> Date: Thu, 5 Apr 2012 11:46:07 +0200 > From: corinna > To: cygwin > Subject: Re: chmod problem > > On Apr 4 13:16, Karl M wrote: > > > > > > Hi All... > > > > > > On a recent Cygwin install on a new win7-64 machine, I ran into a problem. > > The ssh service would not start because the protection on the > > /etc/ssh_host_rsa_key was too weak. (I use only the rsa host key.) > > > > If I chmod the file to 600, all is well. But...if I do it within a shell > > script, the chmod has no effect. Below is a short test case and a bash -x > > run of the script? > > > > > > $ cat test-config > > chown administrators /etc/ssh* > > ls -al /etc/ssh_host_rsa_key > > chmod -v 600 /etc/ssh_host_rsa_key > > ls -al /etc/ssh_host_rsa_key > > > > > > $ bash -x test-config > > + chown administrators /etc/ssh_host_rsa_key /etc/ssh_host_rsa_key.pub > > /etc/sshd_config > > + ls -al /etc/ssh_host_rsa_key > > -rw-rw---- 1 Administrators root 1675 Apr 4 11:30 /etc/ssh_host_rsa_key > > + chmod -v 600 /etc/ssh_host_rsa_key > > mode of `/etc/ssh_host_rsa_key' changed from 0660 (rw-rw----) to 0600 > > (rw-------) > > + ls -al /etc/ssh_host_rsa_key > > -rw-rw---- 1 Administrators root 1675 Apr 4 11:30 /etc/ssh_host_rsa_key > > > > This test was on a fresh (1.7.12) from this morning. > > There's your problem: The Administrators group and the root group > are just two different Cygwin group names for the same Windows group > with SID S-1-5-32-544. So, the above POSIX permissions are a result > of the SID S-1.5.32.544 having rw- permissions. > > Apart from that, the owner of the /etc/ssh* files should be cyg_server, > not the admins group. > I name my cyg_server user root.
But my testcase was demonstrating that chmod thought it changed the file permissions but had no effect when performed in a script. While when performed interactively at the bash command prompt, chmod worked fine. ...Karl -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
