This is the mail archive of the
cygwin
mailing list for the Cygwin project.
/bin/bash: Operation not permitted
- From: Francis Korning <fkorning at yahoo dot ca>
- To: "cygwin at cygwin dot com" <cygwin at cygwin dot com>
- Date: Wed, 9 Mar 2016 14:37:21 +0000 (UTC)
- Subject: /bin/bash: Operation not permitted
- Authentication-results: sourceware.org; auth=none
- References: <60610071 dot 5233701 dot 1457534241961 dot JavaMail dot yahoo dot ref at mail dot yahoo dot com>
- Reply-to: Francis Korning <fkorning at yahoo dot ca>
Apologies for spamming but I think this fix needs to be automated in
ssh-host-config and updated in the cygwin FAQ.
Like many users I've been struggling with this obscure bug that allows one
to log on with ssh only as the priviledged user (cyg_server in my case).
Attempts under another user succeed in all modes of authentication (password,
RSA, DSA, whatever), but then get disconnected with the esoteric line:
/bin/bash: Operation not permitted
It turns out this has nothing to with bash, but rather with the usser
cyg_server needing specific NTSEC rights to allow logons as other users.
The fix was found here:
http://www.tux.org/~mayer/cygwin/cygwin_sshd.pdf
Specifically, ssh-host-config needs these following lines:
editrights -a SeAssignPrimaryTokenPrivilege -u cyg_server
editrights -a SeCreateTokenPrivilege -u cyg_server
editrights -a SeTcbPrivilege -u cyg_server
editrights -a SeServiceLogonRight -u cyg_server
#editrights -l -u cyg_server
Francis Korning de Grandpre
enterprise software architect
fkorning at yahoo dot ca
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple