This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: "incorrect password" or "permission denied" when switching users


On Sat, 14 Feb 2004 Jeremy<at>Gagliardi<dot>com wrote:

> On Sat, 14 Feb 2004 13:59:09 -0500 (EST), Igor Pechtchanski wrote:
> > $ net helpmsg 1314
> > A required privilege is not held by the client.
> >
> > Does this ring a bell?  More below.
>
> Nope.  I should point out I am not very Windows literate, which is why I'm
> trying to use Cygwin in the first place.

Jeremy,

I wasn't trying to make fun of you, I meant the contents of the message.
FWIW, now you know how to find out what a Windows error code means. :-)

> > > Please help.  Why are the most basic forms of login not working with a
> > > "standard" installation of Cygwin?
> >
> > Because normal users (read: anyone but SYSTEM) don't have enough
> > privileges to switch users.  Starting with Win2003, not even SYSTEM has
> > the needed privileges by default.  For more information, see
> > /usr/share/doc/Cygwin/openssh.README.
>
> As I pointed out in my original message, my computer's administrator
> account is "Owner".  When I installed Cygwin, all files have an
> ownership of "Owner" with group "User".  Also...
> Owner@Beast /
> $ id -a
> uid=1003(Owner) gid=545(Users)
> groups=0(root),513(None),544(Administrators),545(Users)
>
> How could "Owner" not have enough privileges?

<http://cygwin.com/acronyms/#CYNUX>.  This is Windows.  In Windows, the
only account that is allowed to switch user contexts is the built-in
SYSTEM (a.k.a. LocalSystem) account.  The README file above should outline
the basic principles of how this works, and for more details you might
want to look at <http://cygwin.com/cygwin-ug-net/ntsec.html>.

> > > Better question:  How can I get login or su to work?
> >
> > Run them as SYSTEM.  IIRC, su is broken under Cygwin altogether.  login
> > does work, however, as long as the user has appropriate privileges.
>
> Stupid question:  How do I run login as SYSTEM?  I tried `chown SYSTEM
> /bin/bash.exe` and `chmod u+s /bin/bash.exe` and did `login -f jjg`.  Same
> result.  "/bin/bash: Permission denied".

To run something *as* SYSTEM, you don't make the file owned by SYSTEM, you
get a shell running *as the SYSTEM user* and run login from that shell.
For recipes on getting a SYSTEM-owned shell, search Google for "cygwin
system-owned window".

Note that "run them as SYSTEM" was just a direct reply to your question --
the answer below describes a better way to switch users.

> > > Even better question:  How can I switch users?
> >
> > Install the openssh package, set up sshd (using ssh-host-config), and use
> > "ssh user@localhost" in lieu of "su - user".
>
> I did install openssh, and it's even running and responding to requests.
> However...
>
> Owner@Beast /
> $ ssh jjg@localhost
>
> jjg@localhost's password:
> /bin/bash: Permission denied
> Connection to localhost closed.

Ah, so now this becomes a question of getting sshd to work.  You obviously
ran "ssh-host-config".  Did you run "ssh-user-config" for the "jjg" user?
Try adding "-v" to your ssh call, and see what errors you actually get.
Also take a look at /var/log/sshd.log.
	Igor
-- 
				http://cs.nyu.edu/~pechtcha/
      |\      _,,,---,,_		pechtcha@cs.nyu.edu
ZZZzz /,`.-'`'    -.  ;-;;,_		igor@watson.ibm.com
     |,4-  ) )-,_. ,\ (  `'-'		Igor Pechtchanski, Ph.D.
    '---''(_/--'  `-'\_) fL	a.k.a JaguaR-R-R-r-r-r-.-.-.  Meow!

"I have since come to realize that being between your mentor and his route
to the bathroom is a major career booster."  -- Patrick Naughton

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]