Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <15818.9934.721734.708724@jupiter.akutech-local.de>
Date: Thu, 7 Nov 2002 09:39:42 +0100
From: Ralf Fassel <ralfixx AT gmx DOT de>
To: cygwin AT cygwin DOT com
Subject: Re: ssh-host-config suggestion (was: Re: Updated: OpenSSH-3.5p1-1)
In-Reply-To: <20021106181026.C2180@cygbert.vinschen.de>
References: <20021106153438 DOT K2180 AT cygbert DOT vinschen DOT de>
	<15817 DOT 18485 DOT 56727 DOT 29262 AT jupiter DOT akutech-local DOT de>
	<20021106181026 DOT C2180 AT cygbert DOT vinschen DOT de>
Organization: Akustik Technologie Goettingen
X-OriginalArrivalTime: 07 Nov 2002 08:38:36.0733 (UTC) FILETIME=[1077A6D0:01C28639]

* Corinna Vinschen
| > - the ssh-host-config script should make sure that CYGWIN contains
| >   `ntsec' when trying the chmod/chown steps
| 
| That shouldn't be necessary anymore since 1.3.14 sets ntsec by
| default on NT systems.

Good Thing (TM).  But then, why didn't the chown call succeed?  Or do
you mean it is set in the environment during installation?  I had
cygwin installed, and simply upgraded my installation.  I *know* that
CYGWIN had been set up for all users, but obviously someone else with
admin access thought otherwise in the meantime. :-/

| The problem (and the reason the script doesn't test the return code)
| is, there are several conditions for having a working chown.  It
| must be NT/2K/XP, ntsec must be on, FS must be NTFS.  The chown(2)
| syscall returns intentionally always 0 if any of these conditions
| isn't met.

Strictly spoken, those three conditions fall into two categories:
- wrong OS/Filesystem => nothing we can do
- wrong user environment => it *could* have worked if the user did not
  prevent it by the wrong/missing setting
But I admit that changing a bunch of programs is probably too much for
this, since a workaround exists via the additional test:

| There could be an additional test in the script after calling chown,
| though...

I would use `find -user | grep', but maybe there's a more elegant
solution in bash.

    $ find /var/empty -user system -type d | grep -q '^/var/empty$'
    $ echo $?
    0
    $ find /var/empty -user ralf -type d | grep -q '^/var/empty$'
    $ echo $?
    1
    $ find /var/empty-no -user system -type d | grep -q '^/var/empty$'
    find: /var/empty-no: No such file or directory
    $ echo $?
    1

The ultimate test of course is in /var/log/sshd.log, but... :-)

R'

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/