Re: New installation of Cygwin64: xinit.sh exit code 3
I seem to have almost excatly the same problem except that I could not solve it by removing the Cygwin-X folder. In this case during the reinstallation of the xinit package the folder is recreated again and then the original error message (xinit.sh exit code 3) reappears. The directory again has strange permissions when checked with Windows Explorer and I am not allowed the enter it or see its contents before resetting the security settings. When doing an "ls -l" (within Cygwin) in the "Start Menu" folder the group and owner for the Cygwin-X directory seem to be reversed compared to other folders manually created from Windows Explorer (i.e. the user name appears in the group column and vice versa) but I'm not sure if this is important: d---rwxr-x+ 1 myusername Administratoren 0 May 10 02:27 Cygwin-X For all other folders the group is displayed before the username. I had to fix the security settings for the Cygwin-X folder and then manually execute the last two "mkshortcut" commands from "/etc/postinstall/xinit.sh" (replacing $CYGWINFORALL with "-A" and ${wow64} with an empty string). Should this be the only problem and should my "fix" be correct? And is there anything I can do to help find the cause for this problem? On 23.10.2023 17:41, Brian Inglis via Cygwin wrote: On 2023-10-23 06:05, Fergus Daly via Cygwin wrote: << Detail >> When I used Explorer to visit C:\ProgramData\Microsoft\Windows\Start Menu\Cygwin-X I was told: "You don't currently have permission to access this folder" and clicking on Continue to get access I was told: "You have been denied permission to access this folder" There was then offered an option to edit Permissions which I didn't feel like pursuing. (I am the Administrator on my own standalone Windows machine. The denial of access to Cygwin-X feels odd. PS I also have Cygwin32 installed and running. I _am_ permitted access to the equivalent folder Cygwin-X (32-bit).) Please try running the following command/s, under Cygwin 32 and 64, and posting the outputs: $ for p in "`cygpath -A -P -U`"{,/Cygwin-X}; do for c in 'lsattr -d' 'ls -dl' getfacl; do $c "$p"; echo; done; icacls "`cygpath -m "$p"`"; done Thank you. (Again.) 1. Actually before reading this I had deleted both folders (successfully, despite not being permitted entry into one of them) and the re-ran the xinit installation with no bother at all. I'm guessing the Permissions glitch resulted from some local recent accidental keypress or sequence. 2. icacls? Haven't got this though I have got getfacl; found icacl in "Search packages" under libattica-devel and ng-spice-debuginfo? $ /proc/cygdrive/c/WINDOWS/system32/icacls /? -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: cygsshd fails due to bad ownership or modes of /cygdrive/c/Users
On 07.02.2024 20:27, Corinna Vinschen via Cygwin wrote: On Feb 7 20:23, ASSI via Cygwin wrote: Frank-Ulrich Sommer via Cygwin writes: I'm trying to run cygsshd on my PC with Windows 11 and connect from a linux machine. I have added the public key to /cygdrive/c/Users/xxx/.ssh/authorized_keys and created a symbolic link from /cygdrive/c/Users/xxx/.ssh to /home/xxx/.ssh. As usual I checked the access rights and mode of the .ssh directory (700 and belongs to user xxx) and the authorized_keys file (600 and also belongs to user xxx) and also of the home directory (had to change ownership). Just bind mount instead of symlinking .ssh and everything should work. Assuming you have installed CYgwin under your own account, that's even better than utilizing "StrictModes" Corinna Ich decided to move the .ssh directory to /home/username/.ssh and edited nsswitch.conf to specify the home directory with "db_home: /home/%U" (all entries in this file were commented). Now sshd seems to work without deactivating strict mode. If I should still get problems with something else missing the .ssh directory in the WIndows Users directory I will try the bind mount. I do not know how the .ssh got in /cygdrive/c/Users/... because I did not change anything manually. Thanks for all the help! -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: cygsshd fails due to bad ownership or modes of /cygdrive/c/Users
On 06.02.2024 22:22, Brian Inglis via Cygwin wrote: On 2024-02-05 18:36, Eliot Moss via Cygwin wrote: On 2/5/2024 8:28 PM, Frank-Ulrich Sommer via Cygwin wrote: On 05.02.2024 00:53, Frank-Ulrich Sommer via Cygwin wrote: I'm trying to run cygsshd on my PC with Windows 11 and connect from a linux machine. I have added the public key to /cygdrive/c/Users/xxx/.ssh/authorized_keys and created a symbolic link from /cygdrive/c/Users/xxx/.ssh to /home/xxx/.ssh. As usual I checked the access rights and mode of the .ssh directory (700 and belongs to user xxx) and the authorized_keys file (600 and also belongs to user xxx) and also of the home directory (had to change ownership). Change the symlink from Cygwin home to your home, as symlinks have a+rwx perms, so you can not use one for .ssh: $ ln -sv `cygpath -aU "C:/Users/$USER"` /home/ Currently I'm reluctant to do this as my current cygwin home directory looks quite "clean" and does not contain hundreds of Windows files and subdirectories. I just added the link as the .ssh directory was automatically created as /cygdrive/c/Users/fus/.ssh and I wanted to have an easier access and avoid having two different .ssh directories which showed to be quite risky in the past. Now I get the following strange messages: [...] Feb 5 00:35:50 X sshd: PID 2798: debug1: temporarily_use_uid: 197609/197121 (e=18/18) Feb 5 00:35:50 X sshd: PID 2798: debug1: trying public key file /home/xxx/.ssh/authorized_keys Feb 5 00:35:50 X sshd: PID 2798: debug1: fd 5 clearing O_NONBLOCK Feb 5 00:35:50 X sshd: PID 2798: Authentication refused: bad ownership or modes for directory /cygdrive/c/Users Feb 5 00:35:50 X sshd: PID 2798: debug1: restore_uid: 18/18 [...] Why is cygsshd complaining about the Windows "Users" directory and not about the directory of user xxx (/cygdrive/c/Users/xxx)? And how can I solve this? Looking at the OpenSSH source code (on Github, not from Cygwin) I found a function "safe_path" that checks that the ownership and access modes for all path components are correct. This relies on "platform_sys_dir_uid" which checks if a UID may own a system directory. The code checks for UID zero and might also accept an OS specific second value (PLATFORM_SYS_DIR_UID) but for Cygwin this seems not to be set. But I don't know where to find the source code for the exact version that is used in Cygwin and I'm unsure about build settings. Run Cygwin setup and select package openssh Source checkbox to download the source package, or go to your Cygwin upstream mirror and download the source tarball shown in setup.ini prefixed with your nearest Cygwin mirror site e.g. https://ftp.fau.de/cygwin/x86_64/release/openssh/openssh-9.6p1-1-src.tar.xz Build settings are in the Cygwin package build control script definitions file openssh.cygport in the source tarball or build repo: https://cygwin.com/cgit/cygwin-packages/openssh/tree/openssh.cygport ... --disable-strip --with-kerberos5=/usr --libexecdir=/usr/sbin --with-xauth=/usr/bin/xauth --with-libedit --with-security-key-builtin Thanks for that tip, I found and installed it and succeeded to build it with additional info in the error message (see below). A comment defines this a safe path as follows: "This is defined as all components of the path to the file must be owned by either the owner of the file or root and no directories must be group or world writable." The "Users" directory is owned by "SYSTEM" (numeric: 18 according to stat) and only writable by Administrators and SYSTEM. The mode cygwin shows for /cygdrive/c/Users is 0750 which should be OK. So my question is: are "Administrators" and "SYSTEM" different users and does cygsshd accept SYSTEM (numeric 18) as a valid user who may own system directories? If the numeric ID is really 18 I can't see how this check can succeed but I'm not sure the code used in Cygwin is the same. $ id SYSTEM uid=18(SYSTEM) gid=18(SYSTEM) groups=544(Administrators),18(SYSTEM) OK, I get the same on my system which seems to be Windows standard. Administrators and SYSTEM are not the same. And neither is exactly equivalent to the concept of root in POSIX. SYSTEM (in my experience) is used for things like backup tools that needs access to almost every file. Administrators is for system administration. I don't have deep knowledge of all of this - others can give a deeper / more nuanced answer. Look at permissions at all levels: $ lsattr -d ~/.ssh/;echo;ls -dl ~/.ssh/;echo;getfacl ~/.ssh/;\ icacls `cygpath -m ~/.ssh` /home/BWI/.ssh/ drwx-- 1 $USER None 0 Mar 8 2023 /home/$USER/.ssh/ # file: /home/$USER/.ssh/ # owner: $USER # group: None user::rwx group::--- other::--- default:user::rwx default:group::--- default:other::--- ...
Re: cygsshd fails due to bad ownership or modes of /cygdrive/c/Users
Looking at the OpenSSH source code (on Github, not from Cygwin) I found a function "safe_path" that checks that the ownership and access modes for all path components are correct. This relies on "platform_sys_dir_uid" which checks if a UID may own a system directory. The code checks for UID zero and might also accept an OS specific second value (PLATFORM_SYS_DIR_UID) but for Cygwin this seems not to be set. But I don't know where to find the source code for the excat version that is used in Cygwin and I'm unsure about build settings. A comment defines this a safe path as follows: "This is defined as all components of the path to the file must be owned by either the owner of the file or root and no directories must be group or world writable." The "Users" directory is owned by "SYSTEM" (numeric: 18 according to stat) and only writable by Administrators and SYSTEM. The mode cygwin shows for /cygdrive/c/Users is 0750 which should be OK. So my question is: are "Administrators" and "SYSTEM" different users and does cygsshd accept SYSTEM (numeric 18) as a valid user who may own system directories? If the numeric ID is really 18 I can't see how this check can succeed but I'm not sure the code used in Cygwin is the same. On 05.02.2024 00:53, Frank-Ulrich Sommer via Cygwin wrote: Hi, I'm trying to run cygsshd on my PC with Windows 11 and connect from a linux machine. I have added the public key to /cygdrive/c/Users/xxx/.ssh/authorized_keys and created a symbolic link from /cygdrive/c/Users/xxx/.ssh to /home/xxx/.ssh. As usual I checked the access rights and mode of the .ssh directory (700 and belongs to user xxx) and the authorized_keys file (600 and also belongs to user xxx) and also of the home directory (had to change ownership). Now I get the following strange messages: [...] Feb 5 00:35:50 X sshd: PID 2798: debug1: temporarily_use_uid: 197609/197121 (e=18/18) Feb 5 00:35:50 X sshd: PID 2798: debug1: trying public key file /home/xxx/.ssh/authorized_keys Feb 5 00:35:50 X sshd: PID 2798: debug1: fd 5 clearing O_NONBLOCK Feb 5 00:35:50 X sshd: PID 2798: Authentication refused: bad ownership or modes for directory /cygdrive/c/Users Feb 5 00:35:50 X sshd: PID 2798: debug1: restore_uid: 18/18 [...] Why is cygsshd complaining about the Windows "Users" directory and not about the directory of user xxx (/cygdrive/c/Users/xxx)? And how can I solve this? Frank -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
cygsshd fails due to bad ownership or modes of /cygdrive/c/Users
Hi, I'm trying to run cygsshd on my PC with Windows 11 and connect from a linux machine. I have added the public key to /cygdrive/c/Users/xxx/.ssh/authorized_keys and created a symbolic link from /cygdrive/c/Users/xxx/.ssh to /home/xxx/.ssh. As usual I checked the access rights and mode of the .ssh directory (700 and belongs to user xxx) and the authorized_keys file (600 and also belongs to user xxx) and also of the home directory (had to change ownership). Now I get the following strange messages: [...] Feb 5 00:35:50 X sshd: PID 2798: debug1: temporarily_use_uid: 197609/197121 (e=18/18) Feb 5 00:35:50 X sshd: PID 2798: debug1: trying public key file /home/xxx/.ssh/authorized_keys Feb 5 00:35:50 X sshd: PID 2798: debug1: fd 5 clearing O_NONBLOCK Feb 5 00:35:50 X sshd: PID 2798: Authentication refused: bad ownership or modes for directory /cygdrive/c/Users Feb 5 00:35:50 X sshd: PID 2798: debug1: restore_uid: 18/18 [...] Why is cygsshd complaining about the Windows "Users" directory and not about the directory of user xxx (/cygdrive/c/Users/xxx)? And how can I solve this? Frank -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Re: "ls" sorts wrongly if given large number of files
Am 06.01.2021 um 19:17 schrieb Kamran via Cygwin: Hi all "ls" (version 8.26) sorts wrongly if given large number of files via "find" or "xargs" For example: find -type f -exec ls -oS -h {} + OR find -type f -print0 | xargs -0r ls -oS -h Gives following data. Sorry for the long listing, and wrapped lines. But search for "setup.ini" which is about 17 MB, it is sorted AFTER very small files. In fact it seams that sorting is restarted from that file (subsequent files are again sorted). Note also that removing "-h" from "ls" command lines results in the same problem. (output is trimmed to remove unnecessary data, i.e. perms/user/date-time, but order is the same) 26M ./release/gcc/gcc-core/gcc-core-10.2.0-1.tar.xz 24M ./release/binutils/binutils-2.34+1git.de9c1b7cfe-1.tar.xz [...] 108 ./release/python2/python/python-2.7.16-1.tar.xz 108 ./release/python-gobject/python-gobject-2.28.7-1.tar.xz 46 ./release/tcl-tk/tcltk/tcltk-20120206-1.tar.bz2 32 ./release/man-db/man/man-2.6.7-2.tar.xz 32 ./release/popt/popt-1.16-2.tar.xz 32 ./release/procps-ng/procps/procps-3.3.10-1.tar.xz 17M ./setup.ini 5.7M ./release/vim/vim-common/vim-common-8.2.0486-1.tar.xz 4.6M ./release/w32api-headers/w32api-headers-8.0.0-1.tar.xz 1.8M ./release/vim/vim-doc/vim-doc-8.2.0486-1.tar.xz [...] 16K ./release/xeyes/xeyes-1.1.2-1.tar.xz 15K ./release/xf86-video-dummy/xf86-video-dummy-0.3.8-1.tar.xz 12K ./release/util-linux/libuuid1/libuuid1-2.33.1-2.tar.xz xargs uses multiple calls to ls and find calls ls once for each matching file so in the two mentioned cases ls will not get to see the full list and thus can't sort all the files. This is the expected bahviour and not special to cygwin. -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation:https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple