This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: setfacl to remove a permission implicit adds another


On 18.12.2015 20:38, EXT Corinna Vinschen wrote:
On Dec 18 18:11, Corinna Vinschen wrote:
On Dec 18 17:14, Thomas Wolff wrote:
I wrote:
...
After removing SYSTEM write permission with setfacl,
it was effectively removed for SYSTEM but the other groups got
write permission ADDED instead (as also properly indicated by ls) â
which is kind of the opposite of the intended operation.
cygwin-2.4.0-0.11, sorry
In that case the behaviour is by design.  Try the same on Linux and the
result will be the same.  Every time you change group perms, the mask
will be changed to reflect the maximum permissions given to any group or
seccondary user.  You always have to check the mask or set it explicitely
to the desired value.
I'm sorry, but I forgot to mention an important part:  Recomputing the
mask is *not* done in the kernel or, in our case, Cygwin.  Rather this
functionality is part of the setfacl tool.  Setfacl recomputes the mask
by default.  There's a new option -n/--no-mask as on Linux to retain the
current mask setting, e.g.

   $ setfacl -n -m g:wheel:r-x file

Try setfacl --help for a comprehensive description of all options.


HTH,
Yes, thank you.
Just pondering:
"...the maximum/union of all permissions..." could well be interpreted as "... all *effective* permissions"
which would make a difference in the presented case.
Anyway, you are right, this is an upstream design issue. And upstream in this case seems to mean referring to a standard that isn't even officially available anymore...
------
Thomas

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]