Duplicate ACLs? - Can't copy file even with Admin permissions
Corinna Vinschen
corinna-cygwin@cygwin.com
Wed Jan 5 11:34:22 GMT 2022
On Jan 3 10:51, cygwin@kosowsky.org wrote:
> I have a file: /c/Config.Msi/3da9e136.rbf that I cannot copy, even when
> [...]
> # getfacl 3da9e136.rbf
> # file: 3da9e136.rbf
> # owner: Administrators
> # group: SYSTEM
> user::rwx
> group::rwx
> other::r-x
> user::rwx
> group::rwx
> group:SYSTEM:rwx
> mask::rwx
> other::r-x
> [...]
> Note that 'subinacl' shows:
> =================================
> +File C:\Config.Msi\3da9e136.rbf
> =================================
> /control=0x0
> /owner =builtin\administrators
> /primary group =system
> /audit ace count =0
> /perm. ace count =3
> /pace =system Type=0x0 Flags=0x3 AccessMask=0x1f01ff
> /pace =everyone Type=0x0 Flags=0x3 AccessMask=0x1200a9
> /pace =builtin\administrators Type=0x0 Flags=0x3 AccessMask=0x1f01ff
I don't see a reliable, trustable source for downloading subinacl, so
let's do this with builtin tools.
I'm not sure what's going on on your machine. I tried to reproduce your
issue by creating a file with the exact same DACL:
$ cat aclfile.sav
acltest
D:P(A;;FA;;;SY)(A;;0x1200a9;;;WD)(A;;FA;;;BA)
Note that the file is in UTF-16, the first two bytes are the BOM.
$ icacls . /restore aclfile.sav
processed file: .\acltest
Successfully processed 1 files; Failed processing 0 files
$ icacls acltest
acltest NT AUTHORITY\SYSTEM:(F)
Everyone:(RX)
BUILTIN\Administrators:(F)
Successfully processed 1 files; Failed processing 0 files
$ getfacl acltest
# file: acltest
# owner: Administrators
# group: SYSTEM
user::rwx
group::rwx
other::r-x
Would you mind to run `icacls 3da9e136.rbf /save 3da9e136.acl
and paste the content of 3da9e136.acl into your reply?
Please use "reply-to" to keep mail threading intact. Your two
mails in terms of this problem are disconnected for some reason.
Thanks,
Corinna
More information about the Cygwin
mailing list