crazy default permissions

Mitch Deoudes mitch@houseofpain.org
Wed Oct 5 09:57:00 GMT 2016



On 10/5/2016 12:40 AM, Marco Atzeri wrote:
> On 05/10/2016 06:31, Mitch Deoudes wrote:
>> mkdir has suddenly started creating directories with strange
>> permissions.  As far as I can tell, it's related to making directories
>> nested inside other directories that were also created within cygwin.
>> As you create deeper and deeper nestings, the perms get more and more
>> screwed up.  It starts at the second level deep, with the setuid flag,
>> and eventually gets to the point where you're making directories that
>> don't even have user read/write.
>>
>> I tried this on a brand new installation of the latest cygwin64, with no
>> modifications, as of just now:
>>
>> mitch@calculonjr ~/src/etc/rsync
>> $ umask
>> 0022
>>
>> mitch@calculonjr ~/src/etc/rsync
>> $ mkdir baz
>>
>> mitch@calculonjr ~/src/etc/rsync
>> $ ls -ld baz
>> drwxrwxr-x+ 1 mitch None 0 Oct  5 00:11 baz    <--- first dir looks
>> reasonable (but doesn't match umask)
>>
>> mitch@calculonjr ~/src/etc/rsync
>> $ mkdir baz/bob
>>
>> mitch@calculonjr ~/src/etc/rsync
>> $ ls -l baz
>> total 0
>> drwsrwsr-t+ 1 mitch None 0 Oct  5 00:11 bob    <--- second dir is weird
>>
>> mitch@calculonjr ~/src/etc/rsync
>> $ mkdir baz/bob/foo
>>
>> mitch@calculonjr ~/src/etc/rsync
>> $ ls -l baz/bob/
>> total 0
>> d--Srws--T+ 1 mitch None 0 Oct  5 00:12 foo   <--- third dir doesn't
>> even have user read/write
>>
>> mitch@calculonjr ~/src/etc/rsync
>> $ mkdir baz/bob/foo/blob
>> mkdir: cannot create directory `baz/bob/foo/blob': Permission denied
>>
>>
>> Any guesses what might be causing this?  I'm pretty sure this was
>> working as of my last update, which was probably several months ago.
>>
>> mitch
>>
>>
>
> where is your home ?
>
> $ cygpath -u ~
> /home/marco
>
> and what are its ACLS ?
>
> $ cacls $(cygpath -w ~)
> E:\cygwin64\home\marco MATZERI\marco:F
>                        BUILTIN\Administrators:R
>                        Everyone:R
>                        CREATOR OWNER:(OI)(CI)(IO)F
>                        CREATOR GROUP:(OI)(CI)(IO)R
>                        Everyone:(OI)(CI)(IO)R
>
>
>
> -- 
> Problem reports:       http://cygwin.com/problems.html
> FAQ:                   http://cygwin.com/faq/
> Documentation:         http://cygwin.com/docs.html
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
>
>

Hmm...  in checking the acl's on my home dir, I noticed there was an 
entry for an unkown user.  Probably left over from the last time I 
migrated my data to a new windows install.  I deleted that entry via the 
Windows properties->security tab, which triggered a massive re-write of 
all the permissions for everything in my home dir.  Now mkdir seems to 
work fine.

No idea why that would cause/fix the problem.  Especially given the fact 
that said data migration happened probably years ago.  My home dir acl's 
do look a little convoluted compared to yours, though:

                     Everyone:(special access:)
                              READ_CONTROL
                              SYNCHRONIZE
                              FILE_READ_EA
                              FILE_READ_ATTRIBUTES

                     CREATOR OWNER:(OI)(CI)(IO)F
                     NT AUTHORITY\SYSTEM:(OI)(CI)F
                     calculonjr\mitch:(OI)(CI)F
                     BUILTIN\Administrators:(OI)(CI)F
                     BUILTIN\Users:(special access:)
                                   READ_CONTROL
                                   SYNCHRONIZE
                                   FILE_READ_EA
                                   FILE_READ_ATTRIBUTES

                     BUILTIN\Users:(CI)(IO)(special access:)
                                           SYNCHRONIZE
                                           FILE_WRITE_DATA
                                           FILE_APPEND_DATA

                     BUILTIN\Administrators:(ID)F
                     BUILTIN\Administrators:(OI)(CI)(IO)(ID)F
                     NT AUTHORITY\SYSTEM:(ID)F
                     NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(ID)F
                     NT AUTHORITY\Authenticated Users:(ID)C
                     NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(ID)C
                     BUILTIN\Users:(ID)R
                     BUILTIN\Users:(OI)(CI)(IO)(ID)(special access:)
                                                   GENERIC_READ
                                                   GENERIC_EXECUTE


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



More information about the Cygwin mailing list