X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:references:in-reply-to:subject:date
	:message-id:mime-version:content-type:content-transfer-encoding;
	q=dns; s=default; b=esyBv/zTxb7NNGxFQwgmvyGYIIKDqnufztOhHTMwraW
	RtwQfNt8vCHomNSz+RcXHrKNs/sKyCDlmCFuCoc8+QkxBIDggaBKQgp0VUm1LD2T
	e4EH5s2MKfkiQ237C1GtVpcQzvTpxeOayFCg6NoSXfY3wg60F4/VTT2yJ2OsPjFw
	=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:from:to:references:in-reply-to:subject:date
	:message-id:mime-version:content-type:content-transfer-encoding;
	s=default; bh=Kf3VYpQYY5dK0ODX/0ikSjjvwmQ=; b=KMJg6AcYyWaZqKHMI
	4RXv8YRhY2ed4JYEVsyP7PpLPABVuw8Cpk4bJLTQg8zeRcw3HDNomatL2HdzS6hY
	MDZpSpBgPO13qgwZ22fdiqlrZtQvLHrFZkbpubNrAgk3LjYf5qM2CRo1yERThFss
	zPvP5GtOrcMigugjT/bgpUb80o=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=2.0 required=5.0 tests=AWL,BAYES_00,CYGWIN_OWNER_BODY,MSGID_MULTIPLE_AT,RCVD_IN_DNSWL_LOW,SPF_PASS,T_RP_MATCHES_RCVD autolearn=no version=3.3.2
X-HELO:	nschwmtas05p.mx.bigpond.com
X-Authentication-Info:	Submitted using ID max DOT rockliff AT bigpond DOT com
X-Authority-Analysis:	v=2.0 cv=XNWyuHdE c=1 sm=1 a=6VslrNzXsdlmF2QCmrgadw==:17 a=IkcTkHD0fZMA:10 a=1IlZJK9HAAAA:8 a=w_pzkKWiAAAA:8 a=SrNjKDVLcK70tPbep4IA:9 a=QEXdDO2ut3YA:10 a=6VslrNzXsdlmF2QCmrgadw==:117
From:	"Max Rockliff" <max DOT rockliff AT bigpond DOT com>
To:	<cygwin AT cygwin DOT com>
References:	<003601d05be4$d2574470$7705cd50$@rockliff AT bigpond DOT com> <20150311111729 DOT GW5732 AT calimero DOT vinschen DOT de>
In-Reply-To:	<20150311111729.GW5732@calimero.vinschen.de>
Subject:	RE: Non-privileged use can't logon
Date:	Wed, 11 Mar 2015 19:47:30 +0800
Message-ID:	<004e01d05bf1$2897d730$79c78590$@rockliff@bigpond.com>
MIME-Version:	1.0
X-IsSubscribed:	yes
X-MIME-Autoconverted:	from quoted-printable to 8bit by delorie.com id t2BBluPU009603

Ok.  Let's see if I can answer all your questions.

I'm logging on with a password
I'm running 32bit Vista Ultimate - Windows6.06.6002, Service Pack 2 (sorry, I think I said Home Premium before)
I installed the 32 Cygwin using setup-x86.exe
icacls c:/Windows/System32/userenv.dll produces the following
	c:/Windows/System32/userenv.dll NT SERVICE\TrustedInstaller:(F)
              	           		  BUILTIN\Administrators:(RX)
                       	       	  NT AUTHORITY\SYSTEM:(RX)
                          	        BUILTIN\Users:(RX)

For comparison the following is the output from an ls -l command on the same file, but it appears o be similar.
	$ ls -l c:/Windows/System32/userenv.dll
	-rwxr-xr-x 3 Max None 108544 Apr 11  2009 c:/Windows/System32/userenv.dll

The local Windows account I'm using is call 'st' and it is a member of the Users group (which appears to have Read eXecute privilege, exactly the same as the local group, Administrators.  Hmmmm...

Any ideas?

Thx
Max

-----Original Message-----
From: cygwin-owner AT cygwin DOT com [mailto:cygwin-owner AT cygwin DOT com] On Behalf Of Corinna Vinschen
Sent: Wednesday, 11 March 2015 7:17 PM
To: cygwin AT cygwin DOT com
Subject: Re: Non-privileged use can't logon

On Mar 11 18:19, Max Rockliff wrote:
> Hi,
> 
> I'm raising this question again, after having removed CYGWIN SSHD and 
> resinstalled.
> 
> I am unable to execute an SSH <user>@localhost.  I am prompted for the 
> password and successfully logged on, only to receive an error message 
> (see
> below) and the session closed immediately.
> 
> Error Message:
> 1 [main] sshd 8284 C:\cygwin\usr\sbin\sshd.exe: *** fatal error - 
> unable to load C:\Windows\system32\userenv.dll, Win32 error 1114 
> Connection to localhost closed.

We saw this error on and off for a couple of years and it was never quite clear what the underlying problem is, given that we have no way to check what the DLLs are doing.  In some cases changing cyg_server to a domain account fixed the problem, but that's obviously not your problem.

What's new is the fact that it affects userenv.dll.  This DLL wasn't used by Cygwin until 1.7.34, which introduced a way to merge the user's Windows environment after switching the user context.

> My Cygwin installation is on a Vista Home Premium (yes I know it's an 
> old OS), but the version I've been running for the past 3 years worked 
> perfectly.
> 
> The most interesting observation is that the logon works *if* I make 
> the user a member of the local Administrators group.
> 
> The Win32 1114 is a failure to initialise the dll.  The observed fact 
> that logging on with an administrator user account works, suggests 
> that it is a Windows privilege problem.  However, I would have thought 
> that the privilege should rest with the SSHD service account, 
> cyg_server, which is an Administrator and nothing to do with the user 
> account trying to logon through the SSH command.

Not quite.  The environment merge occurs inside the user process started from sshd, so only this process calls functions from userenv.dll.

Are you usually logging in with password or with pubkey authentication?

Is that 32 bit or 64 bit Vista?  If the latter, with 32 bit or 64 bit Cygwin?

What does `icacls c:/Windows/System32/userenv.dll' print?


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -