CIFS symlinks on network share break Cygwin

Corinna Vinschen
Tue Feb 5 10:28:00 GMT 2008

On Feb  4 18:34, Jonathan Lanier wrote:
> >   We use netapp here too, and we have a mixed NTFS/NT ACLS +
> > NFS/Unix perms domain.  None of it works well for me from the
> > cygwin side, I always find myself having to use the win
> > explorer shell extension to change the perms.  If I can help
> > with some testing or diagnosis or anything, please feel free to
> > contact me offlist. 
> My issues weren't with the file permissions; it was all about incorrect
> symlink behavior.  I don't think Cygwin honors the native Unix
> permissions/attributes over a CIFS share; I sure wish it would, though.

It can't because it doesn't know how.  Cygwin uses standard NT system
calls to retrieve a security descriptor which represents the permissions
on the file.  It also uses standard NT calls to set security descriptors
on files.  If the underlying file system doesn't support this standard
means of retrieving and setting owners, groups and permissions, then
we're out of luck.

> It would be even cooler if I could create real symlinks on the network
> share instead of the fake Cygwin ones.  I expect that would require a
> lot more from the OS, though.  Maybe in Vista - I've heard that there is
> a newer SMB/CIFS 2.0 protocol that's supposed to make Windows behave a
> lot more like Unix over remote shares.  Of course we don't use Vista
> here, but there's always hope that in the future this will all
> eventually get sorted out.

Not in Vista, though.  Vista introduced a NTFS native symlink, but it
does not allow to access them over CIFS.  A native symlink on another
Vista machine is not even recognized as a symlink, just as a file of
size 0.  Trying to open this file from the remote machine doesn't work
(Permission denied in Cygwin, nothing at all in Explorer).

Not to mention the fact that the default security policy does not allow
normal users to create native symlinks.  Only Admins are allowed to do
that by default, which spoils their usability, somewhat.

> I keep a Unix shell open so I can change the attributes after creating
> the file on the Windows side.  It's annoying, because some Windows apps
> don't modify files - they delete and rename, so the moment you touch the
> file it's lost the permission again.  Occasionally I'll use the NetApp
> shell extension to do the same, as you mentioned.

If NetApp has a DLL which we could dynamically call from Cygwin, there
would be a chance to change this situation.  Given that somebody cares
enough to invest in source code.


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

Unsubscribe info:
Problem reports:

More information about the Cygwin mailing list