X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:from:date
	:message-id:subject:to:content-type; q=dns; s=default; b=jEh5G2p
	nHQ0rUjpB2TWqty01L+ByeiF5oMfMQsGNtovMXzyjz4W4c61VYrQgkUIjcbMpdd/
	gVLsYmVDMzMAdLSjlsMzL3DCZLeBmYgVxIZqEDOrygzZQny2SW+S22/XE6cgtyne
	kYc5y80O6JdVUBORZ13tHymDN5D0ipbLyWuQ=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:from:date
	:message-id:subject:to:content-type; s=default; bh=PGJv7ggBY5Fkd
	oA71792lwGC/+Y=; b=US5klFr40J+//owMJoPo6uuOFW4nKSVfLSDqb/NUhP8gA
	gNqyPoQlhjFeD/4WeXUfVPIaqGQMYHlx4h49ybDM032Jm13c1gP6q3cLNhlPy1v9
	H+61u4NpsUT6pU7PTAqsZqlxhI8LTgmOrWFxoHKrZM+hWkyrcFGy9jh9gW2USM=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-1.1 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM,SPF_PASS autolearn=no version=3.3.2 spammy=U*corinna-cygwin, corinna-cygwin AT cygwin DOT com, corinnacygwincygwincom, sk:corinna
X-HELO: mail-vk0-f51.google.com
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;        d=1e100.net; s=20161025;        h=x-gm-message-state:mime-version:in-reply-to:references:from:date         :message-id:subject:to;        bh=U3a+29it8gsVJC6/B/FrQluFKViZFvRFtbYXkZl18o0=;        b=R0VEKyFT1rjNsEBKzdJsqBFa6vUDmZoLWfVdS0EzhtTqKURS7qk6NPLfOBS8escK+z         bl48l+ubyfAxRKhPY6DXG87GGef874pdKJS8EasQcdt0qXStuCczuKj1gnyyoqQPwWQJ         +Qwy0b4XZb1H98IKkjRcfEUq9CDDREYyroQhPeo7zFJ8iM5kIoLZ8iQAJN5j+4Q9v1lG         CJ/xFb5XwZ+r+viDMLG0IK/GZHgEj3Tq8mriUlIZGEQTREubI8avlIu3Zwjia+GEmTrO         4lIPaD8G8gMyA6iKJAEn3kupbL/X5t6fkXZTno3MpkmDq1ETuSV7jLcy+OW0TLVYFsBU         tZyw==
X-Gm-Message-State: AMke39mD80S1YCXIW19LcpEBVw6zA+cfPQrIk+toZ5oRGESttAZt+kvmOZ2W37f88SWz8tBW64l1uZWBc9hUvA==
X-Received: by 10.31.28.193 with SMTP id c184mr3984842vkc.173.1486374664724; Mon, 06 Feb 2017 01:51:04 -0800 (PST)
MIME-Version: 1.0
In-Reply-To: <20170202130806.GC4310@calimero.vinschen.de>
References: <CAOTD34YFY-79CN8vfrJxLQHk=2SQOa_AQyzsqOG7Wxy0=F9LWw AT mail DOT gmail DOT com> <20170202130806 DOT GC4310 AT calimero DOT vinschen DOT de>
From: Erik Bray <erik DOT m DOT bray AT gmail DOT com>
Date: Mon, 6 Feb 2017 10:51:04 +0100
Message-ID: <CAOTD34ZEgZQ-iOPwtQEByyFs++FcqC9CXmbOgbeYWWfBeQdnWA@mail.gmail.com>
Subject: Re: Problems with ssh-host-config on Windows 10
To: cygwin AT cygwin DOT com
Content-Type: text/plain; charset=UTF-8
X-IsSubscribed: yes

On Thu, Feb 2, 2017 at 2:08 PM, Corinna Vinschen
<corinna-cygwin AT cygwin DOT com> wrote:
> On Feb  2 12:19, Erik Bray wrote:
>> Hi all,
>>
>> I've been trying to get a Cygwin sshd server running on a Windows 10
>> VM, and have found it to be surprisingly tricky without some
>> additional fiddling, and it's not clear to me whether that's expected
>> or if it's a bug.  I've attached the cygcheck output from the VM.
>>
>> The symptom I've having seems to be the same as in this post:
>>
>> https://cygwin.com/ml/cygwin/2015-06/msg00265.html
>>
>> The problem seems to be stemming from some assumptions in:
>> /usr/share/csih/cygwin-service-installation-helper.sh
>>
>> It creates the "privileged user" (in my case with the default name
>> cyg_server) with `net user`, including the SAM comment entry:
>>
>> /comment:'<cygwin home="/var/empty" shell="/bin/false"/>'
>>
>> Shortly after it calls:
>>
>> passwd -e "${csih_PRIVILEGED_USERNAME}"
>>
>> and this fails with:
>>
>> Warning: Setting password expiry for user 'desktop-mk2koav+cyg_server' failed!
>>
>> This happens because this is a fresh Cygwin install with all the
>> default settings in /etc/nsswitch.conf.  In particular, no passwd
>> entry is found for the cyg_server user unless I explicitly add "local"
>> to db_enum.  Furthermore, the SAM comment entry is not read correctly
>> without db_home: desc and db_shell: desc.  In summary, I had to edit
>> /etc/nsswitch.conf to:
>>
>> passwd db
>> db_enum: local
>> db_home: desc
>> db_shell: desc
>
> The assumption in ssh-host-config is that your nsswitch.conf settings
> are already correct.  It's kind of tricky to set up accounts and stuff
> in a not yet configured environment.

I think that's reasonable, but the question is what is "correct"?  Any
valid settings for nsswitch.conf could be "correct" for different use
cases, whereas the cygwin-service-installation-helper.sh script seems
to have some very specific requirements that don't match the default
configuration, or even many non-default configurations (especially
w.r.t. db_home and db_shell).

Best,
Erik

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple