Web lists-archives.com

Re: Problems with ssh-host-config on Windows 10




On Thu, Feb 2, 2017 at 2:08 PM, Corinna Vinschen
<corinna-cygwin@xxxxxxxxxx> wrote:
> On Feb  2 12:19, Erik Bray wrote:
>> Hi all,
>>
>> I've been trying to get a Cygwin sshd server running on a Windows 10
>> VM, and have found it to be surprisingly tricky without some
>> additional fiddling, and it's not clear to me whether that's expected
>> or if it's a bug.  I've attached the cygcheck output from the VM.
>>
>> The symptom I've having seems to be the same as in this post:
>>
>> https://cygwin.com/ml/cygwin/2015-06/msg00265.html
>>
>> The problem seems to be stemming from some assumptions in:
>> /usr/share/csih/cygwin-service-installation-helper.sh
>>
>> It creates the "privileged user" (in my case with the default name
>> cyg_server) with `net user`, including the SAM comment entry:
>>
>> /comment:'<cygwin home="/var/empty" shell="/bin/false"/>'
>>
>> Shortly after it calls:
>>
>> passwd -e "${csih_PRIVILEGED_USERNAME}"
>>
>> and this fails with:
>>
>> Warning: Setting password expiry for user 'desktop-mk2koav+cyg_server' failed!
>>
>> This happens because this is a fresh Cygwin install with all the
>> default settings in /etc/nsswitch.conf.  In particular, no passwd
>> entry is found for the cyg_server user unless I explicitly add "local"
>> to db_enum.  Furthermore, the SAM comment entry is not read correctly
>> without db_home: desc and db_shell: desc.  In summary, I had to edit
>> /etc/nsswitch.conf to:
>>
>> passwd db
>> db_enum: local
>> db_home: desc
>> db_shell: desc
>
> The assumption in ssh-host-config is that your nsswitch.conf settings
> are already correct.  It's kind of tricky to set up accounts and stuff
> in a not yet configured environment.

I think that's reasonable, but the question is what is "correct"?  Any
valid settings for nsswitch.conf could be "correct" for different use
cases, whereas the cygwin-service-installation-helper.sh script seems
to have some very specific requirements that don't match the default
configuration, or even many non-default configurations (especially
w.r.t. db_home and db_shell).

Best,
Erik

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple