Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
From: "Stephen Banville" <sbanville AT attbi DOT com>
To: "'Bruce Dobrin'" <dobrin AT imageworks DOT com>, <cygwin AT cygwin DOT com>,
   <stephen DOT banville AT sycamorenet DOT com>
Subject: RE: NTsec permissions issue over inet
Date: Sun, 1 Jun 2003 19:02:27 -0400
Message-ID: <003d01c32891$e2ed3030$6401a8c0@GOLLUM>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
In-Reply-To: <00d901c3270a$58e0a760$4d1f1cac@THEODOLITE>
Importance: Normal

HI Bruce,

	The reason I don't have smbntsec set is because the remote
volumes are not Samba Shares. The interesting thing here is that when I
ran an older version of Cygwin, this functionality would work just fine.
I also tried the passwd trick (which didn't work as well.) I can't
imagine what the problem could be ? At this time I am running out of
ideas. My only hope at this time would be to enable some sort of a debug
trace to see what component is actually failing during the login.
Another interesting point to mention is that when I run the 'login'
command within the shell, I cannot log in under my user name defined in
the /etc/passwd file. Any ideas why this would ? This could somehow be
related to my problem.

Any help would be welcomed!!

Steve

-----Original Message-----
From: cygwin-owner AT cygwin DOT com [mailto:cygwin-owner AT cygwin DOT com] On Behalf
Of Bruce Dobrin
Sent: Friday, May 30, 2003 8:20 PM
To: cygwin AT cygwin DOT com
Subject: Re: NTsec permissions issue over inet

OK,  further testing,  I can't get the below rlogin "trick" to work on a
1.3.22 machine,  the one it worked on is actually a 1.3.12 machine.  so,
with 1.3.12 I can get it to work by forcing a password entry,  but this
appears not to work with a 1.3.22 machine........
continuing more confused than ever...

----- Original Message ----- 
From: "Bruce Dobrin" <dobrin AT imageworks DOT com>
To: <cygwin AT cygwin DOT com>
Sent: Friday, May 30, 2003 4:46 PM
Subject: Re: NTsec permissions issue over inet


> Sorry,  On re-reading that,  it's not as clear as it could be,  the
example
> used in the previous e-mail ( below) was on a later version of cygwin,
it
> is not the 1.3.2  machine referred to earlier in the message.
>
> ----- Original Message ----- 
> From: "Bruce Dobrin" <dobrin AT imageworks DOT com>
> To: <cygwin AT cygwin DOT com>
> Cc: <cygwin AT cygwin DOT com>
> Sent: Friday, May 30, 2003 4:37 PM
> Subject: Re: NTsec permissions issue over inet
>
>
> > Thanks for responding Larry,
> >
> > I actually had tried most permutations of (no)ntsec, (no)smbntsec,
> (no)ntea,
> > etc... and on other machines that didn't have weird path or passwd
> > entries. -- no dice
> >
> > I think I may have a good hint as to what is going on,  but I'll
need
> > someone who knows the system better than I to figure out the
solution.
> >
> > By the way I have around 300 machines here,  and I found one which
is
> > running cygwin1.3.2 and which works fine.  This leads me to think
that
it
> is
> > something to do with the hosts.equiv functionality which I believe
was
non
> > functional before at 1.3.2 ( at least I didn't use it here).  I
found
> > machine that if I : forced the user to use a password and I set some
> > permutations of the permissions...  it then works:  example:
> >
> > dobrin AT THEODOLITE:/home/dobrin> rsh gable3
> > Fanfare!!!
> > ..........
> > dobrin AT GABLE3:/home/dobrin> echo $CYGWIN
> > ntea nontsec smbntsec
> > dobrin AT GABLE3:/home/dobrin> cd //matilda/dist
> > //matilda/dist: Permission denied.
> >
> > BUT,  If I force a passwd entry:
> >
> > dobrin AT THEODOLITE:/home/dobrin> rsh gable3 -l poo
> > Password:
> > Login incorrect
> > login: dobrin
> > Password:
> > Fanfare!!!
> > ...........
> > dobrin AT GABLE3:/home/dobrin> echo $CYGWIN
> > ntea nontsec smbntsec
> > dobrin AT GABLE3:/home/dobrin> cd //matilda/dist
> > dobrin AT GABLE3:/matilda/dist>
> >
> >
> > Unfortunately I don't really think of this as a good solution ,  and
it
> > doesn't appear to work with my default $CYGWIN setup.
> > Does this help at all?
> > Thanks,
> > Bruce
> >
> > ----- Original Message ----- 
> > From: "Larry Hall" <cygwin AT cygwin DOT com>
> > To: "Bruce Dobrin" <dobrin AT imageworks DOT com>
> > Cc: <cygwin AT cygwin DOT com>
> > Sent: Thursday, May 29, 2003 7:14 PM
> > Subject: Re: NTsec permissions issue over inet
> >
> >
> > > Bruce Dobrin wrote:
> > > > Here are the Cygcheck,  and Group files,  I'll include the my
> (typical)
> > > > passwd entry as we have a ( legitimate) policy against
publishing
our
> > login
> > > > id's ( I know it doesn't include encrypted passwd's, but with
650
> > entries,
> > > > but I'd like to reduce the fodder for someone's foreach loop
thru a
> > cracking
> > > > program).
> > > >
> > > >
> > > > representative passwd entries:
> > > >
> > > > SYSTEM:*:18:544:,S-1-5-18::
> > > > Administrators:*:544:544:,S-1-5-32-544::
> > > >
> >
>
dobrin:unused_by_nt/2000/xp:11014:10512:Brucester,U-PRODUCTION\dobrin,S-
1-5-
> > > > 21-501104424-1911818820-14498641-1014:/home/dobrin:/bin/bash
> > > >
> > > >
> > > > Thanks
> > > > Bruce Dobrin
> > >
> > >
> > > Partial passwd entries is fine.  What you provided is adequate.
> > >
> > > The basics look OK.  I find two things in common between your
> information
> > > and Steve's:
> > >
> > >    1. You both appear to have a strange entry in your path.  I'm
not
> > >       sure if it's some weird artifact of cygcheck or if it's
actually
> > >       in the path.  In yours, you have a directory that looks like
this:
> > >
> > >       "c
> > >       C:\cygwin\program_files\diskaccess\bin"
> > >
> > >       Steve's is just "c".
> > >
> > >    2. You both have a carriage return as the last character in
either
> > >       your passwd or group files.
> > >
> > > Neither of these are clearly related to this issue but should be
> > > investigated and cleaned up.  Also, neither of you set 'smbntsec'
> > > in your CYGWIN environment variable (before starting Cygwin or any
of
> > > it's services).  Please do, just so we can rule this out as an
issue.
> > > Also, since you both claim that this used to work, please try
removing
> > > 'ntsec' and 'smbntsec' and/or adding 'nontsec' to your CYGWIN
> environment
> > > variable (before starting Cygwin or any of it's services).  This
should
> > > help pinpoint whether turning 'ntsec' on by default in recent
releases
> > > has any bearing.
> > >
> > >
> > >
> > > -- 
> > > Larry Hall                              http://www.rfk.com
> > > RFK Partners, Inc.                      (508) 893-9779 - RFK
Office
> > > 838 Washington Street                   (508) 893-9889 - FAX
> > > Holliston, MA 01746
> > >
> >
> >
> > --
> > Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> > Problem reports:       http://cygwin.com/problems.html
> > Documentation:         http://cygwin.com/docs.html
> > FAQ:                   http://cygwin.com/faq/
> >
>
>
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Problem reports:       http://cygwin.com/problems.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
>


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/




--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/