This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Permissions/acl problem


Jerome Fong wrote:

> This doesn't seem to help.  I re-ran cron_diagnose.sh and made sure I
> had ntsec and smbntsec define, but that doesn't seem to help.  Am I
> suppose to add it to my .profile?

I think Larry might have been a little quick on the trigger to suggest
smbntsec, as I don't see how that would be relevant in this situation. 
(And ntsec is the default if not specified, so there's no reason really
to ever specify it.)

The problem is that the cron daemon runs as the system and impersonates
each user when it goes to execute a job from their crontab.  But the
cron daemon does not have the user's password (exactly analogous to the
case when logging on to the sshd daemon with pubkey auth) so any network
shares that require authentication will not be accessible from the
cronjob.  There's a FAQ entry about this, but the solutions amount to
basically:

- use network paths accessible to guests
- run cron daemon as the desired user, which requires giving the user's
password once when installing service but not subsequently.  (But you
can only ever run jobs as that user as impersonation is not possible
without extra privileges.)
- supply your password explicitly in the cronjob, i.e. by invoking "net
use" with username and password.  (Requires leaving password exposed in
crontab)

Brian

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]