This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

/bin/bash: Operation not permitted


Apologies for spamming but I think this fix needs to be automated in
ssh-host-config and updated in the cygwin FAQ.
Like many users I've been struggling with this obscure bug that allows one 
to log on with ssh only as the priviledged user (cyg_server in my case).
Attempts under another user succeed in all modes of authentication (password, 
RSA, DSA, whatever), but then get disconnected with the esoteric line:

/bin/bash: Operation not permitted

It turns out this has nothing to with bash, but rather with the usser 
cyg_server needing specific NTSEC rights to allow logons as other users.

The fix was found here:

http://www.tux.org/~mayer/cygwin/cygwin_sshd.pdf


Specifically, ssh-host-config needs these following lines:
editrights -a SeAssignPrimaryTokenPrivilege -u cyg_server
editrights -a SeCreateTokenPrivilege -u cyg_server
editrights -a SeTcbPrivilege -u cyg_server
editrights -a SeServiceLogonRight -u cyg_server


#editrights -l -u cyg_server



Francis Korning de Grandpre
enterprise software architect
fkorning at yahoo dot ca

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]