X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-1.1 required=5.0 	tests=BAYES_05
X-Spam-Check-By: sourceware.org
Date: Fri, 30 Oct 2009 16:14:38 +0100
From: Rado S <regrado AT web DOT de>
To: cygwin AT cygwin DOT com
Subject: 'ssh-host-config' fails to complete when 'sshd_server' is domain  account
Message-ID: <20091030151438.GC24895@rzdspc10.informatik.uni-hamburg.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.5.20hg (2009-08-17)
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

Moin,

I install for cygwin 1.5.25-15 openssh 5.1p1-10 on windowsXP as
service with privilege separation.
I have 'sshd_server' account in domain in groups 'Administrators,
Domain-accounts and PasswordDropDeny'.
(no idea what the last group is needed for, any clue?)

When I create /etc/passwd per 'mkpasswd -l -d' and then execute
ssh-host-config, it warns that 'sshd_server' exists in /etc/passwd
but not in local SAM,
guessing it might be a domain account (which it is) and we should
not worry about that for now but check later.
At the end ssh-host-config calls a function "csih_check_user()" with
"run_service_as" account as parameter, function defined in
"/usr/share/csih/cygwin-service-installation-helper.sh".

The problem is now that "run_service_as" normally contains just the
account name when 'sshd_server' is local,
but when it is a domain account, then it contains the previously
mentionend warning text, _the full text_.
Inside the function "csih_check_user()" the parameter is passed to a
'grep' call, but the 'grep' fails on the warning text, producing an
error.
Thereafter in ssh-host-config some "chown" commands are tried with
the broken "run_service_as" value, which naturally fails, too.

The case "sshd_server is a domain account" isn't caught gracefully
with the variable "run_service_as":
the warning message should be diverted elsewhere, not used as value
for the variable and a sensible default set instead.

Just diverting all the "echo" statements in "csih_error_multi" to
">&2" is not enough I guess.

What's the proper way to solve this?

-- 
© Rado S. -- You must provide YOUR effort for your goal!
EVERY effort counts: at least to show your attitude.
You're responsible for ALL you do: you get what you give.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple