Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin AT sources DOT redhat DOT com
Message-Id: <3.0.5.32.20010710141111.0091b580@mail.chus.qc.ca>
X-Sender: lhubert AT mail DOT chus DOT qc DOT ca
X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.5 (32)
Date: Tue, 10 Jul 2001 14:11:11 -0400
To: cygwin AT sources DOT redhat DOT com
From: Laurent Hubert <laurent DOT hubert AT chus DOT qc DOT ca>
Subject: incoherence of system uid between inetd, cron and openssh
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id OAA27999

Hi, 

The following present the summary of various tests using inetd, cron and
openssh.
It shows some inconsistencies with the choice of the system uid value for
these packages when all services are attempted do be started with the
system account and that CYGWIN environement variable  is set to "ntsec
tty".  It seems that openssh prefered that system uid=0, while cron asks
for system uid =18.

For these test, I use the fact that the system account uid can be set to
"0" or "18" in /etc/passwd

1- 
While starting services with system uid = 18, cron and inetd will work but
a connection with ssh will give on the client side.


****************************************************************************

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Bad ownership or mode(0600) for '/etc/ssh_host_key'.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /etc/ssh_host_key
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Bad ownership or mode(0600) for '/etc/ssh_host_dsa_key'.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /etc/ssh_host_dsa_key
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Bad ownership or mode(0600) for '/etc/ssh_host_rsa_key'.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /etc/ssh_host_rsa_key
lhubert AT etoile's password: 
Permission denied, please try again.
lhubert AT etoile's password: 
 ****************************************************************************

Where CYGWIN is set to "ntsec tty" on the client and the server.

If CYGWIN is set to "tty" on the client. This warning message does not occured


2- 
On the other hand, coming back to CYGWIN to "ntsec tty", setting system uid
=0 in /etc/passwd
*and then* starting services one has the following results :

-inetd  and openssh can be use without problems (aside of the hanging
problem with ls in sftp-server, but this is a another problem). One can
verified that system.system is *still* the owner of the ssh_host_key's
files but with ui=0, with "ls -lan /etc/*". 
 
-the cron service will not start, the reason is given by reading
/usr/doc/cygwin/cron.exe 


*********************************************************
version 	3.0.1-2:
(snippet) 

Command line option `-D' added to allow cron to run under
cygrunsrv. Install as service like that:

        cygrunsrv -I cron -p /usr/sbin/cron -a -D

`root' with uid 0 is substituted by `SYSTEM' with uid 18.
 ...
********************************************************

Which stated that for cron system need to be uid 18.


I think that it can be quite to correct this situation from the source. But
can we agreed in the future for  a single system uid number? And which one
should we use ?

Note : 
	- I remove "everybody:0:0" from /etc/passwd
	- inetd is started with "net start inetd".
	- cron and openssh are installed as deamon with cygrunsrv and started with
system account.

	inetd : form inetutils-1.3.2
	cron : 3.0.1-2:
	openssh : OpenSSH_2.9p1
	bash  : 2.05.0(6)
	cygwin.dll : 694064 May 20 23:29 /bin/cygwin1.dll
	systems : intel, NT 4 SP6a


Laurent

Overall Cygwin is still a very usefull tool! Thanks to the cygwin team.











 
Laurent Hubert
Administrateur système
Centre d'Imagerie Fonctionnelle et Métabolique
CRC, CHUS
Université de Sherbrooke
3001, 12e Avenue Nord
Fleurimont
Québec, Canada
J1H 5N4
Tél. : 819 346-1110 ex 11828
Fax : 819 820 6490
Courriel : laurent DOT hubert AT chus DOT qc DOT ca

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/