This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: CreateFileMapping problem but Win32 error is 0

From: Andrew DeFaria <Andrew at DeFaria dot com>
To: cygwin at cygwin dot com
Cc: Dylan Ko <DKo at Salira dot com>, Jeffrey Stribling <JStribling at Salira dot com>
Date: Wed, 19 Jul 2006 08:36:16 -0700
Subject: Re: CreateFileMapping problem but Win32 error is 0
References: <44BDC603.6080809@DeFaria.com> <20060719094050.GC18664@calimero.vinschen.de>

Corinna Vinschen wrote:

On Jul 18 22:41, Andrew DeFaria wrote:
I am helping a client install a new server and we use a process that essentially does an rsh <machine> make. The make process is fairly complicated. The new server is a Windows 2003 Server. There is no RDP involved - just an rsh. I'm getting errors like:

3 [main] bash 14596 C:\cygwin\bin\bash.exe: *** fatal error - C:\cygwin\bin\bash.exe: *** CreateFileMapping Global\cygwin1S4.cygpid.4648, Win32 error 0.

I've seen some posts regarding an error similar to this but it usually involves and RDP session and an error code of 5 but here I have no RDP session and the error code is strangely 0.

The other thing that is odd is that in the process of make some of the compilations will fail as the above and others won't. IOW it's intermittent. Also it's not always bash that dies. Sometimes it's make:

4 [main] make (11352) C:\cygwin\bin\make.exe: *** fatal error - C: bin\make.exe: *** CreateFileMapping Global\cygwin1S4.cygpid.11352, Win32 . Terminating.

Since the return code is 0 the make continues onward obliviously.

Another interesting aspect is that if the user who is rsh'ing is added to the local Administrators group then all these errors disappear.

Note that people have passwordless rsh access to the server.
This is probably the problem. I just wrote a lengthy explanation of what happens in case of public key authentication, see:

http://cygwin.com/ml/cygwin/2006-07/msg00577.html

You're getting the same problem in case of rhosts authentication, it all boils down to "password-less authentication".

Your case is not exactly related but it doesn't hurt to read this first, just to get an impression and maybe a coffee break.

I can't explain the error code 0 right now, but I assume your problem is the handling of user rights related to global objects. Reading http://msdn.microsoft.com/library/default.asp?url=/library/en-us/termserv/termserv/kernel_object_namespaces.asp gives a bit of insight into the general problem.

I have to be able to reproduce the problem, which I can't ATM. As a workaround try giving the "Create global objects" user right to the sshd_server account alone. If that doesn't work, add the "Create global objects" right to the users login in through rsh.

Please report back the results of both tests.

First off, yes I am using the sshd_server account for the inetd service which, of course, starts the in.rshd process. I thought that this users, sshd_server, already had this right but apparently it didn't:

$ editrights -l -u sshd_server
SeDenyInteractiveLogonRight
SeDenyNetworkLogonRight
SeDenyRemoteInteractiveLogonRight

So I added it:

$ editrights -l -a SeCreateGlobalPrivilege -u sshd_server
SeCreateGlobalPrivilege
SeDenyInteractiveLogonRight
SeDenyNetworkLogonRight
SeDenyRemoteInteractiveLogonRight

Then I restarted inetd. Now when I rsh to the server I get:

$ rsh -l adefaria <server>
Switching to user adefaria failed!
rlogin: connection closed.

This is not good! So I removed SeCreateGlobalPrivilege from sshd_server and restart inetd and I get the same error! So I re-added all the rights I find from /bin/ssh-host-config:

$ editrights -a SeAssignPrimaryTokenPrivilege -u sshd_server
$ editrights -a SeCreateTokenPrivilege -u sshd_server
$ editrights -a SeDenyInteractiveLogonRight -u sshd_server
$ editrights -a SeDenyNetworkLogonRight -u sshd_server
$ editrights -a SeDenyRemoteInteractiveLogonRight -u sshd_server
$ editrights -a SeIncreaseQuotaPrivilege -u sshd_server
$ editrights -a SeServiceLogonRight -u sshd_server

Restarted inetd and it's back. Odd...

Now we achieve passwordless login through rlogin/rsh by purposely setting the password blank in /etc/passwd. I changed that for my user to not have a blank password in /etc/passwd so that rsh prompts. This, of course, kills the ability to do rsh <machine> <cmd> but an rsh/rlogin <machine> still works. So I log in and then attempt the make and I get the same problem with CreateFileMapping.

As for adding "Create global objects" to my user take note that my user is part of the domain. I can use the Local Security Policy editor to add my domain user to the "Create global objects" property. I tried that but again no difference in the problem. -- Andrew DeFaria <http://defaria.com> I was thinking that women should put pictures of missing husbands on beer cans.


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Follow-Ups:
- Re: CreateFileMapping problem but Win32 error is 0
  - From: Corinna Vinschen

References:
- CreateFileMapping problem but Win32 error is 0
  - From: Andrew DeFaria
- Re: CreateFileMapping problem but Win32 error is 0
  - From: Corinna Vinschen

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]