X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Date: Wed, 2 Apr 2008 15:27:26 +0200
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: How do I run sshd as a particular user?
Message-ID: <20080402132726.GG4468@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <D06D8751-81CE-408B-931B-66DA714FE1CC AT von-campe DOT com> <47C4A0DB DOT 6020007 AT cygwin DOT com> <6ADC05D7-7602-4123-81EF-1DE06D26E91F AT von-campe DOT com> <D1627F08-4387-4C0A-94B2-5AFC6C1EA325 AT von-campe DOT com> <006301c890e8$4fa2f070$2708a8c0 AT CAM DOT ARTIMI DOT COM> <FB6643AB-610F-46F7-B019-389E82E687C8 AT von-campe DOT com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <FB6643AB-610F-46F7-B019-389E82E687C8@von-campe.com>
User-Agent: Mutt/1.5.16 (2007-06-09)
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On Apr  2 09:11, Alfred von Campe wrote:
> On Mar 28, 2008, at 11:28, Dave Korn wrote:
>> Alfred von Campe wrote on 28 March 2008 12:30:
>>
>>> I have tried various ways to get the sshd service started as a domain
>>> user (instead of the default local user "sshd_server") and can not
>>> get it to work.  What is the correct syntax to specify a domain user
>>> with cygrunsrv?  This is what I have tried:
>>>
>>>    cygrunsrv -I sshd -u "DOMAINNAME\USERNAME" -w PASSWORD -d "CYGWIN
>>> sshd" -p /usr/sbin/sshd -a -D -e "CYGWIN=bin tty smbntsec" -y tcpip
>>[...]
>   I thought starting the service as a domain 
> user would accomplish this, but alas, I have not been able to do that.  So 
> if there is any other way to achieve our goal, I'd be happy to try it.

Did you try anything besides switching the user?  For instance:

- Did you check the event log?

- Did you check /var/run/sshd.log?  If it's empty it's probably because
  the domain user has no write permission.

- Does the domain user have an entry in the local /etc/passwd?  sshd
  needs that when checking file ownership.  And it allows to specify the
  user to cygrunsrv without the "domain\win_username" syntax.

- Did you chown /etc/ssh* and /var/empty to the domain user when trying
  to start the service under that account?  That's a must have.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/