X-Spam-Check-By: sourceware.org
Message-ID: <72e3fc8f0704112140v493ff0cxe3da85079882c1e7@mail.gmail.com>
Date: Thu, 12 Apr 2007 00:40:15 -0400
From: "Felipe Alcacibar" <falcacibar AT gmail DOT com>
To: cygwin AT cygwin DOT com
Subject: problem with setuid
In-Reply-To: <72e3fc8f0704112136w72f7e239kf30d1ac8b3536f56@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Disposition: inline
References: <72e3fc8f0704112136w72f7e239kf30d1ac8b3536f56 AT mail DOT gmail DOT com>
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id l3C4eRm5020211

hello..
i'm trying tu run a process with low privileges, (mysql) server, with
a mysql user, but this cannot be change, i'm using the Administrator
account as root. and i create a mysql user into de windows users and
expoted it to the passwd table.

a synopsis of this

[code]
svr ~ # cat /etc/passwd
SYSTEM:*:18:544:,S-1-5-18::
portage:*:250:250:,S-1-5-21-527237240-484763869-1202660629-1015:/usr/portae:/bin/false
apache:*:81:81:,S-1-5-21-527237240-484763869-1202660629-1019:/var/www:/bin/nologin
mysql:*:60:60:U-SVR\mysql,S-1-5-21-527237240-484763869-1202660629-1021:/var/lib/mysql:/bin/nologin
root:unused_by_nt/2000/xp:0:0:U-SVR\Administrador,S-1-5-21-527237240-484763869-1202660629-500:/home/Administrador:/bin/bash
Invitado:unused_by_nt/2000/xp:501:513:U-SVR\Invitado,S-1-5-21-527237240-484763869-1202660629-501:/home/Invitado:/bin/bash
svr ~ #
svr ~ # cat /etc/group
root:S-1-5-32-544:0:
portage:S-1-5-21-527237240-484763869-1202660629-1015:250:root
apache:S-1-5-21-527237240-484763869-1202660629-1019:81:
wheel:S-1-5-18:10:root
SYSTEM:S-1-5-18:18:
Ninguno:S-1-5-21-527237240-484763869-1202660629-513:513:
Administradores:S-1-5-32-544:0:
Duplicadores:S-1-5-32-552:552:
Invitados:S-1-5-32-546:546:
Operadores de configuración de red:S-1-5-32-556:556:
Operadores de copia:S-1-5-32-551:551:
Usuarios:S-1-5-32-545:545:
Usuarios avanzados:S-1-5-32-547:547:
Usuarios de escritorio remoto:S-1-5-32-555:555:
HelpServicesGroup:S-1-5-21-527237240-484763869-1202660629-1001:1001:
aweonao:S-1-5-32-544:500:
utmp:S-1-5-21-527237240-484763869-1202660629-1017:409:
mysql:S-1-5-21-527237240-484763869-1202660629-1021:60:
 [/code]

for test, i'm using the following command...

[code]
svr test # start-stop-daemon --start  -c mysql -q -x /usr/bin/yes
start-stop-daemon: Unable to set uid to mysql
svr test #
[/code]

when i made a strace for the procces, this is the result (cutted to
the point of problem)

[code]
  120 2197588 [main] start-stop-daemon 1216 extract_nt_dom_user:
pw_gecos 6B1384 (U-SVR\mysql,S-1-5-
21-527237240-484763869-1202660629-1021)
87233 2284821 [main] start-stop-daemon 1216 initgroups32: 0 =
initgroups (mysql, 60)
   95 2284916 [main] start-stop-daemon 1216 seteuid32: uid: 60
myself->uid: 0 myself->gid: 60
   65 2284981 [main] start-stop-daemon 1216 seteuid32: Found token -1
 2802 2287783 [main] start-stop-daemon 1216 seterrno_from_win_error:
/ext/build/netrel/src/cygwin-1.
5.24-2/winsup/cygwin/sec_helper.cc:422 windows error 1300
  125 2287908 [main] start-stop-daemon 1216 geterrno_from_win_error:
unknown windows error 1300, set
ting errno to 13
   50 2287958 [main] start-stop-daemon 1216 __set_errno: void
seterrno_from_win_error(const char*, i
nt, DWORD):310 val 13
   52 2288010 [main] start-stop-daemon 1216 set_privilege: -1 =
set_privilege ((token 6BC) SeCreateT
okenPrivilege, 1)
 9221 2297231 [main] start-stop-daemon 1216 seterrno_from_win_error:
/ext/build/netrel/src/cygwin-1.
5.24-2/winsup/cygwin/security.cc:889 windows error 1314
   88 2297319 [main] start-stop-daemon 1216 geterrno_from_win_error:
unknown windows error 1314, set
ting errno to 13
   49 2297368 [main] start-stop-daemon 1216 __set_errno: void
seterrno_from_win_error(const char*, i
nt, DWORD):310 val 13
 1002 2298370 [main] start-stop-daemon 1216 create_token: -1 = create_token ()
  149 2298519 [main] start-stop-daemon 1216 seteuid32: create token
failed, try subauthentication.
 2872 2301391 [main] start-stop-daemon 1216 seterrno_from_win_error:
/ext/build/netrel/src/cygwin-1.
.
5.24-2 /winsup/cygwin/security.cc:961 windows error 5
 1741 2306707 [main] start-stop-daemon 1216 geterrno_from_win_error:
windows error 5 == errno 13
  109 2306816 [main] start-stop-daemon 1216 __set_errno: void
seterrno_from_win_error(const char*, i
nt, DWORD):310 val 13
   81 2306897 [main] start-stop-daemon 1216 setuid32: real: 0, effective: 0
 1591 2308488 [main] start-stop-daemon 1216 sig_send: sendsig 0x700,
pid 1216, signal -34, its_me 1
   69 2308557 [main] start-stop-daemon 1216 sig_send: wakeup 0x6C8
 3527 2312084 [main] start-stop-daemon 1216 sig_send: Waiting for
pack.wakeup 0x6C8
 1793 2313877 [sig] start-stop-daemon 1216 wait_sig: signalling
pack.wakeup 0x6C8
70125 2384002 [main] start-stop-daemon 1216 sig_send: returning 0x0
from sending signal -34
  181 2384183 [main] start-stop-daemon 1216 fhandler_base::write: binary write
start-stop-daemon:   791 2384974 [main] start-stop-daemon 1216
sig_send: sendsig 0x700, pid 1216, si
gnal -34, its_me 1
  365 2385339 [main] start-stop-daemon 1216 sig_send: wakeup 0x6C8
   77 2385416 [main] start-stop-daemon 1216 sig_send: Waiting for
pack.wakeup 0x6C8
  798 2386214 [sig] start-stop-daemon 1216 wait_sig: signalling
pack.wakeup 0x6C8
  676 2386890 [main] start-stop-daemon 1216 sig_send: returning 0x0
from sending signal -34
  722 2387612 [main] start-stop-daemon 1216 fhandler_base::write: binary write
Unable to set uid to mysql  280 2387892 [main] start-stop-daemon 1216
sig_send: sendsig 0x700, pid 1216, signal -34, its_me 1
  486 2388378 [main] start-stop-daemon 1216 sig_send: wakeup 0x6C8
   72 2388450 [main] start-stop-daemon 1216 sig_send: Waiting for
pack.wakeup 0x6C8
  327 2388777 [sig] start-stop-daemon 1216 wait_sig: signalling
pack.wakeup 0x6C8
  814 2389591 [main] start-stop-daemon 1216 sig_send: returning 0x0
from sending signal -34
  477 2390068 [main] start-stop-daemon 1216 fhandler_base::write: binary write
[/code]


i hope that something that's help me.... greetings.... and thanks

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/