This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Windows Server 2012R2 64bit and 32bit Cygwin sshd


Corinna Vinschen <corinna-cygwin <at> cygwin.com> writes:
> > I couldn't start cygserver as a service with (just) the built DLL in place.
> 
> No idea why.  The patch just adds debug output to strace ouptput, nothing 
> else.

Whatever.  I've installed all the binaries from that build and things work
normally now.

> > So I started it in debug mode from the command line (which makes it have
> > less rights than it needs) and started the sshd in debug mode also.
> 
> In a cyg_server GUI session?  If so, you should have all rights required
> when starting this in an elevated shell.

Not the token privileges, I don't think so.  But I'm not sure how to check.

Here's the salient parts from the strace (attaching to the sshd running as a
service in sandbox mode, running with no privilege separation produces a
slightly different trace, but the events leading up to the error are the same):

 262 1161585 [main] sshd 2044 getpid: 2044 = getpid()
10593 1172178 [main] sshd 2044 get_logon_server: DC: server: \\SC301
   58 1172236 [main] sshd 2044 get_user_groups: Before NetUserGetGroups
--- Process 560, exception 00000005 at 75511D4D
 6543 1178779 [main] sshd 2044 get_user_groups: After NetUserGetGroups ret = 5
   56 1178835 [main] sshd 2044 seterrno_from_win_error:
../../../../source/cygwin-snapshot-20140903-1/winsup/cygwin/sec_auth.cc:265
windows error 5
   36 1178871 [main] sshd 2044 geterrno_from_win_error: windows error 5 ==
errno 13
   33 1178904 [main] sshd 2044 get_user_local_groups: Before
NetUserGetLocalGroups
--- Process 560, exception 00000005 at 75511D4D
 7964 1186868 [main] sshd 2044 get_user_local_groups: After
NetUserGetLocalGroups ret = 5
   50 1186918 [main] sshd 2044 seterrno_from_win_error:
../../../../source/cygwin-snapshot-20140903-1/winsup/cygwin/sec_auth.cc:318
windows error 5
   38 1186956 [main] sshd 2044 geterrno_from_win_error: windows error 5 ==
errno 13
   37 1186993 [main] sshd 2044 initgroups32: 0 = initgroups(gratz, 1049089)

It then proceeds to log on via the token and mounts the entries from my
personal fstab (that should fail if it was running as a different user for
some of the entries).  After checking for /etc/nologin this happens:

   35 5023308 [main] sshd 2248 setegid32: new egid: 1049089 current: 197121
   41 5023349 [main] sshd 2248 setegid32: NtSetInformationToken (hProcToken,
TokenPrimaryGroup), 0xC000005B
 3105 5026454 [main] sshd 2248 get_logon_server: DC: server: \\SC301
   44 5026498 [main] sshd 2248 get_user_groups: Before NetUserGetGroups
--- Process 2248, exception 00000005 at 75511D4D

The process apparently gets killed while in the NetUserGetGroups call (much
as you suspected).  I'm not sure this tells us anything new, though. :-(


Regards,
Achim.


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]