This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Member of Administrators, high integrity level, yet crontab compains "need privileged user"


Hello,

I just tried this:

    enrique@rev /usr/local/bin
    $ crontab -u Heidi -l
    must be privileged to use -u

I understood that "privileged user" under cygwin means "Member of Administrators". I am running the mintty window with elevated privileges.

What am I missing? I am not aware of having tinkered with permissions on the C:\cygwin\* directories.

Maybe the cause is that there actually is no crontab for user "Heidi". If so, the error message is misleading.


Some research:

enrique@rev /usr/local/bin
$ id
uid=197608(enrique) gid=197121(None) groups=197121(None),114(Local account and member of Administrators group),544(Administrators),545(Users),4(INTERACTIVE),66049(CONSOLE LOGON),11(Authenticated Users),15(This Organization),113(Local account),4095(CurrentSession),66048(LOCAL),262154(NTLM Authentication),405504(High Mandatory Level)

enrique@rev /usr/local/bin
$ type -a whoami
whoami is /usr/bin/whoami
whoami is /cygdrive/c/Windows/system32/whoami

enrique@rev /usr/local/bin
$ /cygdrive/c/Windows/system32/whoami /all

USER INFORMATION
----------------

User Name   SID
=========== ==============================================
rev\enrique S-1-5-21-2972989697-3341365358-2740921365-1000


GROUP INFORMATION
-----------------

Group Name Type             SID          Attributes
============================================================= ================ ============ =============================================================== Everyone Well-known group S-1-1-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Local account and member of Administrators group Well-known group S-1-5-114 Mandatory group, Enabled by default, Enabled group BUILTIN\Administrators Alias S-1-5-32-544 Mandatory group, Enabled by default, Enabled group, Group owner BUILTIN\Users Alias S-1-5-32-545 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\INTERACTIVE Well-known group S-1-5-4 Mandatory group, Enabled by default, Enabled group CONSOLE LOGON Well-known group S-1-2-1 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Authenticated Users Well-known group S-1-5-11 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\This Organization Well-known group S-1-5-15 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\Local account Well-known group S-1-5-113 Mandatory group, Enabled by default, Enabled group LOCAL Well-known group S-1-2-0 Mandatory group, Enabled by default, Enabled group NT AUTHORITY\NTLM Authentication Well-known group S-1-5-64-10 Mandatory group, Enabled by default, Enabled group Mandatory Label\High Mandatory Level Label S-1-16-12288 Mandatory group, Enabled by default, Enabled group


PRIVILEGES INFORMATION
----------------------

Privilege Name Description                               State
=============================== ========================================= ======== SeIncreaseQuotaPrivilege Adjust memory quotas for a process Disabled SeSecurityPrivilege Manage auditing and security log Disabled SeTakeOwnershipPrivilege Take ownership of files or other objects Disabled SeLoadDriverPrivilege Load and unload device drivers Disabled SeSystemProfilePrivilege Profile system performance Disabled SeSystemtimePrivilege Change the system time Disabled SeProfileSingleProcessPrivilege Profile single process Disabled SeIncreaseBasePriorityPrivilege Increase scheduling priority Disabled SeCreatePagefilePrivilege Create a pagefile Disabled SeBackupPrivilege Back up files and directories Enabled SeRestorePrivilege Restore files and directories Enabled SeShutdownPrivilege Shut down the system Disabled SeDebugPrivilege Debug programs Enabled SeSystemEnvironmentPrivilege Modify firmware environment values Disabled SeChangeNotifyPrivilege Bypass traverse checking Enabled SeRemoteShutdownPrivilege Force shutdown from a remote system Disabled SeUndockPrivilege Remove computer from docking station Disabled SeManageVolumePrivilege Perform volume maintenance tasks Disabled SeImpersonatePrivilege Impersonate a client after authentication Enabled SeCreateGlobalPrivilege Create global objects Enabled SeIncreaseWorkingSetPrivilege Increase a process working set Disabled SeTimeZonePrivilege Change the time zone Disabled SeCreateSymbolicLinkPrivilege Create symbolic links Disabled

enrique@rev /usr/local/bin
$ ls -ld /var /var/cron /var/cron/tabs /var/cron/tabs/Heidi
ls: cannot access '/var/cron/tabs/Heidi': No such file or directory
drwxr-xr-x+ 1 Heidi None 0 Apr 20 12:23 /var
drwxr-xr-x+ 1 Heidi None 0 Jan 16 18:12 /var/cron
drwxrwxrwt+ 1 Heidi None 0 Jan 16 18:12 /var/cron/tabs


Attachment: cygcheck.out
Description: Text document

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]