From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 52569 invoked by alias); 4 Nov 2017 21:20:36 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 52559 invoked by uid 89); 4 Nov 2017 21:20:35 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_LOW autolearn=no version=3.3.2 spammy=regretted, Hx-languages-length:1266, H*Ad:D*ca, perfect X-HELO: smtp-out-so.shaw.ca Received: from smtp-out-so.shaw.ca (HELO smtp-out-so.shaw.ca) (64.59.136.138) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Sat, 04 Nov 2017 21:20:34 +0000 Received: from [192.168.1.100] ([24.64.240.204]) by shaw.ca with SMTP id B5rieLaMADJTWB5rjesHjc; Sat, 04 Nov 2017 15:20:32 -0600 X-Authority-Analysis: v=2.2 cv=B4DJ6KlM c=1 sm=1 tr=0 a=MVEHjbUiAHxQW0jfcDq5EA==:117 a=MVEHjbUiAHxQW0jfcDq5EA==:17 a=N659UExz7-8A:10 a=kobj13m9HvHxgiDxJrsA:9 a=pILNOxqGKmIA:10 Reply-To: Brian.Inglis@SystematicSw.ab.ca Subject: Re: No way to use ssh ~/.ssh/config with "noacl" option To: cygwin@cygwin.com References: <59FD8C99.8010703@gmail.com> <20171104113723.GC18070@calimero.vinschen.de> <59FDA8D9.6050808@gmail.com> <59FDC12F.1080005@codespunk.com> <59FDDCFA.9030306@codespunk.com> <87shdudp76.fsf@Rainer.invalid> <59FDF5BE.7060600@gmail.com> <87h8u9ew9n.fsf@Rainer.invalid> From: Brian Inglis Message-ID: <02939a2a-8dee-6c79-fd80-24c9b9073e52@SystematicSw.ab.ca> Date: Sat, 04 Nov 2017 21:20:00 -0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <87h8u9ew9n.fsf@Rainer.invalid> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit X-CMAE-Envelope: MS4wfEYq1QHi+YPBUPERPf/180WRmmJakMdofEs0Tr0C/BlENNI2/rJ0wRAs+Vw/bgObsTUZsvp7NHFyRzXK+OTx9a5modywqFKOAZfc0KpBOKNHOEEiTB1Y W3lXPsq23gSdaER4kF2cUQ4yz/bXVjBun0g/YxEqiVPJyyiXEUkpX8cc+aHKNdiG/+Ado6Ekyu8BUA== X-IsSubscribed: yes X-SW-Source: 2017-11/txt/msg00089.txt.bz2 On 2017-11-04 12:25, Achim Gratz wrote: > Matt D. writes: >> It's not perfect but I've always had trouble with all of the >> modifications Cygwin makes to a file's permissions to support >> POSIX-style ACLs. I do miss being able to manage them with chmod and >> setfacl though. > > Just remove any ACL inheritance on the home directory before populating > it (or recursively remove it for an existing directory, but that can be > more tricky). I suggest to use a sub-directory of your actual Windows > home, otherwise you might get into trouble with applications writing dot > files into it and/or getting confused by the dot files from Cygwin. > It's easy enough to mount it to /home/$USER so it's where you'd normally > expect it to show up. If you remove the DACLs on directories, you will be unable to access any files without using Cygwin, as Windows sees no permissions, and any files created by Windows programs will have no Cygwin permissions, and you will be unable to access those files from Cygwin or Windows programs, without doing manual Windows security fixups. I've hit some directories with setfacl -bk, and quickly regretted it. -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple