This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 2.0.0-0.7


On Apr 21 09:33, Achim Gratz wrote:
> Corinna Vinschen <corinna-cygwin <at> cygwin.com> writes:
> > New 2.0.0-0.7 test release:
> 
> It looks like I found a bug or at least some extremely undesirable
> behaviour.  We back up some data via rsync, the script doesn't use the --acl
> option yet (that will need to change).  The bug happens without this option,
> so rsync tries to preserve the modes, which ends up making the files
> inaccessible.  The file share we back up from have ACL to grant the access
> only to certain groups and disallow to change the DACL.  In trying to get
> the modes set up in the same way, Cygwin rsync produces some DENY ACL that
> will completely lock me out (the windows GUI will not only complain about
> the order of ACL, it will also not show all ACL, so icacls is the only tool
> that can be used from that point forward).  I'm not really sure what rsync
> is doing here... it may need to become smarter about that possibility.

It's not about rsync exactly.  The problem is that I'm missing the
context a bit.  I take it the permissions are supposed to be inherited
from the ".." dir, basically.  The ".." dir has been created by
non-Cygwin means, right?  The "." dir has been created by Cygwin already
it seems, but what permissions were desired?  Does it match the
expectations or not?

The "dir1" and "dir2" directories both have been created by Cygwin,
but they are somehow totally wrong.  I don't see how this could occur,
even in case the ACL sorting fails at creation time.

Btw., the getfacl output of dir1 and dir2 don't seem to match the
icacls output.  The groups are different.

I wonder if I can create a similar scenario.  Reproducing might be
tricky :(


Corinna


> (1020)...Backup_rsync/~2015-04-20_15~37 > `cygpath -S`/icacls ..
> .. BUILTIN\Administrators:(I)(F)
>    BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
>    NT AUTHORITY\SYSTEM:(I)(F)
>    NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
>    NT AUTHORITY\Authenticated Users:(I)(M)
>    NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(IO)(M)
>    BUILTIN\Users:(I)(RX)
>    BUILTIN\Users:(I)(OI)(CI)(IO)(GR,GE)
>    Everyone:(I)(OI)(IO)(M,GA)
>    Everyone:(I)(CI)(F)
> 
> 1 Dateien erfolgreich verarbeitet, bei 0 Dateien ist ein Verarbeitungsfehler
> aufgetreten.
> (1021)...Backup_rsync/~2015-04-20_15~37 > `cygpath -S`/icacls .
> . NULL SID:(DENY)(Rc,S,REA,WEA,X,DC)
>   DOM\gratz:(F)
>   BUILTIN\Users:(DENY)(W,DC)
>   DOM\Domain Users:(RX,W,DC)
>   NT AUTHORITY\Authenticated Users:(RX,W,DC)
>   NT AUTHORITY\SYSTEM:(RX,W,DC)
>   BUILTIN\Administrators:(RX,W,DC)
>   BUILTIN\Users:(RX)
>   Everyone:(RX,W,DC)
>   NULL SID:(OI)(CI)(IO)(DENY)(Rc,S,REA,WEA,X,DC)
>   CREATOR OWNER:(OI)(CI)(IO)(F)
>   CREATOR GROUP:(OI)(CI)(IO)(DENY)(W,DC)
>   BUILTIN\Users:(OI)(CI)(IO)(DENY)(W,DC)
>   CREATOR GROUP:(OI)(CI)(IO)(RX)
>   NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(RX,W,DC)
>   NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(RX,W,DC)
>   BUILTIN\Administrators:(OI)(CI)(IO)(RX,W,DC)
>   BUILTIN\Users:(OI)(CI)(IO)(RX)
>   Everyone:(OI)(CI)(IO)(RX,W,DC)
> 
> 1 Dateien erfolgreich verarbeitet, bei 0 Dateien ist ein Verarbeitungsfehler
> aufgetreten.
> (1022)...Backup_rsync/~2015-04-20_15~37 > `cygpath -S`/icacls \*
> dir1 NULL SID:(DENY)(Rc,S,DC)
>      NT AUTHORITY\Authenticated Users:(DENY)(W,RD,REA,X,DC)
>      BUILTIN\Users:(DENY)(S,RD,REA,X)
>      NULL SID:(OI)(CI)(IO)(DENY)(Rc,S,REA,WEA,X,DC)
>      CREATOR GROUP:(OI)(CI)(IO)(DENY)(W,DC)
>      BUILTIN\Users:(OI)(CI)(IO)(DENY)(W,DC)
>      DOM\gratz:(D,Rc,WDAC,WO,RA,WA)
>      DOM\Domain Users:(Rc,S,RA)
>      NT AUTHORITY\Authenticated Users:(RX,W,DC)
>      NT AUTHORITY\SYSTEM:(RX,W,DC)
>      BUILTIN\Administrators:(RX,W,DC)
>      BUILTIN\Users:(RX)
>      Everyone:(Rc,S,RA)
>      CREATOR OWNER:(OI)(CI)(IO)(F)
>      CREATOR GROUP:(OI)(CI)(IO)(RX)
>      NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(RX,W,DC)
>      NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(RX,W,DC)
>      BUILTIN\Administrators:(OI)(CI)(IO)(RX,W,DC)
>      BUILTIN\Users:(OI)(CI)(IO)(RX)
>      Everyone:(OI)(CI)(IO)(RX,W,DC)
>      DOM\gratz:(OI)(CI)(F)
> 
> dir2 NULL SID:(DENY)(Rc,S,REA,WEA,X,DC)
>      DOM\gratz:(DENY)(S,RD,WD,AD,REA,WEA,X,DC)
>      NULL SID:(OI)(CI)(IO)(DENY)(Rc,S,REA,WEA,X,DC)
>      CREATOR GROUP:(OI)(CI)(IO)(DENY)(W,DC)
>      BUILTIN\Users:(OI)(CI)(IO)(DENY)(W,DC)
>      DOM\gratz:(D,Rc,WDAC,WO,RA,WA)
>      DOM\Domain Users:(RX,W,DC)
>      NT AUTHORITY\Authenticated Users:(RX,W,DC)
>      NT AUTHORITY\SYSTEM:(RX,W,DC)
>      BUILTIN\Administrators:(RX,W,DC)
>      BUILTIN\Users:(RX)
>      Everyone:(Rc,S,RA)
>      CREATOR OWNER:(OI)(CI)(IO)(F)
>      CREATOR GROUP:(OI)(CI)(IO)(RX)
>      NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(RX,W,DC)
>      NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(RX,W,DC)
>      BUILTIN\Administrators:(OI)(CI)(IO)(RX,W,DC)
>      BUILTIN\Users:(OI)(CI)(IO)(RX)
>      Everyone:(OI)(CI)(IO)(RX,W,DC)
>      DOM\gratz:(OI)(CI)(F)
> 
> 2 Dateien erfolgreich verarbeitet, bei 0 Dateien ist ein Verarbeitungsfehler
> aufgetreten.
> (1023)...e/ADM_Backup_rsync/~2015-04-20_15~37 > getfacl .. . *
> # file: ..
> # owner: otheruser
> # group: Domain Users
> user::---
> group::---
> group:Authenticated Users:rwx
> group:SYSTEM:rwx
> group:Administrators:rwx
> group:Users:r-x
> mask:rwx
> other:rwx
> default:user::---
> default:group::---
> default:group:Authenticated Users:rwx
> default:group:SYSTEM:rwx
> default:group:Administrators:rwx
> default:group:Users:r-x
> default:mask:rwx
> default:other:rwx
> 
> # file: .
> # owner: gratz
> # group: Domain Users
> user::rwx
> group::rwx
> group:Authenticated Users:rwx
> group:SYSTEM:rwx
> group:Administrators:rwx
> group:Users:r-x
> mask:rwx
> other:rwx
> default:user::rwx
> default:group::r-x
> default:group:Authenticated Users:rwx
> default:group:SYSTEM:rwx
> default:group:Administrators:rwx
> default:group:Users:r-x
> default:mask:rwx
> default:other:rwx
> 
> # file: dir1
> # owner: gratz
> # group: Domain Users
> user::rwx
> group::---
> group:Authenticated Users:---
> group:SYSTEM:rwx
> group:Administrators:rwx
> group:Users:---
> mask:rwx
> other:---
> default:user::rwx
> default:user:gratz:rwx
> default:group::r-x
> default:group:Authenticated Users:rwx
> default:group:SYSTEM:rwx
> default:group:Administrators:rwx
> default:group:Users:r-x
> default:mask:rwx
> default:other:rwx
> 
> # file: dir2
> # owner: gratz
> # group: Domain Users
> user::---
> group::rwx
> group:Authenticated Users:rwx
> group:SYSTEM:rwx
> group:Administrators:rwx
> group:Users:r-x
> mask:rwx
> other:---
> default:user::rwx
> default:user:gratz:rwx
> default:group::r-x
> default:group:Authenticated Users:rwx
> default:group:SYSTEM:rwx
> default:group:Administrators:rwx
> default:group:Users:r-x
> default:mask:rwx
> default:other:rwx
> 
> (1024).../Backup_rsync/~2015-04-20_15~37 > getfacl /cygdrive/x/dir1
> # file: /cygdrive/x/dir1
> # owner: otheruser
> # group: Domain Users
> user::---
> group::---
> group:ADM-FileOperators-L:rwx
> group:PRJ-C-L:rwx
> mask:rwx
> other:---
> default:user::---
> default:group::---
> default:group:ADM-FileOperators-L:rwx
> default:group:PRJ-C-L:rwx
> default:mask:rwx
> default:other:---
> 
> (1025)...Backup_rsync/~2015-04-20_15~37 > getfacl /cygdrive/z/dir2
> # file: /cygdrive/z/dir2
> # owner: otheruser
> # group: Domain Users
> user::---
> group::---
> group:ADM-FileOperators-L:rwx
> group:PRJ-R-L:r-x
> group:PRJ-C-L:rwx
> mask:rwx
> other:---
> default:user::---
> default:group::---
> default:group:ADM-FileOperators-L:rwx
> default:group:PRJ-R-L:r-x
> default:group:PRJ-C-L:rwx
> default:mask:rwx
> default:other:---
> 
> 
> Regards,
> Achim
> 
> 
> --
> Problem reports:       http://cygwin.com/problems.html
> FAQ:                   http://cygwin.com/faq/
> Documentation:         http://cygwin.com/docs.html
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpxnidNDxneI.pgp
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]