This is the mail archive of the
mailing list for the Cygwin project.
'ssh-host-config' fails to complete when 'sshd_server' is domain account
- From: Rado S <regrado at web dot de>
- To: cygwin at cygwin dot com
- Date: Fri, 30 Oct 2009 16:14:38 +0100
- Subject: 'ssh-host-config' fails to complete when 'sshd_server' is domain account
I install for cygwin 1.5.25-15 openssh 5.1p1-10 on windowsXP as
service with privilege separation.
I have 'sshd_server' account in domain in groups 'Administrators,
Domain-accounts and PasswordDropDeny'.
(no idea what the last group is needed for, any clue?)
When I create /etc/passwd per 'mkpasswd -l -d' and then execute
ssh-host-config, it warns that 'sshd_server' exists in /etc/passwd
but not in local SAM,
guessing it might be a domain account (which it is) and we should
not worry about that for now but check later.
At the end ssh-host-config calls a function "csih_check_user()" with
"run_service_as" account as parameter, function defined in
The problem is now that "run_service_as" normally contains just the
account name when 'sshd_server' is local,
but when it is a domain account, then it contains the previously
mentionend warning text, _the full text_.
Inside the function "csih_check_user()" the parameter is passed to a
'grep' call, but the 'grep' fails on the warning text, producing an
Thereafter in ssh-host-config some "chown" commands are tried with
the broken "run_service_as" value, which naturally fails, too.
The case "sshd_server is a domain account" isn't caught gracefully
with the variable "run_service_as":
the warning message should be diverted elsewhere, not used as value
for the variable and a sensible default set instead.
Just diverting all the "echo" statements in "csih_error_multi" to
">&2" is not enough I guess.
What's the proper way to solve this?
© Rado S. -- You must provide YOUR effort for your goal!
EVERY effort counts: at least to show your attitude.
You're responsible for ALL you do: you get what you give.
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple