This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: umask problem: wrong permissions for new files


On 4/27/2018 4:54 AM, Andrey Repin wrote:
Greetings, Ulli Horlacher!

On Fri 2018-04-20 (07:25), Brian Inglis wrote:

Cygwin supports Windows ACLs as POSIX ACLs, which are also supported by
Linux. Use setfacl to set similar default ACLs (DACLs) on a Linux
directory, rerun your test there, and you should see similar results.

(How) can I completly remove ACLs from the cygwin files and directories?

You CAN, yes.
However, you will lose any way to access the files, as explained below.

The standard UNIX permissions are sufficent for my needs and much easier
to handle :-}

"Standard POSIX" permissions are insufficient even for most basic operations.
They survive only because removing them would cause even more harm, than
letting them sit around.

*Never* remove DACLs from any Windows directory which will *ever* be used
with any non-Cygwin Windows program: /undefined behaviour/ will result.

Uuups... thanks for the warning!


Let me add this ...

What mostly work for me (occasional gotchas) is this:

I am "moss" and I added a group "Cygwin".  I have admin permissions under Windows.

A typical file acl for me has owner moss and group Cygwin - sometimes I have to
set these manually, particularly if they are created by a Windows program.

Also, typical acls for files print out as:

# owner: moss
# group: Cygwin
user::rw-
group::rwx                              #effective:rw-
group:SYSTEM:r-x                        #effective:r--
group:Cygwin:rwx                        #effective:rw-
mask:rw-
other:r--

This corresponds to Posix permissions 664.  The SYSTEM thing helps insure that
Windows programs, such as my backup program, can read the file.

Here is a typical directory acl:

# owner: moss
# group: Cygwin
# flags: -s-
user::rwx
group::rwx
group:SYSTEM:r-x
group:Cygwin:rwx
mask:rwx
other:r-x
default:user::rwx
default:group::rwx
default:group:SYSTEM:r-x
default:group:Cygwin:rwx
default:mask:rwx
default:other:r-x

This is more complex since it is intended to propagate useful permissions to
files crated within the directory.  It is the default entries that help do that.
Note the -s- flag, which encodes the 2000 (set gid) bit of Posix permissions,
enabling propagation of default permissions.  This directory's Posix permissions
are 2775.  Again, the SYSTEM entries are important for me.

A typical file created by a Windows program (Word, in this case) ends up with
this acl:

# owner: moss
# group: moss
# flags: -s-
user::rwx
group::---
group:SYSTEM:r-x
group:Cygwin:rwx
mask:rwx
other:r-x

The Posix permissions read as 2775 (rwxrwsr-x).

Some people like this way of setting things up, some don't.  As they say, YMMV.

Regards - Eliot Moss

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]