Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com X-Originating-IP: [212.135.179.210] From: "Elfyn" To: "cygml" , "Scott Prive" References: <7BFCE5F1EF28D64198522688F5449D5AC1E297 AT xchangeserver2 DOT storigen DOT com> Subject: Re: ssh service staring problem "bad owner /var/empty" but not fixed Date: Wed, 9 Oct 2002 19:20:56 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Message-ID: X-OriginalArrivalTime: 09 Oct 2002 18:20:55.0082 (UTC) FILETIME=[9B5DE0A0:01C26FC0] Hi, Can you do a cygcheck on all of your cygwin machines so we can compare what exactly has changed `cygcheck -s -s -r'... it has to be a change in package. ill go through latest changes to see what has be upgraded in packages released in the last couple of weeks. I got people pis*ed because of this and need to try and get it sorted as im sure you do... Elfyn ----- Original Message ----- From: "Scott Prive" To: "Elfyn" ; "cygml" Sent: Wednesday, October 09, 2002 7:13 PM Subject: RE: ssh service staring problem "bad owner /var/empty" but not fixed I can say this works fine on one system, which I installed a while back. Then I got it working on a SECOND system, which worked fine UNTIL I updated Cygwin. Then it broke. I sent an email to this list but never got a reply. Then I tried a THIRD system, and even a fresh install did not work. That first system which still works, I refuse to update Cygwin until I understand what broke everything. I've come to the conclusion that "something changed" in the packages, but obviously it's working on SOME people's systems, right? I see a lot of related questions in the recent archives, and suggestions (which I followed). Then again, I missed seeing any replies that said "thanks, that fixed it"... so it's possible those suggestions did not work for them either. -Scott > -----Original Message----- > From: Elfyn [mailto:emcb_exposure AT hotmail DOT com] > Sent: Wednesday, October 09, 2002 2:08 PM > To: cygml; Scott Prive > Subject: Re: ssh service staring problem "bad owner > /var/empty" but not > fixed > > > Its pretty funky that this has started happening OOTB (out of > the blue). > have you had a working sshd? ... i forget. have you installed > new soft,libs > recently... have you downloaded new net-release packages as well? > > All ive done is install mysql-3.23.52 on cygwin-1.3.12-2, > cant see that > making a difference. > > Elfyn > > ----- Original Message ----- > From: "Scott Prive" > To: "Elfyn" ; "cygml" > Sent: Wednesday, October 09, 2002 7:03 PM > Subject: RE: ssh service staring problem "bad owner > /var/empty" but not > fixed > > > Looks like our problems are somewhat related. I wonder if > anyone else has > ideas... > > > > -----Original Message----- > > From: Elfyn [mailto:emcb_exposure AT hotmail DOT com] > > Sent: Wednesday, October 09, 2002 1:44 PM > > To: cygml; Scott Prive > > Subject: Re: ssh service staring problem "bad owner > > /var/empty" but not > > fixed > > > > > > Hey, > > > > What i meant by shared-server is that more than one person > > (other than you) > > would be accessing the server. So if it is a shared > > environment you might > > want to tighten security. > > > > In general you should run things like crond,sshd etc. as the > > SYSTEM user as > > Administrator doesnt have the required run as service tokens > > and others > > needed for a run-as-user service unless youve added them in > > [domain|local] > > security policy(s) thingys in Administrative tools. > > > > I dont know whats going on. I just had to stop sshd so i > > could so i could > > get rid of an ssh process that wouldnt go away, went away > > when the service > > stopped but now i cant restart it. I get these errors in the > > eventlog... > > > > Event Type: Error > > Event Source: sshd > > Event Category: None > > Event ID: 0 > > Date: 09/10/2002 > > Time: 17:57:14 > > User: NT AUTHORITY\SYSTEM > > Computer: W3 > > Description: > > The description for Event ID ( 0 ) in Source ( sshd ) cannot > > be found. The > > local computer may not have the necessary registry > > information or message > > DLL files to display messages from a remote computer. The following > > information is part of the event: sshd : Win32 Process Id = > > 0xCA8 : Cygwin > > Process Id = 0xCA8 : starting service `sshd' failed: execv: > > 1, Operation not > > permitted. > > YES! I get exactly this message in Event Viewer, except > execv=255 error=255 > > > > > Event Type: Error > > Event Source: sshd > > Event Category: None > > Event ID: 0 > > Date: 09/10/2002 > > Time: 17:57:13 > > User: NT AUTHORITY\SYSTEM > > Computer: W3 > > Description: > > The description for Event ID ( 0 ) in Source ( sshd ) cannot > > be found. The > > local computer may not have the necessary registry > > information or message > > DLL files to display messages from a remote computer. The following > > information is part of the event: sshd : Win32 Process Id = > > 0x950 : Cygwin > > Process Id = 0x950 : starting service `l' failed: > > redirect_fd: open (1, > > /var/log/sshd.log): 22, Invalid argument. > > > I don't get this one exactly. The second error I get is line-for-line > identical with the first event, minus the bit about "execv=255" (not a > different error number... just not there at all). > > > are you getting anything similar? > > > > Elfyn > > > > > > ----- Original Message ----- > > From: "Scott Prive" > > To: "Elfyn" ; "cygml" > > Sent: Wednesday, October 09, 2002 6:23 PM > > Subject: RE: ssh service staring problem "bad owner > > /var/empty" but not > > fixed > > > > > > > > > > > -----Original Message----- > > > From: Elfyn [mailto:emcb_exposure AT hotmail DOT com] > > > Sent: Wednesday, October 09, 2002 12:02 PM > > > To: cygml > > > Subject: Re: ssh service staring problem "bad owner > > > /var/empty" but not > > > fixed > > > > > > > > > Hi, > > > > > > I had that when i first installed it... i take it the > > > permissions on files > > > like /etc/sshd* /etc/ssh_host* are exclusive to the SYSTEM > > > account (if your > > > running a shared-style server) and the service is running as > > > SYSTEM. > > > > Let's see...: > > $ ls -l /etc/ssh* > > -rw-r--r-- 1 Administ None 1049 Sep 5 15:59 > > /etc/ssh_config > > -rw-r--r-- 1 Administ None 668 Sep 5 15:19 > > /etc/ssh_host_dsa_key > > -rw-r--r-- 1 Administ None 614 Sep 5 15:19 > > /etc/ssh_host_dsa_key.pub > > -rw-r--r-- 1 Administ None 539 Sep 5 15:19 > > /etc/ssh_host_key > > -rw-r--r-- 1 Administ None 343 Sep 5 15:19 > > /etc/ssh_host_key.pub > > -rw-r--r-- 1 Administ None 883 Sep 5 15:19 > > /etc/ssh_host_rsa_key > > -rw-r--r-- 1 Administ None 234 Sep 5 15:19 > > /etc/ssh_host_rsa_key.pub > > -rw-r--r-- 1 Administ None 2041 Sep 5 15:59 > > /etc/sshd_config > > > > Is "Administrator" here perfectly synonymous with "SYSTEM"? > > Also, I'm not sure what you mean by "shared style server", > > how to verify if > > that is my case, or how this would affect things. > > > > The service in MMC shows it logs on as "Local System > > Account", "interact > > with desktop" NOT checked. Should this instead be running as > > sshd user or > > Administrator? > > > > I personally prefer to get things running "the right way" and > > not blow holes > > through local security. That said, this is a test lab system > > and I'd go the > > "hack" way to Make It Work... if I knew what to do next. > > > > >I got > > > around that problem my making the system user the owner of > > > /var/empty with > > > exclusive rwx permissions and group/other with none. if youre > > > not running > > > the svc as SYSTEM just adjust the owner to your user. > > > > I've already `chmod 700 /var/empty`. Not sure what you mean > > about ownership > > of the service. I'm not sure this was the correct thing to > > do, but I tried > > setting CYGWIN sshd to log on as Administrator, set the > > password, and now it > > returns "Error 1069: Logon failure" (the password IS correct). > > > > > > Have you had problems with ssh when logging in at all? > > > > I can't even get the service to START. > > > > >my sshd has for some > > > reason been denying access to anyone that trys to login to my > > > CYGWIN server > > > with a permission/access denied message. nothing in sshd.log > > > but event-log > > > shows a badpw error (very weird). i know the password is > > > correct bacause im > > > using terminal services to login to the server right now... > > > > > > hope the first bit helps, sorry to bore you with the latter :) > > > > No problem. :-D I've been reading everything I can on the subject. > > > > There might be enough demand for a Cygwin book; I'd buy one > > in a heartbeat. > > With problems like this you get the complexity UNIX is known > > for, with NT's > > lack of decent error reporting. When you're DONE, of course, you get > > powerful UNIX tools, with Win2K's good points (good points? A > > free PC in > > every box of MS Outlook) :-) > > > > I'm still stuck, if anyone else has ideas. > > > > > > > > Elfyn > > > > > > ----- Original Message ----- > > > From: "Scott Prive" > > > To: "Cygwin" > > > Sent: Wednesday, October 09, 2002 4:12 PM > > > Subject: ssh service staring problem "bad owner /var/empty" > > > but not fixed > > > > > > > > > Hello, > > > > > > I understand the problem I am about to ask is not uncommon, > > > and I have made > > > considerable effort to look for the answers in the archive... > > > > > > On an up-to-date (today) Cygwin install, sshd refuses to > > start (the MS > > > Management console gives a useless error). On other > systems, I have > > > installed Cygwin sshd and it worked fine (I have not done > > > this "recently" > > > though and I understand there have been changes to ssd of sorts). > > > > > > When I first attempted this install some weeks back, I > > > followed the guide at > > > http://tech.erdelynet.com/cygwin-sshd.html > > > > > > I didn't actually "run the permissions script" as the author > > > had just days > > > before, pulled down the script. I'm not sure if the other > > > steps on this page > > > complicate my problem, so I'll mention it. > > > > > > The first thing I check is /var/log/sshd.log, and it's "bad > > > owner or mode > > > for /var/empty". OK, it's some sort of NT permissions issue. > > > A Google search > > > tells me /var/empty should be chmod 700 or 755 (it's 755). > > > > > > grep /etc/passwd ssh shows ssh account is 1000:513, sshd > > > privsep, home of > > > /var/empty and shell of /bin/false > > > > > > I've also tried chowning the directory as SYSTEM:SYSTEM > (or 18:18). > > > > > > I did notice in the MMC Groups panel, there is no VISIBLE > > > group for "sshd", > > > but there is a sshd user. My Google searches tell me there > > should be a > > > group, so I attempt to add the group "sshd" and make "sshd" > > > user a member. I > > > get the error: "while attempting to create the group sshd > > on computer > > > QA2000TEST: The account already exists". I get this error if > > > I attempt to > > > create the group "sshd" with or with-out the member "sshd". > > > > > > I've Reinstalled openssh, and even selected Unininstall > > > followed by Install > > > in case there was a difference. The version of openssh I have > > > is 3.4p1-5 > > > > > > I appreciate any help. I hope I have checked all of the > > > obvious "gotchas" so > > > I don't waste anyone's time. Thanks. > > > > > > -Scott > > > > > > -- > > > Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple > > > Bug reporting: http://cygwin.com/bugs.html > > > Documentation: http://cygwin.com/docs.html > > > FAQ: http://cygwin.com/faq/ > > > > > > -- > > > Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple > > > Bug reporting: http://cygwin.com/bugs.html > > > Documentation: http://cygwin.com/docs.html > > > FAQ: http://cygwin.com/faq/ > > > > > > > > > > -- > > Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple > > Bug reporting: http://cygwin.com/bugs.html > > Documentation: http://cygwin.com/docs.html > > FAQ: http://cygwin.com/faq/ > > > -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/ -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/