This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: after update to cygwin 1.7.35(0.287/5/3) all file permissions in cygwin are 070

From: Corinna Vinschen <corinna-cygwin at cygwin dot com>
To: cygwin at cygwin dot com
Date: Fri, 20 Mar 2015 19:04:49 +0100
Subject: Re: after update to cygwin 1.7.35(0.287/5/3) all file permissions in cygwin are 070
Authentication-results: sourceware.org; auth=none
References: <CAA3aKc8jHZ02MMcDeJ36jgZFiLFu4gS=pDtS1f=zovaYfJud6Q at mail dot gmail dot com> <CAFrJEvPLneS13L2EBVewRn=g6BRACfdM+7kbvjwusLHO6dkoyg at mail dot gmail dot com>
Reply-to: cygwin at cygwin dot com

On Mar 20 21:15, Rexdf wrote:
> > i have been using cygwin for many years and currently most of my
> > systems are at 1.7.32(0.274/5/3).
> > i had to get an update to cygwin/X which forced me to also update
> > cygwin. with the update, nearly all windows files have the permission
> > setting of 070 (---rwx---) even when the file is owned by me, and as a
> > consequence most applications fail to load or cannot load dll's or
> > other really annoying issues.
> >
> > is there some "magical" new setting to make cygwin recognize that
> > files owned by me are at least r/w?
> >
> 
> I don't know what is your situation, but i can give some suggestion.
> 
> AFAIK, 1.7.34+ seems to use the real Windows ACL ( at least partly).
> It means that the 700 file really cannot access by other Windows
> accounts.
> 
> First of all, try the follwoing code from mintty. Then restart X.
> mkpasswd -l > /etc/passwd
> mkgroup -l > /etc/group

Why?  The idea of the changes in 1.7.34+ were to allow to get rid of
/etc/passwd and /etc/group.  Remove the files and be done with them,
unless you're in a situation which requires you to make special
settings.

May I suggest to read the User's Guide, especially the new docs
explaining the changes to account handling in
https://cygwin.com/cygwin-ug-net/ntsec.html?

As I wrote multiple times in the last couple of months, if the
documentation is unclear, please ask and let's try to figure out to
improve the documentation.  As I'm the person who hacked this stuff, I
have probably a completely different view on what's important and what
needs explaining.

> If it is still 0700 and you right click Properties/Security from
> windows explorer.exe to make sure your real Windows ACL permission is
> true wrong. Then the following command may be helpful.
> 
> Start cmd.exe  as Administrators.
> cd to folder contain cygwin folder.
> Run following:
> 
> takeown /F cygwin /R
> icacls cygwin /T /grant your_account_name:F

So what about using Cygwin for this?  Start mintty as administrator
and then:

  $ chown <your account>:<your group> filename
  $ chmod 700 filename
  $ setfacl -b filename  # See the User's Guide!

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpmTa4rlYOa_.pgp
Description: PGP signature

References:
- after update to cygwin 1.7.35(0.287/5/3) all file permissions in cygwin are 070
  - From: schilpfamily
- Re: after update to cygwin 1.7.35(0.287/5/3) all file permissions in cygwin are 070
  - From: Rexdf

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]