X-Recipient: archive-cygwin@delorie.com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 2ED5C3857C5B
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1633080245;
	bh=pPoG2LMq7oz9pt0BAzMLLo2FVeGL14Qt04dMJsx5Kkk=;
	h=Subject:To:References:Date:In-Reply-To:List-Id:List-Unsubscribe:
	 List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:
	 From;
	b=CpFWuxzPa50NJy5CwYDkCpyTLV4nP2kZJB9CLSTnWC43ue4Z15omPTETExVI2s1dE
	 WK/KAzpNiZ8GbPFzJum5wSPSx2Un5DxUdmo4HothFyZWz7k8Ushe2ERY8KO75dYH6c
	 oPzyvlsRUv79SUS1NY9k+eet6UWGuwnLREpFniIQ=
X-Original-To: cygwin@cygwin.com
Delivered-To: cygwin@cygwin.com
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org B09CF3858C2C
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:subject:from:to:references:message-id:date
 :user-agent:mime-version:in-reply-to:content-language
 :content-transfer-encoding;
 bh=nxzwcjBpdaiLyGmoT6CcPVmRkCNBa6nZfEfEMzAWU+I=;
 b=wnR/kRVF8O5uQw++yvXvsR0Mq32D7OjqNSL+f9Y/uyv7MxUYMKklAQu7hmvqnU6JPX
 MZZZ3wBuUG/D6nOcm+ttp1+L+ieoPHkFSVYD8X+uX5J8CqvCxDkmGzQ9ygYj7wnecTfk
 vUf2N5v7Q2qQCUptbCnc0BVGf9N1IfekAH5aANA+kqlM079juJvFVaBOGG8KvmuTvtVW
 hZAwsyflxhLcw5NdAMTUbz+gGZGbjahSmYnAb6aRhuE4dyTw4xTGxo5HnXCnE/fNOU+v
 M/7lxrf7cfZtD4pqcFe0CYN779WfDW7VmoR5s45IUwfwDU4yqKurblueM+us+LVhWCKa
 HcvQ==
X-Gm-Message-State: AOAM531zQWfFurBfvpHbstgHKTf5aK5YxKpIzsZcI8RK28IYUm5VJfOM
 mcVpB6rsD7XY65PdQNc4FYRzIkLErV4=
X-Google-Smtp-Source: ABdhPJzltv8/hywNyT4+K6eVmbywWcDTFdZ2k156q9QitH6eTObJjol2rEnTQbWLMWT/X5t79DoPoA==
X-Received: by 2002:ac8:4e30:: with SMTP id d16mr11719100qtw.309.1633080215071; 
 Fri, 01 Oct 2021 02:23:35 -0700 (PDT)
Subject: Re: xinetd: PID 2280: Service tftp missing attribute user - DISABLING
To: cygwin@cygwin.com
References: <512182d8-7c0a-a003-e3b6-aea9f73580a3@gmail.com>
Message-ID: <78f93689-d469-92f3-7187-91ced70b2058@gmail.com>
Date: Fri, 1 Oct 2021 12:23:31 +0300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
 Thunderbird/78.14.0
MIME-Version: 1.0
In-Reply-To: <512182d8-7c0a-a003-e3b6-aea9f73580a3@gmail.com>
Content-Language: ru
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, NICE_REPLY_A,
 RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.4
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on
 server2.sourceware.org
X-BeenThere: cygwin@cygwin.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin@cygwin.com>
List-Help: <mailto:cygwin-request@cygwin.com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request@cygwin.com?subject=subscribe>
From: ilya Basin via Cygwin <cygwin@cygwin.com>
Reply-To: ilya Basin <basinilya@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cygwin-bounces+archive-cygwin=delorie.com@cygwin.com
Sender: "Cygwin" <cygwin-bounces+archive-cygwin=delorie.com@cygwin.com>

Upd:

1)
There was a typo in the sed script. The correct one is:

    mkpasswd.exe | sed 's/^[^:]*\(cyg_server\):/\1:/;t;d'

I also had to do the same for the unprivileged user "tftpd" created by /usr/bin/tftpd-config

2) 
After being successfully started by xinetd the tftp server logs to Windows Event log:

    tftpd: PID 2844: cannot drop privileges: No error 

and in the Audit log there is a deny message with:

    FailureReason %%2310 Account currently disabled.

Workaround:

    net user tftpd /active:YES

and it makes me wonder how it worked in older versions. The user is created by csih_create_unprivileged_user() with the command:

    net user "${unpriv_user}" \
                    /homedir:"${dos_var_empty}" \
                    /comment:'<cygwin home="/var/empty" shell="/bin/false"/>' \
                    /add /active:no



On 01.10.2021 10:21, ilya Basin wrote:
> Hi. I installed xinetd and tftp-server recently, ran xinetd-config and tftpd-config, and enabled /etc/xinetd.d/tftp. However, I was getting the following error in Windows Event log:
> 
>     xinetd: PID 2280: Service tftp missing attribute user - DISABLING
> 
> Workaround:
> 
>    # The xinetd user name must exist in /etc/passwd
>    # We have to strip "MYHOST+" from "MYHOST+cyg_server" to make xinetd match the entry
>    mkpasswd.exe | sed 's/^[^:]*\(cyg_server\):/\1/;t;d' >>/etc/passwd
> 
> Commenting "user=cyg_server" is not needed and won't help because then xinetd looks for the current user in /etc/passwd
> 
> By the way, cygsshd runs fine as NT_AUTHORITY\SYSTEM on Windows 10 and can serve both local and domain users. I just had to strip the machine prefix in /etc/passwd for the local users. Perhaps /usr/share/doc/Cygwin/xinetd.README is outdated?
> 

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple