[
https://issues.apache.org/jira/browse/VCL-1065?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16109123#comment-16109123
]
ASF subversion and git services commented on VCL-1065:
------------------------------------------------------
Commit 1803661 from [email protected] in branch 'vcl/trunk'
[ https://svn.apache.org/r1803661 ]
VCL-1065
Reverted changes to update_cygwin.cmd previously committed which added an
attempt to call mkgroup.exe and mkpasswd.exe with "-l localhost" arguments.
Added sed.exe commands to strip the '<HOST>+ section from the beginning of
lines in group and passwd if it exists.
Removed "-t rsa1" argument from ssh-keygen.exe command. Recent versions don't
support this and display an error. Without the argument, the key will be
generated with the default type.
Added command at the end of update_cygwin.cmd to delete the 'VCL Update Cygwin'
scheduled task if it exists. It doesn't need to be called on every reboot.
Added call to Windows.pm::post_load to delete the 'VCL Post Load' scheduled
task if it exists. Also added identical call to
Windows.pm::create_update_cygwin_startup_scheduled_task to make sure that both
the 'VCL Post Load' and 'VCL Update Cygwin' scheduled tasks don't both exist
because they cause conflicts.
Added call to 8.pm::pre_capture to delete the 'VCL Update Cygwin' scheduled
task if it exists before adding the 'VCL Post Load' scheduled task.
Added '/RL HIGHEST' argument to schtasks.exe call in
Windows.pm::create_startup_scheduled_task. It causes the task to run with
"highest privileges". This seems to have corrected issues on at least one image
where update_cygwin.cmd failed to run because of what seems to be a UAC issue.
Added call to Windows.pm::create_update_cygwin_startup_scheduled_task to copy
the update_cygwin.cmd file from the management node to ensure the most recent
copy is used.
> update_cygwin.cmd script does not work correctly if computer is joined to
> Active Directory
> ------------------------------------------------------------------------------------------
>
> Key: VCL-1065
> URL: https://issues.apache.org/jira/browse/VCL-1065
> Project: VCL
> Issue Type: Sub-task
> Components: vcld (backend)
> Reporter: Andy Kurth
> Assignee: Andy Kurth
> Fix For: 2.5
>
>
> The GID and UID numbers Cygwin uses may change after a computer is joined to
> Active Directory.
> Also, depending on the version of Cygwin the format of the resulting output
> from *mkpasswd -l* and *mkgroup -l* may differ. As a result, the operations
> performed by *update_cygwin.cmd* may fail to allow the sshd service to work
> correctly. Example:
> Cygwin 1.5, output the same whether or not computer is joined to AD:
> {noformat}root:unused_by_nt/2000/xp:1000:513:U-VCLV98-247\root,S-1-5-21-4145529145-2666226658-940326903-1000:/home/root:/bin/bash{noformat}
> Note: the UID 1000 corresponds to the Windows numeric identifier for the user
> account. GID 513 represents the _None_ group.
> Cygwin 2.2, computer *not* joined to AD:
> {noformat}root:*:197609:197152:U-WIN10ENT\root,S-1-5-21-57237294-3426833820-2376726728-1001:/hom
> e/root:/bin/bash{noformat}
> Note: the UID and GID numbers changed. AFAIK, the _197152_ GID is fixed and
> still corresponds to the _None_ group.
> Cygwin 2.8, computer *joined* to AD:
> {noformat}VCLV98-249+root:*:197609:197152:U-VCLV98-249\root,S-1-5-21-57237294-3426833820-2376726728-1001:/home/root:/bin/bash{noformat}
> Note: the computer name is prepended to the beginning of the line. This is
> also the case for the line corresponding to the _None_ group produced by the
> mkgroup command:
> {noformat}
> Users:S-1-5-32-545:545:
> VCLV98-249+None:S-1-5-21-57237294-3426833820-2376726728-513:197121:
> {noformat}
> I also noticed problems caused by the way the vcld backend code configures
> computers prior to a reboot or capture. Each may add a startup scheduled
> task -- _VCL Update Cygwin_ and _VCL Post Load_ respectively. These may run
> at the same time. Both call update_cygwin.cmd (post load does a few
> additional steps). Problems occur if multiple instances of update_cygwin.cmd
> runs at the same time. Contained in the script are commands to delete
> existing host key files and then regenerate them. The regenerate command
> hangs if the key file it is trying to create already exists. This causes
> that instance of update_cygwin.cmd to hang indefinitely.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
