This is the mail archive of the cygwin@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: CRON startup problems with Win2K


At 03:26 PM 6/13/2002, Don Dwiggins wrote:
>I have a similar question to Scott Cokely's.  In particular, I want to run
>cron as my normal login user (a domain user on our network), to have access
>to the network shares that that user has.
>
>The Services manager lets me set that user for the service, but in starting
>cron (with the Services Manager, not cygrunsrv), it fails with the message:
>"cron : Win32 Process Id = 0x520 : Cygwin Process Id = 0x520 : starting
>service `cron' failed: execv: 1, Not owner." (Copied from the Application
>Event Viewer.)
>
>Larry Hall replied to Scott's question:
>>> Corinna Vinschen responded with:
>>> 
>>>>> Sure. cron needs privileges only given to SYSTEM by default.
>>> 
>>> So my question is:  What do I do to give cron these privileges?  Starting
>>> cron as Administrator doesn't do it, and according to the README, cron
>>> is supposed to run as SYSTEM by default.  What do I need to do to make
>>> this work for me?
>with:
>> The SYSTEM account has the required privileges.  No other account does by
>> default.  See inetutils-*.README for the list of privileges required.  Keep
>> in mind that adding these privileges to another account opens a security 
>> hole.
>
>I looked at the inetd privileges in the readme, and they do look scary; does
>cron really need all these?  


Yes, these are the required permissions as Windows defines them.  cron
specifically doesn't need any of them. ;-)  But cron needs to be able to 
do, effectively, a unix-style "su".  This is required to get there.

The permissions are not to be enabled lightly.  Windows provides these 
permissions by default only to the SYSTEM account.  crond should be run 
as this account.


>I've been trying to figure out what it is that
>cron is "Not owner" of when running as my domain user; all the cron-related
>files I've looked at seem to be OK (cron.exe, /var/cron/tabs/*,
>/var/run/cron.pid, ...).  (I've also made sure that the user does have
>"Logon as a service" privilege.)


It is important to make sure that these files do have the proper ownerships 
and permissions.  You can see the email archives for more on this discussion.
Depending on how you're running cron, cron may not "own" the files because 
it may not be the correct user when accessing them, which gets back to the
issue of Windows account privileges and the need to use the SYSTEM account
to run crond.


>I guess I'd like to understand just what privileges cron needs for what
>purposes, and what files it needs what kind of access to, so I can either
>find out how to do what I want, or understand exactly why I can't do it.


If what I said above isn't enough for you and you can't find what you want 
in the email archives, I'm afraid you're left with only MSDN documentation 
and the Cygwin source to get more detailed information.

HTH,


Larry Hall                              lhall@rfk.com
RFK Partners, Inc.                      http://www.rfk.com
838 Washington Street                   (508) 893-9779 - RFK Office
Holliston, MA 01746                     (508) 893-9889 - FAX


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]