This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Installing sshd on W7 reveals errors in CSIH_SCRIPT -- patch file against master
On Sat, 27 May 2017 14:01:09, Houder wrote:
> --=_f8e475c11eb2497bb7b3a74fbbff7888
> Content-Transfer-Encoding: 7bit
> Content-Type: text/plain; charset=US-ASCII;
> format=flowed
>
> On 2017-05-26 21:35, Houder wrote:
> > Hi,
> >
> > Installing sshd on W7 reveals errors in CSIH_SCRIPT ...
> >
> > CSIH_SCRIPT = /usr/share/csih/cygwin-service-installation-helper.sh
>
> Retrieved CSIH_SCRIPT from the master (January 19 2017) here:
>
> https://cygwin.com/git/?p=cygwin-apps/csih.git;a=summary
>
> Attached patch file against master ...
Oh, by the way ...
My sshd daemon works flawlessly on W7 ... despite the fact the I am still
using /etc/passwd and /etc/group as the "database" (i.s.o. Windows' SAM).
(despite F-Secure SAFE, being a mandatory requirement for my machine).
(and, of course, despite the consequences of the errors in CSIH_SCRIPT; I
took care of them).
Regards,
Henri
-----
/etc/nsswitch.conf:
# 31 10 2014
# "db" = any 'place' where Windows keeps account info (my case: local SAM?)
# as far as I can tell, the next two lines forces the Cygwin1.dll to retrieve the account
# info solely from /etc/passwd and /etc/group, i.e. Windows' "db" is ignored ...
#
passwd: files
group: files
# as far as I can tell, this line applies to getent (i.e. getpwent() and getgrent())
db_enum: files
/etc/passwd:
SYSTEM:*:18:18:U-NT AUTHORITY\SYSTEM,S-1-5-18:/home/SYSTEM:/bin/bash
LOCAL SERVICE:*:19:19:,S-1-5-19:/:/sbin/nologin
NETWORK SERVICE:*:20:20:,S-1-5-20:/:/sbin/nologin
Administrators:*:544:544:,S-1-5-32-544:/:/sbin/nologin
..
cyg_server:*:1014:513:Privileged server,U-Seven\cyg_server,S-1-5-21-91509220-1575020443-2714799223-1014:/var/empty:/bin/bash
Henri:*:1000:513:U-Seven\Henri,S-1-5-21-91509220-1575020443-2714799223-1000:/home/Henri:/bin/bash
..
sshd:*:1013:513:U-Seven\sshd,S-1-5-21-91509220-1575020443-2714799223-1013:/var/empty:/bin/bash
/etc/group:
SYSTEM:S-1-5-18:18:
..
Administrators:S-1-5-32-544:544:
..
None:S-1-5-21-91509220-1575020443-2714799223-513:513:
..
@@ ls -ld ~ ~/.ssh
drwxr-xr-x+ 1 Henri None 0 May 27 08:16 /home/Henri
# modified by me? (744 => 700) ... not really required ...
drwx------+ 1 Henri None 0 May 26 13:22 /home/Henri/.ssh
@@ ls -l /etc/ssh*
-rw-r--r-- 1 cyg_server Administrators 1680 May 26 13:15 /etc/ssh_config
-rw------- 1 cyg_server Administrators 668 Jul 25 2016 /etc/ssh_host_<X-key>
-rw-r--r-- 1 cyg_server Administrators 601 Jul 25 2016 /etc/ssh_host_<X-key>.pub
-rw-r--r-- 1 cyg_server Administrators 3225 May 26 16:44 /etc/sshd_config
@@ ls -ld /var/empty /var/run
drwxr-xr-x+ 1 cyg_server Administrators 0 May 26 12:45 /var/empty
drwxrwxrwt+ 1 Henri None 0 May 26 21:28 /var/run
- "/var/empty must be owned by root and not group or world-writable."
- that is, owned by "cyg_server" (the privileged account, acting as the root user here)
@@ ls -l /var/run
-rw-r--r-- 1 cyg_server None 5 May 27 07:54 sshd.pid
# modified permissions to 660 for aestetic reason only
-rw-rw---- 1 Henri None 640 May 26 18:50 utmp
@@ ls -l /var/log/sshd.log # file exists if one has redirected the output of sshd.exe ...
-rw-r--r-- 1 cyg_server None 1767 May 26 21:28 /var/log/sshd.log
@@ getfacl /var/tmp # relevant here is ownership by cyg_server ...
# file: /var/empty
# owner: cyg_server
# group: Administrators
user::rwx
group::r-x
group:SYSTEM:r-x
group:Administrators:r-x
mask:r-x
other:r-x
default:user::rwx
default:group::r-x
default:other:r-x
@@ getfacl /var/run
# file: /var/run
# owner: Henri
# group: None
# flags: --t
user::rwx
group::rwx
group:SYSTEM:rwx
group:Administrators:rwx
mask:rwx
other:rwx
default:user::rwx
default:group::r-x
default:other:r-x
=====
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple