delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2017/03/10/08:36:42

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:subject:references:to:from:message-id:date
:mime-version:in-reply-to:content-type
:content-transfer-encoding; q=dns; s=default; b=as4bAM9LjR6O6CVk
HpzY4QuMPAMjEOpWd5U8lwG8grpqTwuuMf/lv7ewrU2xBqzrK2eDAztw9G0PGvmj
tyuVxBi/Wh0LNjd32merzDqEoVefGH1N9z0xfOqfqGy0OQBqpn9rGSqGDR7GfMxr
yfnYxb8fgpyQFqpaujITFAy0IYI=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:subject:references:to:from:message-id:date
:mime-version:in-reply-to:content-type
:content-transfer-encoding; s=default; bh=XRj7qUwsn+UmrN3bLWiaEA
Z6bQY=; b=XxCWUPMSrqdsGCdPqpkq6bKr+gYbWCyU7sUXGm2KY36oIa2KnqoJ8L
Zff0/eU4DRbetvsjQdpzz8QGFgO5c5JNPRm97g330HkG8UCTDY4z7r6K5O869+5l
vYHjm3NWDLObQPR302YrBV1QNNfMSB6vdJa7q1jnF1Xr8LFOUNgUA=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-6.7 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,GIT_PATCH_2,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=lan, 545, H*Ad:U*don, Enterprise
X-HELO: mail-pf0-f175.google.com
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:subject:references:to:from:message-id :date:user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=31YRNXAm5s/3T4+4MKLfi9uyBAaV+i+7f9trTZum8VM=; b=ddGd1FoFhmyjB0UwzpcNQQaiEADX5Yio7KzCHpH8KOqK/JJ7fSpWrMG6eRE3XGt+GX TO/NUS7LFvLI9fCqcWdGOpxvQ4TH+d985QhOmHML3XMV9Dm+e8cNRfHjxCiwO/T0bglJ Aq7EH0N448JJb8dnImEbu+E1whYg7evi9b4AbKtYfM7RLBzsLLKOa5/8aQOQ19B0K7AZ OEwk6MFd9VSM3yVJGkBRzYhhX02xKOklktqqdGwqWS1RBn9tGBIrYvAEW/qzJz5j6LZU f+CuCAFz8nSvS88qWdd3CpyT3rp5ehznYqauqWIZaeWID0oS5u+I+guoNmZlvI4jP3Xu p2+g==
X-Gm-Message-State: AMke39mCu3xrPtEKlezwbbs13BeNTvl5vsMDPhAlBdma0HMuZ7Z7Go5LAV6ZAjP3TFMRfw==
X-Received: by 10.98.160.84 with SMTP id r81mr21266922pfe.71.1489152983406; Fri, 10 Mar 2017 05:36:23 -0800 (PST)
Subject: NTFS permissons bug?
References: <3b0c4285-0e88-ac73-b1c4-63ce193920cb AT beusee DOT com>
To: Cygwin <cygwin AT cygwin DOT com>
From: Don Beusee <don AT beusee DOT com>
X-Forwarded-Message-Id: <3b0c4285-0e88-ac73-b1c4-63ce193920cb AT beusee DOT com>
Message-ID: <aa070473-b2fa-dae5-2132-31fdeab6e5e8@beusee.com>
Date: Fri, 10 Mar 2017 05:40:21 -0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <3b0c4285-0e88-ac73-b1c4-63ce193920cb@beusee.com> 

I'm having a problem with openssh on cygwin.  When I'm logged into 
windows, things are fine, even in a cygwin64 window:

dbeusee2 AT lan /e
$ cd ppscvsroot/

dbeusee2 AT lan /e/ppscvsroot
$ id
uid=1049863(dbeusee2) gid=1049089(Domain Users) groups=1049089(Domain 
Users),545(Users),4(INTERACTIVE),66049(CONSOLE LOGON),11(Authenticated 
Users),15(This 
Organization),66048(LOCAL),1050040(vpn-demo),1050138(CVS-PPS 
users),1049743(PPUser),1050137(CVS Users),1049741(Sharepoint 
AllUsers),401408(Medium Mandatory Level)

dbeusee2 AT lan /e/ppscvsroot
$ getfacl /e/ppscvsroot/
# file: /e/ppscvsroot/
# owner: Administrators
# group: Domain Users     <--------- where is this coming from?  I have 
removed this from the permissions!  Is this cached somewhere?
user::rwx
group::---
group:SYSTEM:rwx
group:CVS-PPS users:rwx
mask:rwx
other:---
default:user::rwx
default:group::---
default:group:SYSTEM:rwx
default:group:CVS-PPS users:rwx
default:mask:rwx
default:other:---


dbeusee2 AT lan /e/ppscvsroot
$ ls -ld /e/ppscvsroot/
drwxrwx---+ 1 Administrators Domain Users 0 Mar  9 19:02 /e/ppscvsroot/

dbeusee2 AT lan /e/ppscvsroot
$


But when I ssh into it, things are not fine:

dbeusee AT pp165 ~/.ssh
$ ssh dbeusee2 AT lan
Last login: Thu Mar  9 20:30:05 2017 from 192.168.104.74

dbeusee2 AT lan ~
$ id
uid=1049863(dbeusee2) gid=1049089(Domain Users) groups=1049089(Domain 
Users),11(Authenticated Users),66048(LOCAL),66049(CONSOLE 
LOGON),4(INTERACTIVE),15(This 
Organization),545(Users),1050040(vpn-demo),1049743(PPUser),1050137(CVS 
Users),1049741(Sharepoint AllUsers),401408(Medium Mandatory Level)

dbeusee2 AT lan ~
$ cd /e/ppscvsroot/
-bash: cd: /e/ppscvsroot/: Permission denied

dbeusee2 AT lan ~
$ ls -ld /e/ppscvsroot/
drwxr-x--- 1 Unknown+User Unknown+Group 0 Mar  9 19:02 /e/ppscvsroot/

dbeusee2 AT lan ~
$

I noticed in the "id" output in the problem ssh session, this group is 
missing: "1050138(CVS-PPS users)".  Could this be the reason?  Is sshd 
not doing group recursion?  The dbeusee2 username is a member of CVS 
Users, which has access to more CVS repositories than CVS-PPS Users.

And what's up with the Unknown+User and Unknown+Group in the ssh 
session's ls command output?

This system (lan) is running WS 2016 STD.  CVS Users group is a member 
of CVS-PPS group in AD (WS Enterprise 2003 R2).  The ppscvsroot folder 
is given access to CVS-PPS Users group. Domain Users used to be granted 
to ppscvsroot, but I removed that so that CVS-PPS Users would control 
the access.  Why am I not able to access the folder from the ssh session?

How do I solve this problem?

Version of OpenSSH (from cygwin) is:

dbeusee2 AT lan ~
$ ssh -V
OpenSSH_7.4p1, OpenSSL 1.0.2k  26 Jan 2017

Version of cygwin:

dbeusee2 AT lan ~
$ uname -a
CYGWIN_NT-10.0 lan 2.7.0(0.306/5/3) 2017-02-12 13:18 x86_64 Cygwin

Please advise.

-Don




--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019