From: Corinna Vinschen <corinna-cygwin@cygwin.com>
To: cygwin@cygwin.com
Subject: Re: (call-process ...) hangs in emacs
Date: Thu, 28 Aug 2014 13:18:00 -0000 [thread overview]
Message-ID: <20140828131832.GT20700@calimero.vinschen.de> (raw)
In-Reply-To: <20140828095524.GO20700@calimero.vinschen.de>
[-- Attachment #1: Type: text/plain, Size: 2878 bytes --]
On Aug 28 11:55, Corinna Vinschen wrote:
> On Aug 28 07:25, Achim Gratz wrote:
> > As a concrete example, in the following the directory x86 shows up on Cygwin
> > as follows:
> >
> > > getfacl x86
> > # file: x86
> > # owner: otheruser
> > # group: Domain Users
> > user::---
> > group::---
> > group:FilerAdmins:rwx
> > group:ShareOwners:rwx
> > mask:rwx
> > other:---
> > default:user::---
> > default:group::---
> > default:group:FilerAdmins:rwx
> > default:group:ShareOwners:rwx
> > default:mask:rwx
> > default:other:---
> > > ls -ld x86
> > d---------+ 1 otheruser Domain Users 0 Jun 23 14:09 x86/
> >
> > Under Linux in the same situation you'd get
> >
> > > ls -ld x86
> > d---rwx---+ 1 otheruser Domain Users 0 Jun 23 14:09 x86/
> >
> > instead (i.e. the mask bits shown in the group portion of the standard mode
> > flags). If the file was owned by your uid, then you'd get indeed
> >
> > > ls -ld x86
> > d---------+ 1 myself Domain Users 0 Jun 23 14:09 x86/
> >
> > but you'd also really have no permissions. On Windows you do have
> > permission to the file in that situation since the POSIX part of the ACL
> > (particularly the user::--- part that revokes all access for the file owner)
> > are faked by Cygwin and not taken into account when the file gets finally
> > accessed:
> >
> > > icacls x86
> > x86 DOM\FilerAdmins:(I)(OI)(IO)(F)
> > DOM\FilerAdmins:(I)(CI)(F)
> > DOM\ShareOwners:(I)(OI)(IO)(M)
> > DOM\ShareOwners:(I)(CI)(M)
> >
> > If getting at the correct mask is too expensive, simply always faking an
> > "rwx" mask might actually be better than what we have now, since once the
> > ACL are fully processed you'll get the correct permissions anyway.
>
> Handling of the CLASS object (aka "mask") has never been fully
> implemented, especially because there's no such thing as a CLASS object
> in a Windows ACL.
>
> I guess it will always be some fake, but, yes, we can try to change
> stat() so that the st_mode group permissions reflect the or'ed bits of
> all permissions given to non-primary users and groups. Same in acl(2).
> That might be useful.
I implemented this preliminary and uploaded a snapshot to
https://cygwin.com/snapshots/
"Preliminary", because this change introduces an API change:
Since the CLASS_OBJ and DEF_CLASS_OBJ entries only exist if secondary
user and group (default) entries exist, that means the default
permission entry only consists of 3 ACEs. This in turn means, the
constant MIN_ACL_ENTRIES changed from 4 to 3.
This might negatively affect coreutils, at least `ls', even though in my
local testing it looked all normal.
Please test.
Thanks,
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Maintainer cygwin AT cygwin DOT com
Red Hat
[-- Attachment #2: Type: application/pgp-signature, Size: 819 bytes --]
next prev parent reply other threads:[~2014-08-28 13:18 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-01 12:51 Angelo Graziosi
2014-08-01 13:17 ` Peter Hull
2014-08-01 13:32 ` Corinna Vinschen
2014-08-04 1:03 ` Ken Brown
2014-08-04 8:00 ` Corinna Vinschen
2014-08-04 13:34 ` Ken Brown
2014-08-04 13:45 ` Corinna Vinschen
2014-08-05 12:21 ` Ken Brown
2014-08-05 13:33 ` Peter Hull
2014-08-05 13:59 ` Peter Hull
2014-08-05 13:58 ` Corinna Vinschen
2014-08-05 17:55 ` Ken Brown
2014-08-05 18:40 ` Corinna Vinschen
2014-08-07 11:52 ` Ken Brown
2014-08-07 12:51 ` Corinna Vinschen
2014-08-07 18:54 ` Ken Brown
2014-08-07 15:30 ` Eric Blake
2014-08-07 18:54 ` Ken Brown
2014-08-07 21:42 ` Eric Blake
2014-08-08 13:27 ` Ken Brown
2014-08-08 15:39 ` Peter Hull
2014-08-09 1:38 ` Ken Brown
2014-08-18 12:28 ` Ken Brown
2014-08-18 14:58 ` Peter Hull
2014-08-18 15:03 ` Larry Hall (Cygwin)
2014-08-25 19:00 ` Ken Brown
2014-08-26 9:13 ` Peter Hull
2014-08-26 18:55 ` Achim Gratz
2014-08-26 22:13 ` Ken Brown
2014-08-27 8:42 ` Corinna Vinschen
2014-08-27 12:53 ` Ken Brown
2014-08-27 13:47 ` Corinna Vinschen
2014-08-27 14:40 ` Eric Blake
2014-08-27 17:15 ` Ken Brown
2014-08-27 15:15 ` Achim Gratz
2014-08-28 7:25 ` Achim Gratz
2014-08-28 9:55 ` Corinna Vinschen
2014-08-28 13:18 ` Corinna Vinschen [this message]
2014-08-28 15:04 ` Achim Gratz
2014-08-28 15:10 ` Corinna Vinschen
2014-08-28 15:27 ` Achim Gratz
2014-08-29 9:59 ` Achim Gratz
2014-08-29 11:09 ` Corinna Vinschen
2014-08-29 18:08 ` Ken Brown
2014-08-29 19:23 ` Achim Gratz
2014-08-29 19:36 ` Ken Brown
2014-08-29 20:00 ` Achim Gratz
2014-08-29 21:38 ` Ken Brown
2014-08-29 20:05 ` Andrey Repin
2014-08-29 21:43 ` Corinna Vinschen
2014-08-29 23:35 ` Andrey Repin
2014-09-01 11:47 ` Corinna Vinschen
2014-09-01 11:57 ` Corinna Vinschen
2014-09-01 17:38 ` Achim Gratz
2014-09-02 8:32 ` Corinna Vinschen
2014-09-02 17:29 ` Achim Gratz
2014-09-02 19:19 ` Corinna Vinschen
2014-09-02 19:42 ` Achim Gratz
2014-09-02 20:09 ` Corinna Vinschen
2014-09-02 20:23 ` Achim Gratz
2014-09-03 13:04 ` Corinna Vinschen
2014-09-03 17:59 ` Achim Gratz
2014-08-28 10:34 ` Eric Blake
2014-08-27 21:05 ` Andrey Repin
2014-08-28 10:01 ` Corinna Vinschen
2014-08-28 13:35 ` Andrey Repin
2014-08-28 14:10 ` Corinna Vinschen
2014-08-28 17:05 ` ACL behavior in Cygwin // " Andrey Repin
2014-08-28 18:29 ` Achim Gratz
2014-08-29 8:29 ` Corinna Vinschen
2014-08-28 18:38 ` Achim Gratz
2014-08-28 19:50 ` Andrey Repin
2014-08-06 2:30 ` Katsumi Yamaoka
2014-08-06 8:48 ` Corinna Vinschen
2014-08-06 23:41 ` Katsumi Yamaoka
2014-08-07 0:35 ` Andrey Repin
2014-08-04 8:05 ` Peter Hull
2014-08-04 13:36 ` Ken Brown
-- strict thread matches above, loose matches on Subject: below --
2014-08-06 0:15 Angelo Graziosi
2014-07-31 14:51 Peter Hull
2014-07-31 17:35 ` Ken Brown
2014-08-01 7:36 ` Peter Hull
2014-08-01 10:22 ` Katsumi Yamaoka
2014-08-01 11:33 ` Peter Hull
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140828131832.GT20700@calimero.vinschen.de \
--to=corinna-cygwin@cygwin.com \
--cc=cygwin@cygwin.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).