Re: create new file from bash: with DACL, owner, & group as windows would

[George <d1945 at sbcglobal dot net>]

On Wed, May 18, 2005 at 03:46:04PM -0700, Brian Dessent wrote:
> Tom Rodman wrote:
> 
> > wtouch()
> > {
> >   local file=$1
> >   CYGWIN=nontsec touch "$file"
> >   setacl -on "$(cygpath -aw "$file")" -ot file \
> >     -actn setowner -ownr "n:Administrators;s:n" \
> >     -actn setgroup -grp  "n:None;s:n" \
> >     -silent || echo $FUNCNAME:setacl failed
> >     # see http://setacl.sourceforge.net/html/doc-reference.html
> > }
> > 
> > I'm usually an admin, hence the setacl.  The advantage of
> > setacl over chown is that the setacl above has no impact on the
> > DACL.
> 
> BTW, you're probably aware of this but you can bring the behavior of the
> two more into line by setting a GPO.  Change "Default owner for objects
> created by members of the Administrators group" to "Object creator"
> instead of "Administrators group".  Files created in both Cygwin and
> Windows will then be owned by the user account and not the
> Administrators group.  Unless of course that's what you want.

For anyone reading this who is not an admin, it's worth pointing out
that this applies to XP only, and not to Windows 2000.  

http://support.microsoft.com/default.aspx?scid=kb;en-us;318825

For XP users, the relevant setting referred to by Mr. Dessent can be
found by running 'secpol.msc' and navigating
 
Local Policies -> Security Options -> System objects



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/