This is the mail archive of the cygwin mailing list for the Cygwin project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Hi Corinna, Yes, sorry, setfacl again ... Now, I am NOT an expert on Windows (I do not want to be), and I realize, that I am in the company of experts on Windows (on Windows ACL) here, so it is inevitable, that I will be out of my league below, and speak "errorneously" about Windows ACL. Nevertheless, the reason for my post is that setfacl FAILS, where chmod SUCCEEDS ... Over the years (XP) my "Posix" trees (Cygwin) looked like this: @@ uname -a CYGWIN_NT-6.1-WOW Seven 1.7.35(0.286/5/3) 2015-02-12 20:59 i686 Cygwin @@ mkdir T @@ icacls T @@ getfacl T @@ ls -ld T T Seven\Henri:(F) # file: T drwxr-xr-x+ 1 Henri None 0 ... T Seven\None:(RX) # owner: Henri Everyone:(RX) # group: None CREATOR OWNER:(OI)(CI)(IO)(F) user::rwx CREATOR GROUP:(OI)(CI)(IO)(RX) group::r-x Everyone:(OI)(CI)(IO)(RX) other:r-x default:user::rwx default:group::r-x default:other:r-x @@ touch T/aap @@ icacls T/aap @@ getfacl T/aap @@ ls -l T/aap T/aap Seven\Henri:(R,W,D,WDAC,WO) # file: T/aap -rw-r--r-- 1 Henri None 0 ... T/aap Seven\None:(R) # owner: Henri Everyone:(R) # group: None user::rw- group::r-- other:r-- @@ chmod 755 T/aap @@ icacls T/aap @@ getfacl T/aap @@ ls -l T/aap T/aap Seven\Henri:(M,WDAC,WO) # file: T/aap -rwxr-xr-x 1 Henri None 0 ... T/aap Seven\None:(RX) # owner: Henri Everyone:(RX) # group: None user::rwx group::r-x other:r-x This "standard" has served me well ... I did not have to fight with mkdir, chmod, etc ... And the occasional Windows generated file did not fall "out of tune" too much. Moreover, after extraction of a .zip file in one of my "Posix" directories, it was fairly easy to reset the permissions of the extracted files (and directories), using setfacl. Currently, using this procedure, setfacl fails ... My investigation into the cause of this failure, eventually led me to simple test cases in which setfacl fails, but where chmod succeeds. (more details, if needed, in attached files) Basically, setfacl removes "write attributes" from the file owner (where chmod does not). (also: setfacl makes the creator owner loose rights -- in comparison to chmod) RFC :-) Henri ----- setfacl/file @@ pwd # bash NOT elevated /drv/e @@ mkdir T @@ touch T/aap @@ setfacl -s u::r--,g::r--,o:r-- T/aap @@ setfacl -s u::rw-,g::r--,o:r-- T/aap setfacl: Permission denied @@ chmod 644 T/aap chmod: changing permissions of ?T/aap?: Permission denied @@ touch T/aap touch: cannot touch ?T/aap?: Permission denied @@ rm T/aap /bin/rm: remove write-protected regular empty file ?T/aap?? y @@ ls -l T/aap ls: cannot access T/aap: No such file or directory @@ ----- chmod/file @@ pwd # bash NOT elevated /drv/e @@ mkdir T @@ touch T/aap @@ icacls T/aap T/aap Seven\Henri:(R,W,D,WDAC,WO) Seven\None:(R) Everyone:(R) Successfully processed 1 files; Failed processing 0 files @@ chmod u-w T/aap @@ icacls T/aap T/aap Seven\Henri:(R,D,WDAC,WO,WA) # <==== Note: lost W, but got WA in stead ... (setfacl fails here) Seven\None:(R) Everyone:(R) Successfully processed 1 files; Failed processing 0 files @@ chmod u+w T/aap @@ icacls T/aap T/aap Seven\Henri:(R,W,D,WDAC,WO) Seven\None:(R) Everyone:(R) Successfully processed 1 files; Failed processing 0 files @@ touch aap @@ ----- setfacl/directory @@ pwd # bash NOT elevated /drv/e @@ mkdir T @@ setfacl -s u::r-x,g::r-x,o:r-x,d:u::rwx,d:g::r-x,d:o:r-x T @@ setfacl -s u::rwx,g::r-x,o:r-x,d:u::rwx,d:g::r-x,d:o:r-x T setfacl: Permission denied @@ chmod 755 T chmod: changing permissions of ?T?: Permission denied @@ rmdir T @@ ls -ld T ls: cannot access T: No such file or directory ----- chmod/directory @@ pwd /drv/e @@ mkdir T @@ chmod u-w T @@ icacls T T Seven\Henri:(RX,D,WDAC,WO,WA) # <==== Note: lost W, but got WA in stead ... (setfacl fails here) Seven\None:(RX) Everyone:(RX) CREATOR OWNER:(OI)(CI)(IO)(F) CREATOR GROUP:(OI)(CI)(IO)(RX) Everyone:(OI)(CI)(IO)(RX) Successfully processed 1 files; Failed processing 0 files @@ chmod u+w T @@ icacls T T Seven\Henri:(F) Seven\None:(RX) Everyone:(RX) CREATOR OWNER:(OI)(CI)(IO)(F) CREATOR GROUP:(OI)(CI)(IO)(RX) Everyone:(OI)(CI)(IO)(RX) Successfully processed 1 files; Failed processing 0 files @@ =====
Attachment:
run-setfacl-sucks-file.txt
Description: Text document
Attachment:
run-chmod-rocks-file.txt
Description: Text document
Attachment:
run-setfacl-sucks-directory.txt
Description: Text document
Attachment:
run-chmod-rocks-directory.txt
Description: Text document
-- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |