Web lists-archives.com

Re: sshd: fatal: seteuid XXX : No such device or address




On Fri, 15 Mar 2019 14:42:47, Corinna Vinschen  wrote:

> On Mar 15 14:06, Houder wrote:

> > One is forced to create the exact same environment (system) as the
> > person who is complaining, fire up the debugger (like sticking
> > a thermometer in a patient's rear end) in order to find out where
> > the code failed ...
> >
> > Meaning, within the context of the recent sshd problems, possibly only
                                                                      ^^^^
> > you know where the error ERROR_FILE_INVALID (resulting in the error
    ^^^

strace, yes. But only if one has the exact same "network" at one's disposal
as the one where the problem occurred (like you have at your place; while I
only have one simple computer) ... That is decisive.

> > message "No such device or address") was generated ... (and by which
> > Windows function).
> 
> The only interface an application has is by checking the POSIX
> errno value.  This is what Cygwin is about :)
> 
> If you need more details what's going on under the hood, you have
> to use strace.
> 
> > Oh well, this cannot be helped ...
> 
> Well, there *is* a solution by using strace.  And hey, we now know what
> ENXIO returned from seteuid means, don't we?  It's not all bad :)

You do! I do not :-) (as I do not have the machinery at my disposal that
is required to provoke this error).

A simple STC to emphasize my statement (i.e. a problem that I can strace
on my computer).

int
main()
{
    errno = 0;
    if (seteuid( (uid_t)1004) != 0) { // 1004, not being me :-)
        printf("seteuid: errno = %d, errstr = %s\n", errno, strerror(errno) );
        // seteuid: errno = 13, errstr = Permission denied => EACCES
        // ... while only EPERM en EINVAL are documented ...
    } else printf("1004, OK\n");
}

64-@@ ./seteuid
seteuid: errno = 13, errstr = Permission denied ... huh?

On Linux this simple "Simple Test Case" will result in:
seteuid: errno = 1, errstr = Operation not permitted ... Got it!

Fortunately, I have now have the strace output at my disposal:

... studying the strace output and the source code, I am now able to
tell what is going on ... see below:

seteuid (syscalls.cc)

.lsaprivkeyauth (sec_auth.cc) <==== fails; as result NULL (token)
                                     is returned by lsaprivkeyauth ...
...lsa_open_policy (sec_auth.cc) <==== fails; as result NULL (lsa)
                                        is returned by lsa_open_policy ...
    # errno, set by lsa_open_policy, is ignored
  # seteuid() chooses NOT to bail out, but
  # to attempt "Service For User Logon" (s4u) ...

.s4uauth (sec_auth.cc) <==== fails (because LsaRegisterLogonProcess
                              fails), returning the status (0xC0000041)
                              to seteuid()
  # /usr/include/w32api/ntstatus.h:
  # defines STATUS_PORT_CONNECTION_REFUSED ((NTSTATUS)0xC0000041)
  # now seteuid chooses to bail out (i.e. setuid() fails)
Q: errno?
s4uauth calls __seterrno_from_nt_status (0xC0000041), which in turn
 calls RtlNtStatusToDosError(0xC0000041), which in turn
 calls geterrno_from_win_error(5,...):
 0xC0000041 is mapped to 5, which in turn is mapped to 13 (EACCES).

Henri


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple