This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Windows Server 2012R2 64bit and 32bit Cygwin sshd


On Sep  4 14:12, Achim Gratz wrote:
> Corinna Vinschen <corinna-cygwin <at> cygwin.com> writes:
> > > I couldn't start cygserver as a service with (just) the built DLL in place.
> > 
> > No idea why.  The patch just adds debug output to strace ouptput, nothing 
> > else.
> 
> Whatever.  I've installed all the binaries from that build and things work
> normally now.
> 
> > > So I started it in debug mode from the command line (which makes it have
> > > less rights than it needs) and started the sshd in debug mode also.
> > 
> > In a cyg_server GUI session?  If so, you should have all rights required
> > when starting this in an elevated shell.
> 
> Not the token privileges, I don't think so.  But I'm not sure how to check.

Windows whoami /all

> Here's the salient parts from the strace (attaching to the sshd running as a
> service in sandbox mode, running with no privilege separation produces a
> slightly different trace, but the events leading up to the error are the same):
> [...]
>    44 5026498 [main] sshd 2248 get_user_groups: Before NetUserGetGroups
> --- Process 2248, exception 00000005 at 75511D4D
> 
> The process apparently gets killed while in the NetUserGetGroups call (much
> as you suspected).  I'm not sure this tells us anything new, though. :-(

No, it just confirms it.

Please remove the debug_printf patch and try this instead:

Index: sec_auth.cc
===================================================================
RCS file: /cvs/src/src/winsup/cygwin/sec_auth.cc,v
retrieving revision 1.57
diff -u -p -r1.57 sec_auth.cc
--- sec_auth.cc	22 May 2014 16:40:13 -0000	1.57
+++ sec_auth.cc	5 Sep 2014 11:12:01 -0000
@@ -20,6 +20,7 @@ details. */
 #include "fhandler.h"
 #include "dtable.h"
 #include "cygheap.h"
+#include "exception.h"
 #include "ntdll.h"
 #include "tls_pbuf.h"
 #include <lm.h>
@@ -255,9 +256,13 @@ get_user_groups (WCHAR *logonserver, cyg
   DWORD cnt, tot, len;
   NET_API_STATUS ret;
 
-  /* Look only on logonserver */
-  ret = NetUserGetGroups (logonserver, user, 0, (LPBYTE *) &buf,
-			  MAX_PREFERRED_LENGTH, &cnt, &tot);
+  {
+    /* Experimental SEH */
+    exception protect;
+    /* Look only on logonserver */
+    ret = NetUserGetGroups (logonserver, user, 0, (LPBYTE *) &buf,
+			    MAX_PREFERRED_LENGTH, &cnt, &tot);
+  }
   if (ret)
     {
       __seterrno_from_win_error (ret);
@@ -306,9 +311,14 @@ get_user_local_groups (PWCHAR logonserve
   DWORD cnt, tot;
   NET_API_STATUS ret;
 
-  ret = NetUserGetLocalGroups (logonserver, user, 0, LG_INCLUDE_INDIRECT,
-			       (LPBYTE *) &buf, MAX_PREFERRED_LENGTH,
-			       &cnt, &tot);
+  {
+    /* Experimental SEH */
+    exception protect;
+
+    ret = NetUserGetLocalGroups (logonserver, user, 0, LG_INCLUDE_INDIRECT,
+				 (LPBYTE *) &buf, MAX_PREFERRED_LENGTH,
+				 &cnt, &tot);
+  }
   if (ret)
     {
       __seterrno_from_win_error (ret);


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpnpAxTEUrNL.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]