This is the mail archive of the cygwin-apps mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Cygwin service account (Re: inetd help)


On Jul 17 10:40, Christopher Faylor wrote:
> On Mon, Jul 17, 2006 at 04:38:58PM +0200, Corinna Vinschen wrote:
> >On Jul 17 10:12, Pierre A. Humblet wrote:
> >> cron-config already has a pretty much self contained function to create
> >> such a privileged usr, it would be easy to extend it (if needed). It['s 
> >> adapted
> >> from Corinna's ssh stuff, and it is also used for exim (add it to the list).
> >> 
> >> It also looks for typical server names such as sshd_server cyg_server 
> >> cron_server
> >> and offers to reuse them if they exist.
> >
> >Sounds good for reuse.
> >
> >> One issue that I notice is that sshd_server is (at least, "was") setting 
> >> its home directory
> >> to something special. Is it needed? Other servers may also require unusual 
> >> settings.
> >> We should identify the superset of the special needs.
> >
> >No, there's no special need for the home directory of the sshd_server
> >account.  I just used /var/empty as for the unprivileged sshd account
> >because it sounded like a good idea way back when.  You can set it to
> >almost everything.  Maybe we should follow the typical Linux layout
> >and create a "/cygwin_server" directory, similar to "/root" on Linux.
> 
> Are there bad reasons for not just calling this account "root"?

A while back I thought this is a good idea, but not anymore.

The account is a service-starter account only.  Nothing else should be
done with this account and the installation script actually forbids
this account to be used for logon.  I don't want people to get the wrong
idea what this account is for.  I know from earlier discussions that
some people are already using the root account name as a substitute
for some Admin account, or that some people are already created a root
account on their machines.  I can easily imagine what happens next after
we occupied the root account name for the service-starter account.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]