From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 31212 invoked by alias); 7 Mar 2008 22:49:09 -0000 Received: (qmail 31196 invoked by uid 22791); 7 Mar 2008 22:49:07 -0000 X-Spam-Check-By: sourceware.org Received: from h-68-164-164-131.chcgilgm.covad.net (HELO alex.pounder.sol.net) (68.164.164.131) by sourceware.org (qpsmtpd/0.31) with ESMTP; Fri, 07 Mar 2008 22:48:36 +0000 Received: from tigris.pounder.sol.net (tigris.pounder.sol.net [10.164.123.199]) by alex.pounder.sol.net (8.12.11/8.12.11) with ESMTP id m27Mme9V000320 for ; Fri, 7 Mar 2008 16:48:40 -0600 Received: from tigris.pounder.sol.net (localhost.localdomain [127.0.0.1]) by tigris.pounder.sol.net (8.12.5/8.12.5) with ESMTP id m27MmXUs028986 for ; Fri, 7 Mar 2008 16:48:33 -0600 Received: from tigris.pounder.sol.net (rodmant@localhost) by tigris.pounder.sol.net (8.12.5/8.12.5/Submit) with ESMTP id m27MmXwX028979 for ; Fri, 7 Mar 2008 16:48:33 -0600 Message-Id: <200803072248.m27MmXwX028979@tigris.pounder.sol.net> To: cygwin-talk@cygwin.com From: cygzw@trodman.com (Tom Rodman) Reply-to: cygwin@cygwin.com Subject: OT: inherited ACL - full control, can only append to file Date: Fri, 07 Mar 2008 22:49:00 -0000 Mailing-List: contact cygwin-talk-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: cygwin-talk-owner@cygwin.com Reply-To: The Vulgar and Unprofessional Cygwin-Talk List X-SW-Source: 2008-q1/txt/msg00119.txt.bz2 Any idea why I could append to "zam.pif" below, but echo > zam.pif failed ("Permission denied")? "attrib" listed zam.pif as a hidden system file. It was owned by another user, and had only inherited permissions. I was able to delete it. I wanted to empty the file out without changing it's permissions ( had a virus ). -- thanks, Tom v-v-v-v-v-v-v-v-v-v-v D E T A I L S v-v-v-v-v-v-v-v-v-v-v /drv/m $ _wfi zam.pif # "_wfi is a bash script to show perms, it shows what it does" + setacl -on 'm:\zam.pif' -ot file -actn list -lst 'f:tab;w:o,g,d,s;i:n;s:n' \\?\m:\zam.pif Owner: DOMxx1\johndoe Group: DOMxx1\Domain Users SetACL finished successfully. + : + stat --printf 'name: %n\n size: %s type: %F\n modify: %y\n access: %x change: %z\n' zam.pif name: zam.pif size: 47104 type: regular file modify: 2005-12-11 18:34:42.000000000 -0600 access: 2008-03-06 15:36:38.593270600 -0600 change: 2008-03-05 18:13:43.365871300 -0600 + attrib 'm:\zam.pif' SH M:\zam.pif + set +x /drv/m $ ls -l zam.pif ----------+ 1 johndoe Domain Users 47104 Dec 11 2005 zam.pif /drv/m $ echo > zam.pif -bash: zam.pif: Permission denied /drv/m $ dacl zam.pif + setacl -on 'm:\zam.pif' -ot file -actn list -lst 'f:tab;w:o,g,d,s;i:y;s:n' \\?\m:\zam.pif Owner: DOMxx1\johndoe Group: DOMxx1\Domain Users DACL(not_protected+auto_inherited): BUILTIN\Administrators full allow inherited NT AUTHORITY\Authenticated Users read_execute allow inherited S-1-5-21-6622783460-1979792683-1801674531-2122 full allow inherited DOMxx1\staffuser2 full allow inherited S-1-5-21-6202436711-2025429265-1801674531-1005 full allow inherited S-1-5-21-6622783460-1979792683-1801674531-2114 change allow inherited DOMxx1\XYZ_BLD_MGR change allow inherited S-1-5-21-6622783460-1979792683-1801674531-2117 full allow inherited DOMxx1\XYZ_ES_ADMIN full allow inherited NT AUTHORITY\SYSTEM full allow inherited SetACL finished successfully. + set +x /drv/m $ echo >> zam.pif /drv/m $ echo abc > zam.pif -bash: zam.pif: Permission denied /drv/m $ handle zam.pif Handle v2.2 Copyright (C) 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com No matching handles found. /drv/m $ rm -f zam.pif /drv/m $ ls -a ./ Bryn/ RECYCLER/ Orly/ Gaul/ temp/ ../ Riga.inf System Volume Information/ Skye/ Abos/ tests/ /drv/m $ --snip/same user: ~ $ id -un staffuser1 ~ $ groups XYZ_ES_STAFF Administrators ABC_NA-CTX-Notepad-A Domain Users XYZ_ES_ADMIN XYZ_Users Users