X-Spam-Check-By: sourceware.org
To: cygwin AT cygwin DOT com
From: Andrew DeFaria <Andrew AT DeFaria DOT com>
Subject:  Re: rsh with command hangs, rlogin works
Date:  Mon, 05 Jun 2006 07:54:12 -0700
Lines: 108
Message-ID: <e61gil$v1a$1@sea.gmane.org>
References:  <65343 DOT 193 DOT 13 DOT 9 DOT 211 DOT 1149499152 DOT squirrel AT www DOT webmail DOT nuclear-diagnostics DOT com>
Mime-Version:  1.0
Content-Type:  text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding:  8bit
User-Agent: Thunderbird 1.5.0.4 (Windows/20060516)
In-Reply-To: <65343.193.13.9.211.1149499152.squirrel@www.webmail.nuclear-diagnostics.com>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Lars Björnfot wrote:
> Andrew DeFaria wrote:
>> Still nothing in /var/log/messages
> No need to reboot. Just make sure the syslogd is started, it should 
> output somthing when it starts but nothing special when launching in.rshd.
>
> To make sure syslog works, just
>
> $ syslog hello
> $ tail /var/log/messages
I set up syslogd again. I encountered the following problems. First the 
syslogd-config script output an error "setfacl: No such file or 
directory". This turns out to be from the command: setfacl -m 
u:system:rwx /dev. Apparently /dev isn't a file or directory on 2003!

Next I tried starting the syslogd service and it wouldn't work. I had 
this problem before when I set up syslogd on this server but since 
nothing ever got written to /var/log/messages I removed it. Turns out it 
has a problem creating a socket file in /dev. By default it tries to 
create /dev/log and it can't. Syslogd does have a -p paramter to specify 
an alternate place for this socket file. I used -p /var/run/syslogd. I 
had to hack that into the registry.

As for /var/log/messages I have:

[ccadmin] sons-sc-cc:tail -f /var/log/messages
Jun  4 23:12:16 SONS-SC-CC syslogd: restart
Jun  4 23:12:29 SONS-SC-CC syslogd: exiting on signal 15
Jun  4 23:12:44 SONS-SC-CC syslogd: restart

Executing syslog hello in another window just gives me a command prompt 
back. Nothing gets written to /var/log/messages!

Wait, I take that back, somewhat... While the syslog hello doesn't put 
anything in /var/log/messages an rsh localhost id does:

[ccadmin] sons-sc-cc:tail -f /var/log/messages
Jun  4 23:12:16 SONS-SC-CC syslogd: restart
Jun  4 23:12:29 SONS-SC-CC syslogd: exiting on signal 15
Jun  4 23:12:44 SONS-SC-CC syslogd: restart
Jun  5 07:36:13 SONS-SC-CC kernel: in.rshd[5168]: segfault at 00000003 
rip 0022E4E5 rsp 0022E454 error 4
Jun  5 07:45:01 SONS-SC-CC kernel: in.rshd[8132]: segfault at 00000003 
rip 0022E4E5 rsp 0022E454 error 4

>> Also, we must remember you're on XP (Home?) and I'm on 2003 Server...
> Yes, XP Home at home and XP Pro at work. Same segfault on both.
>
>>> (...) maybe chmod 600
>> Hmmm... I thought that permissions had to be at least o+r
> You are right. I check on my work machine where .rhosts exists and it 
> does have permission 644. Sorry.
>> What I'm really doing is mounting //<server>/<share> -> /us (we have 
>> /us and /china for US and China users) and then I put /us/adefaria in 
>> the home field of /etc/passwd. Interestingly an ls -l of /us shows 
>> permissions of 000!
>
> Maybe OK. Cygwin "ls -l" does not show the whole true. I guess Windows 
> ACL shows the truth but I try to avoid changing them. Always get a 
> feeling of sinking in quicksand.
Another data point I figured out. Currently I can rsh localhost but I 
have to supply a password. This works. "rsh localhost id" hangs. If I 
add localhost to /etc/hosts.equiv or if I remove the password for the 
user I am rsh'ing as, both methods of allowing passwordless login, I get 
"Switching to user failed":

[ccadmin] sons-sc-cc:rsh localhost
Password:
Last login: Mon Jun  5 07:34:14 from SONS-SC-CC.SALIRA.COM
CYGWIN_NT-5.2 SONS-SC-CC 1.5.19(0.150/4/2) 2006-01-20 13:28 i686 Cygwin
[ccadmin] sons-sc-cc:exit
logout
rlogin: connection closed.
[ccadmin] sons-sc-cc:echo "localhost" > /etc/hosts.equiv
[ccadmin] sons-sc-cc:rsh localhost
Switching to user ccadmin failed!
rlogin: connection closed.
[ccadmin] sons-sc-cc:

Putting "localhost" in ~/.rhosts does nothing - I'm still prompted for a 
password.

One interesting thing is that I still do not understand how it works at 
all. The inetd service is running as Local System Account. From what 
I've read this Local System Account does not have enough privileges on 
2003 Server to perform the operation of switching user. Yet in the first 
case above it manages to do that. How?

It seems whenever I configure it so allow passwordless login (adding 
localhost to /etc/hosts.equiv or removing the password from /etc/passwd) 
I fail with "Switching to user failed".

The sshd_server user, created by the ssh-host-config script, should have 
enough privileges to switch user so I changed inetd to start through the 
sshd_server user. Now I get:

[ccadmin] sons-sc-cc:rsh localhost
Password:
Last login: Mon Jun  5 07:37:15 from SONS-SC-CC.SALIRA.COM
CYGWIN_NT-5.2 SONS-SC-CC 1.5.19(0.150/4/2) 2006-01-20 13:28 i686 Cygwin
login: no shell: /bin/bash: Permission denied
rlogin: connection closed.

What's the deal here?
-- 
Andrew DeFaria <http://defaria.com>
When you open a new bag of cotton balls, are you supposed to throw the 
top one away?


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/