| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; q=dns; s= | |
| default; b=U2t7oR/mdyZ8vqgBUsfRijTRqBFttMK7lTEIL15AiK+tigCqon5Kp | |
| su7TyAOppVRVwVTZPgiVXEprJ5kLtshdB7obPj3H8Ij5AU9Fkc1OgjNt3UwroBUh | |
| sFMFJmK9cXvJq0L0kuDi4e1RryV7jFdxvlZAJ0Cca6gcEv3XxLAleE= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:date:from:to:subject:message-id:reply-to | |
| :references:mime-version:content-type:in-reply-to; s=default; | |
| bh=yPME31XhWXp3GHixFrtrmtYiLao=; b=lHqKb9kdUbCpa0S9do7pxppPtJKC | |
| 3v3kYzHf7d+bID9rJx9Wt6vbrad3XmrkGg9oYhZ9tetbjnmSoAgxxK39XH1a0Nnr | |
| yZXkTU2PhhHfm/TJcSd1eI9sLLIOLgBRqjAyq/AMOsgUByuHU8CLRoppRpGqQeJp | |
| 94tcc8D3BqT04v0= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2 |
| X-HELO: | calimero.vinschen.de |
| Date: | Fri, 29 Aug 2014 23:43:34 +0200 |
| From: | Corinna Vinschen <corinna-cygwin AT cygwin DOT com> |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: (call-process ...) hangs in emacs |
| Message-ID: | <20140829214334.GA2644@calimero.vinschen.de> |
| Reply-To: | cygwin AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| References: | <loom DOT 20140827T170804-533 AT post DOT gmane DOT org> <loom DOT 20140828T085927-71 AT post DOT gmane DOT org> <20140828095524 DOT GO20700 AT calimero DOT vinschen DOT de> <20140828131832 DOT GT20700 AT calimero DOT vinschen DOT de> <loom DOT 20140828T172529-396 AT post DOT gmane DOT org> <loom DOT 20140829T115632-276 AT post DOT gmane DOT org> <20140829110938 DOT GD20700 AT calimero DOT vinschen DOT de> <5400C19D DOT 4070408 AT cornell DOT edu> <87ha0vhzge DOT fsf AT Rainer DOT invalid> <5400D64D DOT 1090709 AT cornell DOT edu> |
| MIME-Version: | 1.0 |
| In-Reply-To: | <5400D64D.1090709@cornell.edu> |
| User-Agent: | Mutt/1.5.23 (2014-03-12) |
--ZPt4rx8FFjLCG7dd Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Aug 29 15:36, Ken Brown wrote: > On 8/29/2014 3:23 PM, Achim Gratz wrote: > >Ken Brown writes: > >>With the latest snapshot I can't start the sshd service. The > >>Application Log just says, "`sshd' service stopped, exit > >>status:255". The problem doesn't occur with the 2014-08-27 snapshot. > >>I guess this has something to do with the new permissions on various > >>files, but I'm not sure which ones. > > > >Off the top of my head for the standard installation: > > > >/etc/ssh* > >/var/empty > >/var/log/sshd > > > >When you try to debug the sshd, IIR these are the files that must be > >chown'ed to the admin user that runs sshd from the terminal. Running in > >debug mode (either from the terminal or via sshd_config) should produce > >messages which file or directory sshd is choking on. >=20 > I just checked /var/log/sshd.log. (I hadn't thought to do that before.) > The last message in it is, "/var/empty must be owned by root and not group > or world-writable." So the problem seems to be that /var/empty appears to > sshd to be group writable under the latest snapshot. This is the "downsi= de" > that Corinna mentioned. What needs to be done to /var/empty to fix this? What needs to be done is to fix the ssh-host-config script. It adds an ACE for SYSTEM on /var/empty, /etc, and /var/log for no apparent reason. I just sent a patch upstream which removes the code trying to generate /etc and /var/log entirely (done by setup.exe) and which drops adding a SYSTEM ACE to /var/empty. A temporary workaround is either to remove the SYSTEM ACE: $ setfacl -d g:18: /var/empty or to change /etc/sshd_config not to use privilege separation: UsePrivilegeSeparation no However, this is obviously a problem for all existing installations. OpenSSH 6.7p1 will be released pretty soon. I will add a postinstall script which removes the SYSTEM ACE from /var/empty at installation time. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --ZPt4rx8FFjLCG7dd Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUAPQGAAoJEPU2Bp2uRE+gbEQP/3wWrGv9C2edBQPHYlFOrt3w gQPwFDo4mYaG981o/N/tFdxIpWZKzjra174/cPQ7tj/BL8i9rzHOUZwREZKMNUIk lAPvSTFTlwjpB7XA9KqU4Sgb+e2EaqgYn4YQVdtZa+kH/Z7GCS3/x7fa7/OGQjV3 L5FQ/IOj8ZWkQ/vjwEU/RnT1+z3eaBt40Xubyt6VA8tAc/syExL5SCe01yKFHg/G ++mQuaMh3eBfEVZROz+W2DJC8bEcDerReHy+54m6ELscMeIIA1Moog3s95hQgqGI mPOTf+cpQee/qctl+rWWKxPg1hrnVc/y+Dqd8OuP79LoXdO6H/U64jDZI+Qx+jZ6 YxCTIR12Zwj0iULVGSBsUWZ5pO/VB/EFLS+mBkzeBWK4Q9ihuCjky8+iBIwHc4T/ DHoWjAQOJHSB+wtYCClupZttoX6PS3LO2R/5l4jy0sNfzM410U3engp5KpwUHeSI JprzShpVzJvffoLkzrykmTNzTd6QlHG8nZoiltHcNB5B/TVFtrA0+8myEVXjH4cw 2e506omFln7Eii/F8Ro9xfYRpefNXCtCCcsonPCC7U3Qn+FXLTEF1jVWvKXsG0LQ sh/hCtPgZ2A0hixNXotkdpdyXrlqrg3SPXWLtUZ+F+lsKntjvkXoz9gYvaIG3CG9 397+xL7JDZKnH2rmP8Yp =WkMA -----END PGP SIGNATURE----- --ZPt4rx8FFjLCG7dd--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |