Seteuid "operation not permitted" error when using LSA for sshd
Corinna Vinschen
corinna-cygwin@cygwin.com
Fri Aug 3 12:48:00 GMT 2012
On Aug 2 18:39, David Koppenhofer wrote:
> > Why did you install cyglsa64 from the old snapshot? The changes to
> > cyglsa are supposed to be in the Cygwin 1.7.16 package anyway.
>
> Because I was grasping for straws, and didn't know the fix was in the current
> package.
>
>
> > > I rebooted the server, made sure the sshd service was running, but I still
> > > receive the "sshd: PID 3064: fatal: seteuid 1000: Operation not permitted"
> error.
> >
> > Does the service account have TCB privileges? That's a hard requirement
> > for the user switch.
>
> Ah ha! The service account does not have the "Act as part of the operating
> system" permission.
>
> However, I ended up asking the network admin to give "Create a token object" to
> the service account. Since key authentication started working after that, I'll
> just leave things as they are.
If the restrictions of this mode, especially in terms of network shares,
are no problem for you, that's fine. Otherwise I'd like to point out
http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Project Co-Leader cygwin AT cygwin DOT com
Red Hat
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
More information about the Cygwin
mailing list