bug in csih?

Andrey Repin anrdaemon@yandex.ru
Sat Feb 21 17:44:00 GMT 2015

Greetings, Len Giambrone!

> Running the latest version:

> $ cygcheck -c cygwin openssh csih
> Cygwin Package Information
> Package              Version        Status
> csih                 0.9.8-5        OK
> cygwin               1.7.34-6       OK
> openssh              6.7p1-2        OK

> When I run

>     ssh-host-config -y -w XXXXX

> I get this:

> *** Query: Create new privileged user account 'WX64LG\cyg_server' 
> (Cygwin name: 'cyg_server')? (yes/no) yes
> *** Info: User 'cyg_server' has been created with password 'XXXXX'.
> *** Info: If you change the password, please remember also to change the
> *** Info: password for the installed services which use (or will soon use)
> *** Info: the 'cyg_server' account.

> *** Warning: Expected privileged user 'cyg_server' does not exist.
> *** Warning: Defaulting to 'SYSTEM'

> Even though it successfully creates the account, it refuses to use it.  
> I believe this is because of the following code in 
> csih_service_should_run_as()

>      if csih_privileged_account_exists "$csih_PRIVILEGED_USERNAME" 1>&2
>      then
>        # it already existed before this script was launched
>        echo "$csih_PRIVILEGED_USERNAME"
>        return
>      elif /usr/bin/getent passwd "${csih_PRIVILEGED_USERNAME}" 
 >>/dev/null 2>&1
>      then
>        # we probably just created it
>        echo "$csih_PRIVILEGED_USERNAME"
>        return
>      else
>        # a failure somewhere
>        csih_warning "Expected privileged user 
> '${csih_PRIVILEGED_USERNAME}' does not exist." 1>&2
>        csih_warning "Defaulting to 'SYSTEM'" 1>&2
>        echo "SYSTEM"
>        return
>      fi

> I am on a machine in a domain.  /usr/bin/getent passwd cyg_server 
> returns nothing:
> $ getent passwd cyg_server

That's not right. But setting up SSH in a domain environment is problematic.
You'd need an /etc/passwd file with one line mentioning local cyg_server

mkpasswd -l | grep cyg_server
or, perhaps,
getent -w passwd cyg_server

Sorry, I don't have AD on hand right now, can't help with tests.

> Running it through strace, I see it's looking for DOMAIN\cyg_server, and
> not the local account.

That's expected, and as far as I know unavoidable. Please see above for a

Andrey Repin (anrdaemon@yandex.ru) 21.02.2015, <03:43>

Sorry for my terrible english...

Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list