X-Recipient: archive-cygwin AT delorie DOT com X-Spam-Check-By: sourceware.org X-MDRemoteIP: 212.135.219.182 X-Return-Path: prvs=1071fe6e81=killing AT multiplay DOT co DOT uk X-Envelope-From: killing AT multiplay DOT co DOT uk X-MDaemon-Deliver-To: cygwin AT cygwin DOT com Message-ID: <6C897634739C412CA4367B8530734B2F@multiplay.co.uk> From: "Steven Hartland" To: References: <20080703125758 DOT GC10582 AT calimero DOT vinschen DOT de> <9519CD6573CA4B378AB436808C330A8C AT multiplay DOT co DOT uk> <20080704085528 DOT GH10582 AT calimero DOT vinschen DOT de> <83D9FB620178474D8B7E673F8BE88FBF AT multiplay DOT co DOT uk> Subject: Re: chmod permission denied on windows 2008 Date: Fri, 4 Jul 2008 23:21:40 +0100 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_00D1_01C8DE2C.B68EFA90" X-Mailer: Microsoft Outlook Express 6.00.2900.5512 X-Spam-Processed: mail1.multiplay.co.uk, Fri, 04 Jul 2008 23:21:43 +0100 X-MDAV-Processed: mail1.multiplay.co.uk, Fri, 04 Jul 2008 23:21:46 +0100 X-IsSubscribed: yes Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com ------=_NextPart_000_00D1_01C8DE2C.B68EFA90 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=response Content-Transfer-Encoding: 7bit ----- Original Message ----- From: "Steven Hartland" >> That's weird. Cygwin always enables the backup and restore privileges >> if they are available. The whoami printout in your previous mail >> shows that the privilege is in the token. But the above code shows >> that the AdjustTokenPrivileges() call for the backup and restore >> rights both fail with ERROR_NOT_ALL_ASSIGNED. The problem is that >> there's no indication why it fails. Per MSDN this should only happen >> if the privilege is not in the token. >> >> Bottom line is, there's nothing Cygwin can do about this. Did you >> look into the security event long? Maybe there's a hint why this >> fails. > > You thought that was weird I just logged onto the box to test and look > in the security event log and it just started working. No changes > that I can find have been made, it was even the same cygwin prompt > from the previous tests. If I find out what caused the change I will > report back as I have another identical machine left to install. > > Very strange, most appreciate your help on this. Sorry seems I missed one critical element here. I thought I was doing all the tests under a cygwin prompt but in fact the chown's I was doing under an ssh'ed prompt. It works under a cygwin prompt on the desktop but fails when I'm ssh'ed in. So this actually looks like it may be a problem with ssh under 2008? I've attached the output from whoami in both cases. A privaledege missing from the sshd_server user may be? Note: ssh was installed with a slightly older than latest version of cygwin so if this has changed to support 2008 recently that could be where my problem lies. Regards Steve ------=_NextPart_000_00D1_01C8DE2C.B68EFA90 Content-Type: text/plain; format=flowed; name="prompt.txt"; reply-type=response Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="prompt.txt" Microsoft Windows [Version 6.0.6001] Copyright (c) 2006 Microsoft Corporation. All rights reserved. C:\Users\Administrator>which whoami /cygdrive/c/Windows/system32/whoami C:\Users\Administrator>whoami /all USER INFORMATION ---------------- User Name SID =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D blade0\administrator S-1-5-21-1034854827-3221323542-428946914-500 GROUP INFORMATION ----------------- Group Name Type SID Attribu= tes =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D Everyone Well-known group S-1-1-0 Mandato= ry group, Enabled by default, Enabled group BUILTIN\Administrators Alias S-1-5-32-544 Mandato= ry group, Enabled by default, Enabled group, Group owner BUILTIN\Users Alias S-1-5-32-545 Mandato= ry group, Enabled by default, Enabled group NT AUTHORITY\REMOTE INTERACTIVE LOGON Well-known group S-1-5-14 Mandato= ry group, Enabled by default, Enabled group NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandato= ry group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandato= ry group, Enabled by default, Enabled group NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandato= ry group, Enabled by default, Enabled group LOCAL Well-known group S-1-2-0 Mandato= ry group, Enabled by default, Enabled group NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandato= ry group, Enabled by default, Enabled group Mandatory Label\High Mandatory Level Unknown SID type S-1-16-12288 Mandato= ry group, Enabled by default, Enabled group PRIVILEGES INFORMATION ---------------------- Privilege Name Description S= tate =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D= =3D=3D=3D=3D=3D=3D=3D SeIncreaseQuotaPrivilege Adjust memory quotas for a process D= isabled SeSecurityPrivilege Manage auditing and security log D= isabled SeTakeOwnershipPrivilege Take ownership of files or other objects D= isabled SeLoadDriverPrivilege Load and unload device drivers D= isabled SeSystemProfilePrivilege Profile system performance D= isabled SeSystemtimePrivilege Change the system time D= isabled SeProfileSingleProcessPrivilege Profile single process D= isabled SeIncreaseBasePriorityPrivilege Increase scheduling priority D= isabled SeCreatePagefilePrivilege Create a pagefile D= isabled SeBackupPrivilege Back up files and directories D= isabled SeRestorePrivilege Restore files and directories D= isabled SeShutdownPrivilege Shut down the system D= isabled SeDebugPrivilege Debug programs D= isabled SeSystemEnvironmentPrivilege Modify firmware environment values D= isabled SeChangeNotifyPrivilege Bypass traverse checking E= nabled SeRemoteShutdownPrivilege Force shutdown from a remote system D= isabled SeUndockPrivilege Remove computer from docking station D= isabled SeManageVolumePrivilege Perform volume maintenance tasks D= isabled SeImpersonatePrivilege Impersonate a client after authentication E= nabled SeCreateGlobalPrivilege Create global objects E= nabled SeIncreaseWorkingSetPrivilege Increase a process working set D= isabled SeTimeZonePrivilege Change the time zone D= isabled SeCreateSymbolicLinkPrivilege Create symbolic links D= isabled C:\Users\Administrator> ------=_NextPart_000_00D1_01C8DE2C.B68EFA90 Content-Type: text/plain; format=flowed; name="ssh.txt"; reply-type=response Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="ssh.txt" [root AT blade0]/usr/local/games: /cygdrive/c/Windows/system32/whoami /all USER INFORMATION ---------------- User Name SID ================== ============================================ blade0\sshd_server S-1-5-21-1034854827-3221323542-428946914-500 GROUP INFORMATION ----------------- Group Name Type SID Attributes ================================ ================ ============ ================================================== Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group LOCAL Well-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\SERVICE Well-known group S-1-5-6 Mandatory group, Enabled by default, Enabled group BUILTIN\Administrators Alias S-1-5-32-544 Mandatory group, Enabled by default, Enabled group BUILTIN\Users Alias S-1-5-32-545 Mandatory group, Enabled by default, Enabled group PRIVILEGES INFORMATION ---------------------- Privilege Name Description State =============================== ========================================= ======== SeIncreaseQuotaPrivilege Adjust memory quotas for a process Enabled SeSecurityPrivilege Manage auditing and security log Enabled SeTakeOwnershipPrivilege Take ownership of files or other objects Disabled SeLoadDriverPrivilege Load and unload device drivers Disabled SeSystemProfilePrivilege Profile system performance Enabled SeSystemtimePrivilege Change the system time Enabled SeProfileSingleProcessPrivilege Profile single process Enabled SeIncreaseBasePriorityPrivilege Increase scheduling priority Enabled SeCreatePagefilePrivilege Create a pagefile Enabled SeBackupPrivilege Back up files and directories Disabled SeRestorePrivilege Restore files and directories Disabled SeShutdownPrivilege Shut down the system Enabled SeDebugPrivilege Debug programs Disabled SeSystemEnvironmentPrivilege Modify firmware environment values Enabled SeChangeNotifyPrivilege Bypass traverse checking Enabled SeRemoteShutdownPrivilege Force shutdown from a remote system Enabled SeUndockPrivilege Remove computer from docking station Enabled SeManageVolumePrivilege Perform volume maintenance tasks Enabled SeImpersonatePrivilege Impersonate a client after authentication Disabled SeCreateGlobalPrivilege Create global objects Enabled ------=_NextPart_000_00D1_01C8DE2C.B68EFA90 Content-Type: text/plain; charset=us-ascii -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/ ------=_NextPart_000_00D1_01C8DE2C.B68EFA90--