| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:subject:mime-version:content-type:from | |
| :in-reply-to:date:cc:message-id:references:to; q=dns; s=default; b= | |
| ihTIwF9R0aWjU+FGUiqXVkqePX5aSb7bVq0YVChQSibz+8I/8+kv3w91wnf6WNJu | |
| WtvD+bUzCPKInNJJKHnNNYSP+T65XKyAsjqB0/13IAEzYj/dlTD/JYftCz6EOtWQ | |
| j+W2vqTBFtnwhbf7ADMFSjFQ64bpk4gbCZOCQXryMpU= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:subject:mime-version:content-type:from | |
| :in-reply-to:date:cc:message-id:references:to; s=default; bh=mJm | |
| cWlc7D7xpo5qxOjE40zrJV+I=; b=ePr3+e0AAiQZBrwb8MAhuSgfvL560809mli | |
| ICjHIbatarjKsO5FYJJfLKEknykG2oe65I9eOl4Vh6fRwW4xhbpb0Ydgb4DGxtul | |
| mkYb3cHFDdc1Zbj24KmphNqujhyfm9MTrgEAqNEl12uWj2qbpI6C+KQsb7/N8Gjo | |
| 8BKEZWkg= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=2.8 required=5.0 tests=AWL,BAYES_50,KAM_LOTSOFHASH,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=fun!, moore, Moore, Ben |
| X-HELO: | mail-wm0-f48.google.com |
| X-Google-DKIM-Signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:mime-version:from:in-reply-to:date:cc :message-id:references:to; bh=r7gQEF6Hh2fvwxK967u4gtF3QQuKbXnc8Hwn3g9tMz8=; b=akKJuNrrX7EegfXFVP/jvyufLwla8StPRzOkhESMbFLfuLR0Q9ZNpI1FMxhpWxv65j r3brrpGbMcOc1kkGguzkLV8GnRsXTMG1RJ2rYhqzcFNVFLJGOm6f4vvrQygOhzeM+98G 62uZOdqqkc+VpM0q382A13XQpsydErFkhRXKr9+PtL4StFyHtlpR+Zh7b4+u8D2VqKaM +kDk8/B53YG75fCimFTZpmifyaQipkDuSE1MLVRZN1BCSpqUZ9l3yC55OO/SaXevDmzc 4iHaD0bh8bo67WvGMITqpJv7cUnumkX/LPaN44EPJBXdXqypUU+XeWkRPmKwR66C54J1 z8iQ== |
| X-Gm-Message-State: | AD7BkJIUi0neQ3GJDTsCmSF2xlwPDRAC+nttgWQuuxeDgembXSDglGfWdofPMitANbu/fkbZ |
| X-Received: | by 10.194.110.225 with SMTP id id1mr396596wjb.45.1459451613694; Thu, 31 Mar 2016 12:13:33 -0700 (PDT) |
| Subject: | Re: strange cygwin sshd user generated (user name includes machine name) |
| Mime-Version: | 1.0 (Mac OS X Mail 9.2 \(3112\)) |
| X-Pgp-Agent: | GPGMail 2.6b2 |
| From: | Peter Moore <pmoore AT mozilla DOT com> |
| In-Reply-To: | <1008ED46-5F9D-4AC3-82AA-C3F1A1069F44@mozilla.com> |
| Date: | Thu, 31 Mar 2016 21:13:31 +0200 |
| Cc: | Brian Mc George <b DOT mcgeorge AT hotmail DOT com>, |
| Ben Stragnell <ben DOT stragnell AT activision DOT com>, | |
| Jim Leitch <jim DOT leitch AT sunningdale DOT nl> | |
| Message-Id: | <27FD8338-4786-49B5-AF73-554F9DA59FB8@mozilla.com> |
| References: | <E7EAC5BC-C386-448C-B40D-53A1096374F2 AT mozilla DOT com> <1008ED46-5F9D-4AC3-82AA-C3F1A1069F44 AT mozilla DOT com> |
| To: | cygwin AT cygwin DOT com |
--Apple-Mail=_53BF1483-1523-47F7-AA2E-4D654CCEE557
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=utf-8
RESOLVED! =3D)
I=E2=80=99m happy to report Brian McGeorge found a solution, which was kind=
ly passed on to me via Ben Stragnell. The answer is to set the environment =
variable LOGONSERVER to \\%COMPUTERNAME%.
This works by not executing the body of the if statement in: https://cygwin=
.com/git/gitweb.cgi?p=3Dcygwin-csih.git;a=3Dblob;f=3Dcygwin-service-install=
ation-helper.sh;h=3D10ab4fb6d47803c9ffabdde51923fc2c3f0496bb;hb=3D7ca191beb=
b52ae414bb2a2e37ef22d94f2658dc7#l2884
(lines 2884 to 2890)
My working user data now looks like this (note - you need to see both links=
for context - different parts of the same user data file).
* https://github.com/taskcluster/generic-worker/blob/b0786db002921d3ec7=
d40053ac2e6799679ab290/worker_types/win2012r2/userdata#L4
* https://github.com/taskcluster/generic-worker/blob/b0786db002921d3ec7=
d40053ac2e6799679ab290/worker_types/win2012r2/userdata#L81-L101
The addition to the powershell script was simply:
$env:LOGONSERVER =3D "\\" + $env:COMPUTERNAME
I can confirm this fix works! Thanks again to Brian and Ben. =3D)
Pete
> On 03 Oct 2015, at 20:27, Peter Moore <pmoore AT mozilla DOT com> wrote:
>=20
> After a little bit more digging, I think the cygwin name is coming from t=
he output of getent here:
>=20
> https://cygwin.com/git/gitweb.cgi?p=3Dcygwin-csih.git;a=3Dblob;f=3Dcygwin=
-service-installation-helper.sh;h=3D10ab4fb6d47803c9ffabdde51923fc2c3f0496b=
b;hb=3D7ca191bebb52ae414bb2a2e37ef22d94f2658dc7#l2705
>=20
> At this point, I=E2=80=99m not sure what causes getent to return differen=
t values when run in automation, and when run manually. I wonder if there i=
s some kind of race condition, such that some subsystem is still updating a=
t the point I install cygwin sshd.
>=20
> For reference, this is the powershell script, see lines 77 onwards:
> https://hg.mozilla.org/try/file/4905af7c52e5/testing/taskcluster/worker_t=
ypes/win2012r2/aws_userdata
>=20
> Thanks!
> Pete
>=20
>=20
>=20
>> On 03 Oct 2015, at 19:12, Peter Moore <pmoore AT mozilla DOT com> wrote:
>>=20
>> Hi,
>>=20
>> I have a powershell script for installing cygwin and setting up sshd whi=
ch I am using as UserData when firing up a Windows 2012 R2 instance in AWS =
EC2.
>>=20
>> The same command succeeds when run manually, but fails when called from =
automation. I=E2=80=99m trying to understand what it is that is different, =
so I can fix it in automation.
>>=20
>> The command called is:
>>=20
>> ssh-host-config -y -c 'ntsec mintty' -u 'cygwinsshd' -w 'qwe123QWE!@#'
>>=20
>> When I run manually, logged in as Administrator, I get a log line like t=
his (notice the correct =E2=80=9CCygwin name=E2=80=9D):
>>=20
>> *** Query: Create new privileged user account 'WIN-EFPDIM0SAUP\cygwinssh=
d' (Cygwin name: =E2=80=98cygwinsshd')? (yes/no) yes
>>=20
>> When I run from automation, the log line looks like this (notice the inc=
orrect =E2=80=9CCygwin name=E2=80=9D):
>>=20
>> *** Query: Create new privileged user account 'WIN-EFPDIM0SAUP\cygwinssh=
d' (Cygwin name: 'win-efpdim0saup+cygwinsshd')? (yes/no) yes
>>=20
>> It seems the extended =E2=80=9CCygwin name=E2=80=9D which I get in autom=
ation causes ssh-host-config to fail. I=E2=80=99m trying to establish what =
causes the cygwin name to get the prefix of the machine name, since this se=
ems to cause the problem.
>>=20
>> For reference, below I=E2=80=99ve put the logs in both the successful (m=
anual) case, and the failing (automated) case.
>>=20
>> If anyone can point me to the source code of ssh-host-config I=E2=80=99m=
also happy to dig - I couldn=E2=80=99t find it online. So if you=E2=80=99r=
e not sure, but know where the source is, I=E2=80=99m happy to look.
>>=20
>> Many thanks in advance!
>> Pete
>>=20
>>=20
>>=20
>> SUCCESSFUL run (when executed manually):
>>=20
>> *** Query: Create new privileged user account 'WIN-EFPDIM0SAUP\cygwinssh=
d' (Cygwin name: =E2=80=98cygwinsshd')? (yes/no) yes
>> *** Info: User =E2=80=98cygwinsshd' has been created with password 'qwe1=
23QWE!@#'.
>> *** Info: If you change the password, please remember also to change the
>> *** Info: password for the installed services which use (or will soon us=
e)
>> *** Info: the =E2=80=98cygwinsshd' account.
>>=20
>> *** Info: The sshd service has been installed under the =E2=80=98cygwins=
shd'
>> *** Info: account. To start the service now, call `net start sshd' or
>> *** Info: `cygrunsrv -S sshd'. Otherwise, it will start automatically
>> *** Info: after the next reboot.
>> *** Info: Host configuration finished. Have fun!
>>=20
>>=20
>> FAILED run (when called in automation):
>>=20
>> *** Query: Create new privileged user account 'WIN-EFPDIM0SAUP\cygwinssh=
d' (Cygwin name: 'win-efpdim0saup+cygwinsshd')? (yes/no) yes
>> *** Info: User 'win-efpdim0saup+cygwinsshd' has been created with passwo=
rd 'qwe123QWE!@#'.
>> *** Info: If you change the password, please remember also to change the
>> *** Info: password for the installed services which use (or will soon us=
e)
>> *** Info: the 'win-efpdim0saup+cygwinsshd' account.
>>=20
>> *** Warning: Setting password expiry for user 'win-efpdim0saup+cygwinssh=
d' failed!
>> *** Warning: Please check that password never expires or set it to your =
needs.
>> No user or group 'win-efpdim0saup+cygwinsshd' known.
>> *** Warning: Assigning the appropriate privileges to user 'win-efpdim0sa=
up+cygwinsshd' failed!
>> *** ERROR: There was a serious problem creating a privileged user.
>>=20
>=20
--Apple-Mail=_53BF1483-1523-47F7-AA2E-4D654CCEE557
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQEcBAEBCAAGBQJW/XbbAAoJEIKV/ne0df68w9wIAMZ8SGNNAvBtPlaVFx+zenHa
X6nBnOfEFWpoOwi4cAFK+piIBQmIVJJTZM0b82I2sIVuNOZ/jqokrACa5AXwbvfC
VZmfv2ZKCUTkh1XfDbhpvzyJYcSCa+iwzOmgsXB8JGohMEJXXepQcNIP9epU6ZHh
07OGD58E4nxrx5x33/hdlMrW2eWXh163Fv1+lEbKVWMVAGXX0iNKokUcx6T21nlq
fz9+uOxVYrNMlHCDa1qokc7V1lApBDTuc2N11hvP97mT7mK1f/dM0P/I4JFHjz4e
WrG+BYb6S+hkqmWq/bpEVlLLTdK+tTjYtRd21jVQ1b1INOx0f1aWiqSO4sf6U6c=
=M/+p
-----END PGP SIGNATURE-----
--Apple-Mail=_53BF1483-1523-47F7-AA2E-4D654CCEE557--
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |