This is the mail archive of the mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Suggestions for cron/suid script? (accessing network shares)

Jason Dufair writes:
> I recently got cron set up on my Win2K box.  What a treat not to have to use
> Windows' built in scheduler!  Given that cron runs as SYSTEM, what I'm
> wondering is this: Is there any way to get cron to see my network shares?
> Specifically, I'm tar/gzipping my Cygwin home dir and want to copy the
> tarball to a directory on my LAN (Novell share) for which my account for
> which my logged-in account is the only trustee.  When I run a script that
> tries to map it with "net use", I get an error that implies a permissions
> issue.  I'm not likely to be able to convince the network folks to change
> permissions to add my local SYSTEM acct to this share, so I wonder if
> there's some way to do it with, say, an SUID perl script or something.  I
> briefly tried creating one, but not being super familiar with suid, I'm
> having no luck.  Any advice would be welcome. Thanks!

There are some earlier messages in the archives on this (including a recent
one from me).  The short answer seems to be "sorry, you can't do it".

Being a nosy type, and a bit stubborn, I'm still trying to either:
a) Understand exactly why I can't do it, or better
b) Figure out how to do it.

Pursuing a):
I put an "id" and an "env" and a "net use" in one of the scripts I run from

"id" returns:
     uid=11823(dond) gid=18(SYSTEM) groups=0(Everyone),18(SYSTEM),\
    10513(Domain Users),11459(Special)
("dond" is my domain user login; I broke the line myself.)  The only
difference here from running under the Cygwin shell is the gid; in the
latter case, the gid is 11459.  It appears that crond is indeed "su"ing to
my user, although keeping its own group.

Among the "env" output occurs the following:
CYGWIN=tty ntsec

"net use" gives:
    Status       Local     Remote                    Network
    Unavailable  H:        \\server1\d$          Microsoft Windows Network
    Unavailable  I:        \\server2\d$           Microsoft Windows Network
    Unavailable  K:        \\server3\users        Microsoft Windows Network
    Disconnected           \\server4\common      Microsoft Windows Network
    The command completed successfully.

Finally, I tried "net use u: '\\server5\Users\dond'", and got the following:
    System error 53 has occurred.
    The network path was not found.
    New connections will be remembered.

So, the question seems to become: why doesn't "su"ing to my domain user give
the process "enough power" to see network paths?


Don Dwiggins                     "The truth will make you free,         but first it will make you miserable"
                                  -- Tom DeMarco

Unsubscribe info:
Bug reporting:

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]