This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Group Permissions on root folders problem (Windows 10 TP build 10061)


On Thu, 30 Apr 2015 at 10:24:50, Corinna Vinschen <corinna-cygwin at
cygwin dot com> wrote:
>
> On Apr 29 10:45, Brian Buchanan wrote:
> > I did a fresh cygwin-64 (setup-x86_64 version 2.870) install under
> > build 10061 of Windows 10 Technical Preview.
> >
> > The group permissions in the root look wrong.
> >
> > $ ls -lA /
> > total 321
> > drwx---r-x+ 1 Brian Brian               0 Apr 29 10:31 bin
> > dr-xr-xr-x  1 Brian Brian               0 Apr 29 10:31 cygdrive
> > -rwxr-xr-x  1 Brian Administrators     59 Apr 29 10:31 Cygwin.bat
> > -rw-r--r--  1 Brian Administrators 157097 Apr 29 10:31 Cygwin.ico
> > -rw-r--r--  1 Brian Administrators  53342 Apr 29 10:31 Cygwin-Terminal.ico
> > drwx---r-x+ 1 Brian Brian               0 Apr 29 10:31 dev
> > drwx---r-x+ 1 Brian Brian               0 Apr 29 10:31 etc
> > drwx---rwt+ 1 Brian Brian               0 Apr 29 10:31 home
> > drwx---r-x+ 1 Brian Brian               0 Apr 29 10:31 lib
> > dr-xr-xr-x  9 Brian Brian               0 Apr 29 10:31 proc
> > drwx---r-x+ 1 Brian Brian               0 Apr 29 10:31 sbin
> > drwx---rwt+ 1 Brian Brian               0 Apr 29 10:31 tmp
> > drwx---r-x+ 1 Brian Brian               0 Apr 29 10:30 usr
> > drwx---r-x+ 1 Brian Brian               0 Apr 29 10:30 var
> >
> > I'm logged on with a Microsoft account and ran the installer as an
> > Administrator.
> >
> > This is a particular problem running ssh-host-config -y
> > $ ssh-host-config -y
> >
...
> > /usr/share/doc/openssh/README.privsep.
> > *** Query: Should privilege separation be used? (yes/no) yes
> > *** Warning: The permissions on the directory /var are not correct.
> > *** Warning: They must match the regexp d..x..x..[xt]
> > *** ERROR: Problem with /var directory. Exiting.
>
> Hmm, the permission test in the csih helper script is apparently not up
> to the task in your situation.  As a workaround, you may want to change
> the group ownership of /var/empty to "Users" and chmod it to 755, then
> run the ssh-host-config script again.
>

(I'm now on a fresh install of Build 10130)

I had to do that to /var (not just /var/empty) to get past that
message, but I've run into another snag with ssh-host-config

I'm getting an errors saying unknown user win-g71n7drq4r6+cyg_server
at the point of setting the password, the password expiry and
assigning permissions.

*** Info: This script plans to use 'cyg_server'.
*** Info: 'cyg_server' will only be used by registered services.
*** Query: Create new privileged user account
'WIN-G71N7DRQ4R6\cyg_server' (Cygwin name:
'win-g71n7drq4r6+cyg_server')? (yes/no) yes
*** Info: Please enter a password for new user
win-g71n7drq4r6+cyg_server.  Please be sure
*** Info: that this password matches the password rules given on your system.
*** Info: Entering no password will exit the configuration.
*** Query: Please enter the password:
*** Query: Reenter:

*** Info: User 'win-g71n7drq4r6+cyg_server' has been created with
password 'Su3per$ecr3t'.
*** Info: If you change the password, please remember also to change the
*** Info: password for the installed services which use (or will soon use)
*** Info: the 'win-g71n7drq4r6+cyg_server' account.

passwd: unknown user win-g71n7drq4r6+cyg_server
*** Warning: Setting password expiry for user
'win-g71n7drq4r6+cyg_server' failed!
*** Warning: Please check that password never expires or set it to your needs.
No user or group 'win-g71n7drq4r6+cyg_server' known.
*** Warning: Assigning the appropriate privileges to user
'win-g71n7drq4r6+cyg_server' failed!
*** ERROR: There was a serious problem creating a privileged user.
*** Query: Do you want to proceed anyway? (yes/no) yes
*** Warning: Expected privileged user 'win-g71n7drq4r6+cyg_server'
does not exist.
*** Warning: Defaulting to 'SYSTEM'

*** Info: The sshd service has been installed under the LocalSystem
*** Info: account (also known as SYSTEM). To start the service now, call
*** Info: `net start sshd' or `cygrunsrv -S sshd'.  Otherwise, it
*** Info: will start automatically after the next reboot.

*** Warning: Host configuration exited with 1 errors or warnings!
*** Warning: Make sure that all problems reported are fixed,
*** Warning: then re-run ssh-host-config.

At this point sshd and a cyg_server accounts exist and the service got
created, however it's using the Local System account.

The Service starts ok, but terminates ssh connections.

The event log shows:
sshd: PID 11620: fatal: seteuid 197609: Operation not permitted.

I'm guessing this is just because the Local System account doesn't
have the required privileges.

What do those processes (passwd, set password expiry and assigning
appropriate privileges) need to succeed?

Brian

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]