glance to have the same id > and privileges as I do when I log in directly. >=20 > a) If I am an administrator, then 'id -a' gives the following > consistent answer for both direct and ssh login: > uid=3D1001(myusername) gid=3D513(None) groups=3D513(None),0(root),544= (Administrators),545(Users) >=20 > b) If I am a regular user, then 'id -a' gives the following consistent > answer: > uid=3D1001(myusername) gid=3D513(None) groups=3D513(None),545(Users) >=20 >=20 > However, there are some important differences. > 1. First and most importantly, when I log in as administrator via 'ssh', > somehow cyg_server seems to be the real owner of all my files > (despite the fact that cygwin 'ls -al' seems to mask that). >=20 > In particular, 'subinacl' gives > /owner =3Dmymachine\cyg_server > /pace =3Dwinlawyer\cyg_server Type=3D0x0 Flags=3D0x0 AccessMask=3D0x1= f019f > For all files that are actually owned by me... though it gets the > ownership right for files owned by others. >=20 > This is a problem since I use ssh, as part of my backup scripts to run > subinacl to backup acls. >=20 > My bottom line question is whether there is any way to login via SSH > and to get a shell with true ADMINISTRATOR privileges so that there is > no difference between a SSH log in and a local login... at a minimum > is there any way to get subinacl to work right. http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-logonuser > 2. Whether I log in as an ordinary user or as administrator via SSH, > only some but not all user variables are properly set. So, for example > "HOME" seems to be set properly but not for example "APPDATA". I don't > understand why some variables are set and not others... Security reasons, a request from the upstream OpenSSH maintainers way back when. This has been discussed in the past on this ML, including some workarounds, AFAIR. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --o0ZfoUVt4BxPQnbU Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQIcBAEBAgAGBQJSd4z7AAoJEPU2Bp2uRE+gefYP/0rG1F4VU5iWmeNg+qVYr8Di 0DxrIu52EJcZLVYCGdynMGgJCqZU+oGM0kUyEiMVXlAzwjEFNmdLEMLTw+XHtFQb eW4rGk+HZcsAdUM0fgkwNII7nLYwuJgFDOnYH1VLsGp9GdrcY5qlxOoiJTqQNyUm gnpkJe2ZFXSjhyon8VRgcVEnXwBEIHJREu1DxmZRcJWLKHmlBz62mmxgGh4vbtW3 xuflaNfbjkl+KOb3beP7gv8VHNb7IjugfHaLF5139GrAF22IXbbQZ+WsV0XC6J85 ICdxDzlSMwKAyXQh6Ggy6epXSd+k6O7i9Zko6Z7HchyKpdOs2zjMRX002SRTV5j/ /IBpYU+OJ5biHIRJ9hCGz+SHqgjf5VFZZt0dOE9FlAuBJT82Iijg+sUJ4iMAB7f0 fjgBQeUVV/lwweHusMZbOBSNOVVZAHejOQMFpvlsrJVjUNl1hhVBdYLssUhz1fXT GhS1OwCKEuIsOHQOyZZsf89fUtljVB+WBuATz2oKOM/Qn8quRzN6aV4fhVIvXOkb KFS5295oUDHToGMBNHUDmHO3rE7UVVNWKKzWKMUX/T9QcjxJqLl0g7PAJiCKXffF P6tjJrdB6vDndaeJHcJKljzBfO9dhnnXyu5tAD8oD83ton/k7AmpLupwGCi7tILZ o/jCu3uYtuukf5A3lQFN =Udwd -----END PGP SIGNATURE----- --o0ZfoUVt4BxPQnbU--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |