X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:content-type; q=dns; s=default; b=qv
	lbchK7iyfU66D7roac8oUc+vdxn2vjWn7Yw3JBSvpZLAVEJ4hTSC93QoREb10RAg
	FWsgrknpo20y0nL1dPh2tfe9r9wBn0QbAxVsQXwnfr8Jg05NNxoIaAtV+CGGFIfD
	saaifR8f63iIjJwvutWuBP7/femcVLv8leZZz4et0=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:content-type; s=default; bh=9mfRlEU/
	/pL54I8b4ELMEEMpg6w=; b=k7qvEKMcwx0JFpklgAdms4UofnmFrzCyMf67zGo8
	nxmfUDhfebCDWyn+/wj3sTZqt0lFpuczaNvl8yshWdLrd6ksUK+qUKWESxqA8GIY
	J8l38yk5ZuGRGjrPTzyHX+CA1+nNgNjDBrRUmSAowQSO03x7xViRXsGU4ENWD1uM
	8ng=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=1.9 required=5.0 tests=AWL,BAYES_05,FREEMAIL_FROM,KAM_FROM_URIBL_PCCC,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=no version=3.3.2
X-HELO: mail-yk0-f178.google.com
MIME-Version: 1.0
X-Received: by 10.236.201.46 with SMTP id a34mr30785771yho.86.1426626405169; Tue, 17 Mar 2015 14:06:45 -0700 (PDT)
In-Reply-To: <CAO73BABUfbdCqQ9TWuTFX08Z+Wj50wxrwgNCuEhFgeov_7fr7A@mail.gmail.com>
References: <CAO73BAC-bFgMwxfyz67RKuPEMdzT=XmNVWNcBS_FkfPfOG7Ntg AT mail DOT gmail DOT com>	<20150317142451 DOT GT6096 AT calimero DOT vinschen DOT de>	<CAO73BABUfbdCqQ9TWuTFX08Z+Wj50wxrwgNCuEhFgeov_7fr7A AT mail DOT gmail DOT com>
Date: Tue, 17 Mar 2015 17:06:45 -0400
Message-ID: <CAO73BAD__ORg6+xOBSS18Z6OAK6j0=P1L+hiqrxi8C6xMJ3asw@mail.gmail.com>
Subject: Re: who is root? (or /usr/bin/sshd fails to start because of /var/log ownership)
From: Mirko Vukovic <mirko DOT vukovic AT gmail DOT com>
To: cygwin AT cygwin DOT com
Content-Type: text/plain; charset=UTF-8
X-IsSubscribed: yes

On Tue, Mar 17, 2015 at 4:45 PM, Mirko Vukovic <mirko DOT vukovic AT gmail DOT com> wrote:
> On Tue, Mar 17, 2015 at 10:24 AM, Corinna Vinschen
> <corinna-cygwin AT cygwin DOT com> wrote:
>> On Mar 17 10:10, Mirko Vukovic wrote:
>>> Hello,
>>>
>>> A few weeks ago, sshd stopped working after a cygwin64 update.  I
>>> reinstalled cygwin64 (because of the new user and password handling, I
>>> figured that to be easiest).
>>>
>>> I still cannot get sshd to run.  I get an error message:
>>> >/usr/sbin/sshd.exe -d
snip
>>> /var/empty must be owned by root and not group or world-writable.
>>>
>>> Here is what /var/empty looks like (I obfuscated the machine name part)
>>> >ls -lrd /var/empty
>>> drw-------+ 1 XXXXXXXXXX+cyg_server Administrators 0 Feb 25 09:41 /var/empty/
>>>
>>> There is no root user on my machine.  Should I create it?
>>
>> No.  The "must be owned by root" in sshd is the original upstream error
>> message.  The test leading to the message on the other hand is tweaked
>> for Cygwin to test if the /var/empty file is owned by the user running
>> sshd.  So, if you run sshd from the command line, it refuses to run if
>> /var/empty isn't owned by your current user account.  If you're running
>> sshd as service from the XXXXXXXXXX+cyg_server account, /var/empty must
>> be owned by the XXXXXXXXXX+cyg_server account.
>>
>> Does that help?
>>
>>
>> Corinna
>>
>> --
>> Corinna Vinschen                  Please, send mails regarding Cygwin to
>> Cygwin Maintainer                 cygwin AT cygwin DOT com
>> Red Hat
>
> (Good news, bad news)
>
> Good news: I can start sshd as a user, and ssh to localhost.
>
> In bash ran as administrator:
> - >chown myself /var/empty
> - >/usr/bin/sshd -d
>
> In another bash:
> ->ssh localhost.
> works
>
> Bad news:
>
> sshd cannot start as service (after I revert the /var/empty/ ownership
> as before).
>
> I start it manually under windows services, it starts and then stops.
> So it seems that it does log in.
> In /var/log/sshd.log, I see again:
> /var/empty must be owned by root and not group or world-writable
>
> I do not see a login failure in the event manager.
>
> When I look in services, sshd is set to log in as a Local System
> Account.  Changing to
> .\cyg_server does not help.  I don't want to bore you with the
> details, in case I am going
> the wrong way, but should sshd log in as a local service (the initial
> setting), cyg_server, or sshd?
>
> (I set the parameters to sshd to -d in the services, but I did not see
> any output in sshd.log).
>
> Thank you
>
> Mirko

Um, after looking at application messages, I found messages that indicated that
sshd was actually running.

After a reboot, ps -W | grep ssh confirmed that.

ssh localhost works.

But in services, sshd is not listed as running.

To summarize:

I have sshd installed as a service, set to log in as .\cyg_server. (I
had to do that manually,
after ssh-host-config).

I also manually had to fix the read-write permissions to 600.

Things seem to work now.

Thank you Corinna and Larry for reading and replying.

Mirko

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple