• Russ Fish's avatar
    Work over the accounts and mounts part of the CygWinXP port. · 8c98fc4b
    Russ Fish authored
    Use cygrunsrv -i on sshd to "allow the service to interact with the desktop."
    Now that the sshd daemon has a desktop session context that is inherited by
    the client shell, remote home directories can work.  They start with a blank
    Windows mount context, but once a single Samba connection is made during
    login, it enables all UNC //machine/path mounts to work.  Hence the home
    directories are now CygWin mount points (no longer symlinks) to UNC paths, set
    up by rc.mounts and then shared through CygWin to all of the user logins.
    Get rid of the previous horrible (and fragile) hack to set up an auto-login by
    the swapin user which then automatically started a user sshd on port 2222.
    tmcd.c - Arrange for tmcd to provide the public key data when a special argument is
    given as "tmcc accounts pubkeys".
    rc.accounts - Due to permissions problems with remote-mounted authorized_keys
    files, sshd_config now uses "AuthorizedKeysFile /sshkeys/%u/authorized_keys",
    which is where rc.accounts puts the public key data.
    Since root, Administrator, and even SYSTEM can be locked out by permissions on
    NT, WINDOWS() variant logic to set ownership and modes on authorized_keys
    files had to be added to rc.accounts.  There is also a bug in the sshd
    "privilege separation" setreuid() dance that requires the authorized_keys
    files to be owned by SYSTEM (or be mode 644, which is slightly worse.)
    cygwinxp/liblocsetup.pm - Pay attention to the users' shell preferences in
    generating /etc/passwd.  Make warnings more uniform.
liblocsetup.pm 16.7 KB