X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=0.8 required=5.0	tests=AWL,BAYES_05,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,TW_RW,TW_WX,T_TO_NO_BRKTS_FREEMAIL
X-Spam-Check-By: sourceware.org
Message-ID: <4CDE1200.9080502@gmail.com>
Date: Fri, 12 Nov 2010 21:20:16 -0700
From: Jeff Odegard <jeff DOT odegard AT gmail DOT com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101027 Lightning/1.0b2 Thunderbird/3.1.6
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: 1.7.7: Win7 SSHD, chown bad file descriptor
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Today I installed Cygwin 1.7.7 on Windows 7 Enterprise.  OpenSSH version 
is OpenSSH_5.6p1, OpenSSL 0.9.8o 01 Jun 2010

With admin privileges, I set up sshd as a service using ssh-host-config, 
and said yes to all questions except I kept the cyg_server username.

The service started fine, then I tried to ssh to the system, entered 
user/pass, and was immediately disconnected.  The windows application 
log had the following error:

     sshd: PID 728: fatal: chown(/dev/tty0, 1000, 1002) failed: Bad file 
descriptor

$ ls -la /dev/tty0
crw------- 1 SYSTEM Administrators 136, 0 2010-11-12 14:41 /dev/tty0
     (I noticed on older Cygwins on XP this is crw-rw-rw-  Can I change 
this?  Will it stay permanent on reboot?  This looks like a security 
issue, having a tty world read/writable.)

I tried several options with the Windows service.  I noticed in the 
ssh-host-config script that it uses ntsec, which is no longer 
supported.  I tried using acl, noacl, ntsec, nontsec - all with no 
effect.  Here is my latest attempt:

$ cygrunsrv -I sshd -d "CYGWIN sshd" -p /usr/sbin/sshd.exe --desc 
"Cygwin Secure Shell Daemon" -a "-D" -e CYGWIN="noacl tty 
nodosfilewarning" -y tcpip -u cyg_server

I thought it might be a problem with the sshd privilege separation, but 
these look OK:

$ ls -la /var/empty
total 4
drwx------+ 1 cyg_server Administrators    0 2010-11-12 21:15 .
drwxr-xr-x+ 1 odegardj   Administrators 4096 2010-11-12 23:34 ..

$ grep ssh /etc/passwd
sshd:unused:1008:513:sshd 
privsep,U-PTL-1\sshd,S-1-5-21-4040343701-3909715506-17
91091093-1008:/var/empty:/bin/false

Any thoughts on what I might try next.  I googled, but couldn't find 
anything that worked.

Thanks!

  - Jeff

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple