Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
X-MIMEOLE: Produced By Microsoft Exchange V6.0.4417.0
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Subject: RE: sshd problems
Date: Thu, 10 Oct 2002 14:41:13 -0400
Message-ID: <BADF3C947A1BD54FBA75C70C241B0B9E762F8D@ex02.idirect.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
From: "Harig, Mark A." <maharig AT idirect DOT net>
To: "David Monk" <david AT purplebear DOT net>, "Len Giambrone" <frodo AT mit DOT edu>
Cc: <cygwin AT cygwin DOT com>
Note-from-DJ: This may be spam
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id g9AKa5c25793

According to /usr/doc/Cygwin/openssh-3.4p1-5.README:

>The new ssh-host-config script also adds the /var/empty directory
>needed by privilege separation.  When creating the /var/empty directory
>by yourself, please note that in contrast to the README.privsep
document
>the owner sshould not be "root" but the user which is running sshd.
So,
>in the standard configuration this is SYSTEM.  The ssh-host-config
script
>chowns /var/empty accordingly.

In /usr/bin/ssh-host-config is the following code:

># Create /var/empty file used as chroot jail for privilege separation
>if [ -f /var/empty ]
>then
>  echo "Creating /var/empty failed\!"
>else
>  mkdir -p /var/empty
>  # On NT change ownership of that dir to user "system"
>  if [ $_nt -gt 0 ]
>  then
>    chown system.system /var/empty
>  fi
>fi

For me, I have the following permissions:

  $ ls -ld /var/empty
  drwxr-xr-x    2 SYSTEM   SYSTEM          0 Jul 24 11:39 /var/empty

> -----Original Message-----
> From: David Monk [mailto:david AT purplebear DOT net]
> Sent: Thursday, October 10, 2002 2:31 PM
> To: Len Giambrone
> Cc: cygwin AT cygwin DOT com
> Subject: Re: sshd problems
> 
> 
> Generating a new key worked, as far as finding the key goes. Then it
> presented me with a /var/empty ownership or permissions 
> issue. So, thinking
> along the same lines, I chaned owner of that dir to myself. 
> Finally, sshd
> runs. Not as a service unfortunately, but it does run. Also 
> unfortunately, I
> can not log in under these circumstances. I get a password 
> prompt, but it
> never accepts it. I can only guess this has something to do 
> with privlege
> separation.
> 
> Anyway, the main problem here, from the beginning of this 
> thread, is that
> openssh was working fine, running as a service, using 
> privlege separation
> until approx 2 weeks ago. The only thing I could have 
> possibly done to break
> that was updating packages. So, somewhere, something in 
> cygwin changed.
> Either specifically with the openssh package or with the some 
> other aspect,
> but something has definitely changed. Again, this was working 
> beautifully I
> know for absolute certainty 3 weeks ago, the server running 
> as a service via
> cygrunsrv, utilizing the privlege separation. The only things 
> that have been
> done to this system over the last few months has been regular 
> virus updates,
> updates for Windows and cygwin updates. I have not messed with any
> configuration files, nor have I changed any file permissions 
> within cygwin
> of it's file tree to cause this.
> 
> David

(a huge amount of text deleted)

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/