This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: 1.7.1: problem with public key authentication on domain accounts
Larry Hall (Cygwin <reply-to-list-only-lh <at> cygwin.com> writes:
>
> On 01/04/2010 06:18 PM, Thomas Nisbach wrote:
> > Bob Burger<burgerrg<at> gmail.com> writes:
> >....
> > Any ideas?
>
> Are you using LSA? Have you read the security sections of the Users Guide?
> <http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-setuid-overview>
>
I just read a lot in the guide, since it was hardly recommended before
updating to 1.7.1-1. After reading the security section I am quite sure I
never runned cyglsa-config (/bin/cyglsa also does not exist).
> > PS: I stopped Google Desktop (known as application from BLODA list), but
this
> > was not the problem.
>
> BLODA is often not removed from having an effect without uninstalling the
> offending package. I can't say whether that's a requirement for Google
> Desktop however.
>
There was a thread at Google (http://groups.google.com/group/Google-
Desktop_Something-Broken/browse_thread/thread/0dabf807fbdf2d7f) I
participated. We found, that in Google Desktop v5.8 the additional preloading
of DLLs into any app's memory corrupted cygrunsrv (probably at fork()).
Stopping GD and renaming the regkey
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
\Windows\AppInit_DLLs was enough to make cygrunsrv/sshd running - no
deinstallation/reboot was necessary. This was exactly what I've done this
time - even I now run GD v5.9, which operated fine with cygrunsrv/sshd until I
updated to CYGWIN v1.7.1.
Additionally I found a problem with /var/empty permissions when using SSH
privilege separation (also worked before). Even when I chmod 711 /var/empty,
create a 'root' user and chown root:root /var/empty I get '/var/empty must be
owned by root and not group or world-writable'. I entertain suspicion that
there happened something stupid with the filesystem permissions for processes
running as SYSTEM and/or background process...
(I will probably not be back till Wednesday)
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple