X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Date: Sat, 2 Apr 2011 10:51:11 +0200
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: openssh.README is wrong.
Message-ID: <20110402085111.GJ3669@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <30963485 DOT post AT talk DOT nabble DOT com> <ijn38b$fgq$1 AT dough DOT gmane DOT org> <30963747 DOT post AT talk DOT nabble DOT com> <87mxk91ggf DOT fsf_-_ AT kuiper DOT lan DOT informatimago DOT com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <87mxk91ggf.fsf_-_@kuiper.lan.informatimago.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On Apr  2 05:26, Pascal J. Bourguignon wrote:
> 
> openssh.README is wrong.

Nope.

> It says:

A full quote was really not necessary.  Quoting the relevant part
would have been sufficient.

>     The new ssh-host-config script also adds the /var/empty directory
>     needed by privilege separation.  When creating the /var/empty directory
>     by yourself, please note that in contrast to the README.privsep document
>     the owner sshould not be "root" but the user which is running sshd.  So,
>     in the standard configuration this is SYSTEM.  The ssh-host-config script
>     chowns /var/empty accordingly.
> 
> But when I "chown sshd /var/empty ; chmod 700 /var/empty", I still get
> the error message:

Sure enough.  Read again.

First of all, it says that the ssh-host-config script will do that for
you, so you don't have to do it by yourself.

Second, it says that /var/empty should be owned by "the user which is
running sshd".  It does *NOT* say /var/empty should be owned by "the
user called sshd".  Now check the user name of the user running the sshd
service, probably "cyg_server" and call `chown cyg_server /var/empty".

>     pjb AT lassell ~
>     $ /usr/sbin/sshd
>     /var/empty must be owned by root and not group or world-writable.

When you're trying to start sshd on the comand line, the /var/empty file
should be owned by your own account.

However, why don't you just run ssh-host-config, install ssh as a service
and be done with it?


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple