X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:message-id:from:to:subject:references
	:in-reply-to:content-type; q=dns; s=default; b=dh+32RYq2QEcEET3p
	/JM0pn1oO/m/dKvd93ZOk5ieZRBnt46da6ZbNFWUEsQAcuBZ35LxcCde1jYtQKSf
	zg/3mcArBivjM6kifY9tWU47KxDOiIsMYaLFqjEE17qQpYj/dKz8DWur89qdCZWC
	j3QAS9RECKDLAu0s/eg0T8nRRw=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:message-id:from:to:subject:references
	:in-reply-to:content-type; s=default; bh=Yhu7nx3URG9NSP7asZEqge5
	HzHs=; b=whEZAkfe12nQ3/sOpuJLrwnWmI9nJ/oGysJp+L53zHYWADEi3+kyWtr
	6DvDxSHZxDb/4WJ4wAUxXsyb74ADGA+PVUEGdvkd0gTOTuqZKkXEmJDC59JsXUeU
	sw+uWXpGKsMqUYsxDQu+ak2nP4Zw0IQKcgUaL6ohv16OVkdg8Fjk=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=2.0 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_2,RCVD_IN_DNSWL_LOW,SPAM_BODY1,SPF_PASS autolearn=no version=3.3.2 spammy=1680, i.s.o, UD:i.s.o, UD:s.o
X-HELO:	lb2-smtp-cloud2.xs4all.net
Date:	Sat, 27 May 2017 23:23:57 +0200
Message-ID:	<7d9f30328b3d2de60cd383dbcca55312@smtp-cloud2.xs4all.net>
From:	Houder <houder AT xs4all DOT nl>
To:	cygwin AT cygwin DOT com
Subject:	Re: Installing sshd on W7 reveals errors in CSIH_SCRIPT -- patch file against master
References:	<c50589c74b974315dd7756109e270c74 AT xs4all DOT nl> <a2907cfe582879ff35f5357cf937c279 AT xs4all DOT nl>
In-Reply-to:	<a2907cfe582879ff35f5357cf937c279@xs4all.nl>
User-Agent:	mua.awk 0.99

On Sat, 27 May 2017 14:01:09, Houder wrote:
> --=_f8e475c11eb2497bb7b3a74fbbff7888
> Content-Transfer-Encoding: 7bit
> Content-Type: text/plain; charset=US-ASCII;
>  format=flowed
> 
> On 2017-05-26 21:35, Houder wrote:
> > Hi,
> > 
> > Installing sshd on W7 reveals errors in CSIH_SCRIPT ...
> > 
> > CSIH_SCRIPT = /usr/share/csih/cygwin-service-installation-helper.sh
> 
> Retrieved CSIH_SCRIPT from the master (January 19 2017) here:
> 
>      https://cygwin.com/git/?p=cygwin-apps/csih.git;a=summary
> 
> Attached patch file against master ...

Oh, by the way ...

My sshd daemon works flawlessly on W7 ... despite the fact the I am still
using /etc/passwd and /etc/group as the "database" (i.s.o. Windows' SAM).

(despite F-Secure SAFE, being a mandatory requirement for my machine).

(and, of course, despite the consequences of the errors in CSIH_SCRIPT; I
 took care of them).

Regards,

Henri

-----
/etc/nsswitch.conf:

# 31 10 2014

# "db" = any 'place' where Windows keeps account info (my case: local SAM?)

# as far as I can tell, the next two lines forces the Cygwin1.dll to retrieve the account
# info solely from /etc/passwd and /etc/group, i.e. Windows' "db" is ignored ...
#
passwd: files
group: files

# as far as I can tell, this line applies to getent (i.e. getpwent() and getgrent())
db_enum: files

/etc/passwd:

SYSTEM:*:18:18:U-NT AUTHORITY\SYSTEM,S-1-5-18:/home/SYSTEM:/bin/bash
LOCAL SERVICE:*:19:19:,S-1-5-19:/:/sbin/nologin
NETWORK SERVICE:*:20:20:,S-1-5-20:/:/sbin/nologin
Administrators:*:544:544:,S-1-5-32-544:/:/sbin/nologin
..
cyg_server:*:1014:513:Privileged server,U-Seven\cyg_server,S-1-5-21-91509220-1575020443-2714799223-1014:/var/empty:/bin/bash
Henri:*:1000:513:U-Seven\Henri,S-1-5-21-91509220-1575020443-2714799223-1000:/home/Henri:/bin/bash
..
sshd:*:1013:513:U-Seven\sshd,S-1-5-21-91509220-1575020443-2714799223-1013:/var/empty:/bin/bash

/etc/group:

SYSTEM:S-1-5-18:18:
..
Administrators:S-1-5-32-544:544:
..
None:S-1-5-21-91509220-1575020443-2714799223-513:513:
..

@@ ls -ld ~ ~/.ssh
drwxr-xr-x+ 1 Henri None 0 May 27 08:16 /home/Henri
# modified by me? (744 => 700) ... not really required ...
drwx------+ 1 Henri None 0 May 26 13:22 /home/Henri/.ssh

@@ ls -l /etc/ssh*
-rw-r--r-- 1 cyg_server Administrators 1680 May 26 13:15 /etc/ssh_config
-rw------- 1 cyg_server Administrators  668 Jul 25  2016 /etc/ssh_host_<X-key>
-rw-r--r-- 1 cyg_server Administrators  601 Jul 25  2016 /etc/ssh_host_<X-key>.pub
-rw-r--r-- 1 cyg_server Administrators 3225 May 26 16:44 /etc/sshd_config

@@ ls -ld /var/empty /var/run
drwxr-xr-x+ 1 cyg_server Administrators 0 May 26 12:45 /var/empty
drwxrwxrwt+ 1 Henri      None           0 May 26 21:28 /var/run

 - "/var/empty must be owned by root and not group or world-writable."
 - that is, owned by "cyg_server" (the privileged account, acting as the root user here)

@@ ls -l /var/run
-rw-r--r-- 1 cyg_server None   5 May 27 07:54 sshd.pid
# modified permissions to 660 for aestetic reason only
-rw-rw---- 1 Henri      None 640 May 26 18:50 utmp

@@ ls -l /var/log/sshd.log # file exists if one has redirected the output of sshd.exe ...
-rw-r--r-- 1 cyg_server None 1767 May 26 21:28 /var/log/sshd.log

@@ getfacl /var/tmp # relevant here is ownership by cyg_server ...
# file: /var/empty
# owner: cyg_server
# group: Administrators
user::rwx
group::r-x
group:SYSTEM:r-x
group:Administrators:r-x
mask:r-x
other:r-x
default:user::rwx
default:group::r-x
default:other:r-x

@@ getfacl /var/run
# file: /var/run
# owner: Henri
# group: None
# flags: --t
user::rwx
group::rwx
group:SYSTEM:rwx
group:Administrators:rwx
mask:rwx
other:rwx
default:user::rwx
default:group::r-x
default:other:r-x

=====


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -