[ANNOUNCEMENT] TEST RELEASE: Cygwin 2.4.0-0.18

[ANNOUNCEMENT] TEST RELEASE: Cygwin 2.4.0-0.18

[Corinna Vinschen]

Hi Cygwin friends and users,


I released TEST version 2.4.0-0.18 of Cygwin.  This is the last test
release if nothing unexpected happens.  I plan to release officially
on Friday.


What's new:
-----------

- New, unified implementation of POSIX permission and ACL handling.  The
  new ACLs now store the POSIX ACL MASK/CLASS_OBJ permission mask, and
  they allow to inherit the S_ISGID bit.  ACL inheritance now really
  works as desired, in a limited, but theoretically equivalent fashion
  even for non-Cygwin processes.

  To accommodate standard Windows ACLs, the POSIX permissions of the
  owner and all other users in the ACL are computed using the Windows
  AuthZ API.  This may slow down the computation of POSIX permissions
  noticably in some circumstances, but is generally more correct.  The
  new code also ignores SYSTEM and Administrators group permissions when
  computing the MASK/CLASS_OBJ permission mask on old ACLs, and it
  doesn't deny access to SYSTEM and Administrators group based on the
  value of MASK/CLASS_OBJ when creating the new ACLs.

  The new code now handles the S_ISGID bit on directories as on Linux:
  Setting S_ISGID on a directory causes new files and subdirs created
  within to inherit its group, rather than the primary group of the user
  who created the file.  This only works for files and directories
  created by Cygwin processes.

- New mount type "usertemp" which allows to mount a POSIX directory to
  the Windows per-user temporary directory.

- cygpath has a new -U option, which creates cygdrive paths using the
  unambiguous /proc/cygdrive prefix.

- New API: rpmatch.


What changed:
-------------

- Align setfacl(1) usage a bit closer to the usage on Linux.  Rename -d option
  to -x, --substitute to --set.  Add --no-mask and --mask options.  Allow to
  use the -b and -k option combined to allow reducing an ACL to only reflect
  standard POSIX permissions.

- Fix (numeric and monetary) decimal point and thousands separator in
  fa_IR and ps_AF locales to be aligned with Linux.

- utmpname/utmpxname are now defined as int functions as on Linux.
  Addresses: https://cygwin.com/ml/cygwin/2015-12/msg00320.html


Bug Fixes
---------

- Not a bug fix as such, but a workaround for new behaviour in Windows 10
  version 1511 64 bit.  This version introduces a problem which existed in
  a similar variation (just vice versa) in XP and Server 2003 64 bit as well.
  An unexpected stack arrangement when starting a 64 bit Cygwin application
  from a 32 bit application (e.g. 32 bit CMD.EXE) broke Cygwin's fork.
  Addresses: https://cygwin.com/ml/cygwin/2015-12/msg00003.html

- Replaced old, buggy strtold implementation with well-tested gdtoa version
  from David M. Gay.
  Addresses: https://cygwin.com/ml/cygwin/2015-11/msg00205.html

- Fix handling of relative paths in native symlinks if the target is in a
  drive's root dir or one level below.
  Addresses: https://cygwin.com/ml/cygwin/2015-11/msg00277.html

- Fix a SEGV when calling `kill -l 0'.
  Addresses: https://cygwin.com/ml/cygwin/2015-11/msg00430.html

- Fix a race condition in signal handling.
  Addresses: https://cygwin.com/ml/cygwin/2015-11/msg00387.html

- Fix a potential crash reading invalid passwd and group entries from
  /etc/passwd and /etc/group.
  Addresses: https://cygwin.com/ml/cygwin/2015-12/msg00170.html

- Cygpath(1) now tries to correct the case of system directories when
  returned as POSIX paths.
  Addresses: https://cygwin.com/ml/cygwin/2016-01/msg00002.html

- *Always* zero out descriptor arrays when returning from select due to
  timeout, per POSIX.
  Addresses: https://cygwin.com/ml/cygwin/2015-12/msg00332.html

- Return unique inode numbers when calling stat/fstat on pipes and IP sockets.
  Addresses: https://cygwin.com/ml/cygwin/2015-12/msg00310.html


Have fun,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 2.4.0-0.18

[random user]

Something I wasn't aware of at the time of our prior discussion is
that the Linux NTFS-3g driver already supports Linux extended ACLs
on NTFS.  This is discussed at
 
http://www.tuxera.com/community/ntfs-3g-advanced/ownership-and-permissions/

I explored taking a flash card back and forth between Cygwin
2.4.0-0.18 and a Linux system, testing how each interprets what the
other wrote.

I find they don't seem to interpret each other's per-group and mask
permission bits correctly when creating their Posix interpretation of
an NTFS ACL.

I also find that somehow setting extended ACLs on Linux for a
directory is causing Cygwin to then see that object as a socket, if
I'm reading the below correctly. 'ls' on Cygwin won't descend into
that as it normally would for a directory,
  bash: cd: dir_acl: Not a directory
results when attempting to cd into it, etc.

I don't know how common such uses are, but I do use both Cygwin and
Linux on the same flash cards and external disks.  If they are both
going to support Posix-style extended ACLs written to NTFS, it'd seem
nice if they could do so in compatible ways.

Nuances re interpreting the below:
- NTFS-3g usually writes full-permission ACEs for SYSTEM and
  Administrators.  I've patched it on my system to not write those,
  for better compatibility with Cygwin 2.3.0 and earlier.  (Per the
  announcement seeming to indicate those will be ignored starting in
  2.4.0, perhaps I'll no longer need such patching.)

- On my Cygwin machine I have distinct SIDs for a user and a group for
  each Windows user, simulating the "usergroup" model with ability to
  keep distinct permissions for the user and the group.  Windows has
  the group defined with a _UG suffix, as shows in the icacls outputs;
  my /etc/group has them without the _UG suffix, as seen in the
  Cygwin commands input and output.

  The displays below  such as
    user:julia_UG:r--
  where one might more expect
    group:julia:r--
  given the commands that created the case seem due to the way I
  concocted my NTFS-3g UserMapping file.  I have the groups present
  with their _UG suffix as users in that file, along with having them
  listed without that suffix as groups.  I suspect if I remove the
  user entry for the group SIDs, these would display as more expected.
  I don't think this represents a bug in anything other than my own
  UserMapping file.


############ Part 1: On Cygwin

bash 1 23 # uname -a
CYGWIN_NT-6.1-WOW CYGWIN 2.4.0(0.293/5/3) 2016-01-11 20:29 i686 Cygwin

[0] 20:16:03 sally@CYGWIN /e/ACL_PLAY
bash 1 4 # getfacl .
# file: .
# owner: sally
# group: sally
user::rwx
group::---
other:---
default:user::rwx
default:group::---
default:other:---


[0] 20:17:22 sally@CYGWIN /e/ACL_PLAY
bash 1 5 # mkdir written_by_cygwin

[0] 20:17:42 sally@CYGWIN /e/ACL_PLAY
bash 1 6 # cd written_by_cygwin

[0] 20:17:52 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 7 # touch file_simple

[0] 20:18:02 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 8 # touch file_acl

[0] 20:18:08 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 9 # mkdir dir_acl

[0] 20:18:12 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 10 # setfacl -m'g:julia:rwx' file_acl dir_acl

[0] 20:18:29 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 11 # chmod 740 file_acl dir_acl

[0] 20:18:42 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 12 # ls -al
total 0
drwx------+ 1 sally sally 0 Jan 12 20:18 .
drwx------+ 1 sally sally 0 Jan 12 20:17 ..
drwxr-----+ 1 sally sally 0 Jan 12 20:18 dir_acl
-rwxr-----+ 1 sally sally 0 Jan 12 20:18 file_acl
-rw-------  1 sally sally 0 Jan 12 20:18 file_simple

[0] 20:18:45 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 13 # getfacl .
# file: .
# owner: sally
# group: sally
user::rwx
group::---
other:---
default:user::rwx
default:group::---
default:other:---


[0] 20:19:01 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 14 # icacls .
. NULL SID:(DENY)(Rc,S)
  CYGWIN\sally:(F)
  CYGWIN\sally_ug:(Rc,S,RA)
  Everyone:(Rc,S,RA)
  NULL SID:(OI)(CI)(IO)(DENY)(Rc,S)
  CREATOR OWNER:(OI)(CI)(IO)(F)
  CREATOR GROUP:(OI)(CI)(IO)(Rc,S,RA)
  Everyone:(OI)(CI)(IO)(Rc,S,RA)

Successfully processed 1 files; Failed processing 0 files

[0] 20:19:04 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 15 # getfacl file_simple
# file: file_simple
# owner: sally
# group: sally
user::rw-
group::---
other:---


[0] 20:20:28 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 16 # icacls file_simple
file_simple NULL SID:(DENY)(Rc,S)
            CYGWIN\sally:(R,W,D,WDAC,WO)
            CYGWIN\sally_ug:(Rc,S,RA)
            Everyone:(Rc,S,RA)

Successfully processed 1 files; Failed processing 0 files

[0] 20:20:37 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 17 # getfacl file_acl
# file: file_acl
# owner: sally
# group: sally
user::rwx
group::---
group:julia:rwx                         #effective:r--
mask:r--
other:---


[0] 20:20:46 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 18 # icacls file_acl
file_acl NULL SID:(DENY)(Rc,S,X,DC)
         CYGWIN\sally:(F)
         CYGWIN\julia_ug:(DENY)(W,X,DC)
         CYGWIN\sally_ug:(Rc,S,RA)
         CYGWIN\julia_ug:(RX,W)
         Everyone:(Rc,S,RA)

Successfully processed 1 files; Failed processing 0 files

[0] 20:20:53 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 19 # getfacl dir_acl/
# file: dir_acl/
# owner: sally
# group: sally
user::rwx
group::---
group:julia:rwx                         #effective:r--
mask:r--
other:---
default:user::rwx
default:group::---
default:other:---


[0] 20:21:16 sally@CYGWIN /e/ACL_PLAY/written_by_cygwin
bash 1 20 # icacls dir_acl/
dir_acl\ NULL SID:(DENY)(Rc,S,X,DC)
         CYGWIN\sally:(F)
         CYGWIN\julia_ug:(DENY)(W,X,DC)
         CYGWIN\sally_ug:(Rc,S,RA)
         CYGWIN\julia_ug:(RX,W,DC)
         Everyone:(Rc,S,RA)
         NULL SID:(OI)(CI)(IO)(DENY)(Rc,S)
         CREATOR OWNER:(OI)(CI)(IO)(F)
         CREATOR GROUP:(OI)(CI)(IO)(Rc,S,RA)
         Everyone:(OI)(CI)(IO)(Rc,S,RA)

Successfully processed 1 files; Failed processing 0 files

############ Part 2: On Linux

bash 1 3 $ uname -a
Linux LINUX 3.19.0-43-generic #49~14.04.1-Ubuntu SMP Thu Dec 31 15:44:49
UTC 2015 x86_64 x86_64 x86_64 GNU/Linux


[0] 20:28:21 sally@LINUX ~
bash 1 1 $ cd /f/ACL_PLAY/

[0] 20:28:26 sally@LINUX /mnt/f/ACL_PLAY
bash 1 2 $ cd written_by_cygwin/

[0] 20:31:49 sally@LINUX /mnt/f/ACL_PLAY/written_by_cygwin
bash 1 16 $ ls -al
total 0
drwx------+ 1 sally sally   0 Jan 12 20:18 .
drwx------+ 1 sally sally 392 Jan 12 20:29 ..
drwxrwx---+ 1 sally sally   0 Jan 12 20:18 dir_acl
-rwxrwx---+ 1 sally sally   0 Jan 12 20:18 file_acl
-rw-------  2 sally sally   0 Jan 12 20:18 file_simple

[0] 20:28:44 sally@LINUX /mnt/f/ACL_PLAY/written_by_cygwin
bash 1 3 $ getfacl . *
# file: .
# owner: sally
# group: sally
user::rwx
group::---
other::---
default:user::rwx
default:group::---
default:other::---

# file: dir_acl
# owner: sally
# group: sally
user::rwx
user:julia_UG:r--
group::---
mask::rwx
other::---
default:user::rwx
default:group::---
default:other::---

# file: file_acl
# owner: sally
# group: sally
user::rwx
user:julia_UG:r--
group::---
mask::rwx
other::---

# file: file_simple
# owner: sally
# group: sally
user::rw-
group::---
other::---

[0] 20:28:51 sally@LINUX /mnt/f/ACL_PLAY/written_by_cygwin
bash 1 4 $ cd ..

[0] 20:40:53 sally@LINUX /mnt/f/ACL_PLAY
bash 1 3 $ mkdir written_by_linux

[0] 20:40:58 sally@LINUX /mnt/f/ACL_PLAY
bash 1 4 $ cd written_by_linux/

[0] 20:41:01 sally@LINUX /mnt/f/ACL_PLAY/written_by_linux
bash 1 5 $ getfacl .
# file: .
# owner: sally
# group: sally
user::rwx
group::---
other::---
default:user::rwx
default:group::---
default:other::---


[0] 20:41:43 sally@LINUX /mnt/f/ACL_PLAY/written_by_linux
bash 1 6 $ touch file_simple

[0] 20:41:51 sally@LINUX /mnt/f/ACL_PLAY/written_by_linux
bash 1 7 $ touch file_acl

[0] 20:42:00 sally@LINUX /mnt/f/ACL_PLAY/written_by_linux
bash 1 8 $ mkdir dir_acl

[0] 20:42:07 sally@LINUX /mnt/f/ACL_PLAY/written_by_linux
bash 1 9 $ setfacl -m'g:julia:rwx' file_acl dir_acl

[0] 20:42:14 sally@LINUX /mnt/f/ACL_PLAY/written_by_linux
bash 1 10 $ chmod 740 file_acl dir_acl

[0] 20:42:22 sally@LINUX /mnt/f/ACL_PLAY/written_by_linux
bash 1 11 $ ls -al
total 0
drwx------+ 1 sally sally 352 Jan 12 20:42 .
drwx------+ 1 sally sally 392 Jan 12 20:40 ..
drwxr-----+ 1 sally sally   0 Jan 12 20:42 dir_acl
-rwxr-----+ 1 sally sally   0 Jan 12 20:42 file_acl
-rw-------  1 sally sally   0 Jan 12 20:41 file_simple

[0] 20:42:30 sally@LINUX /mnt/f/ACL_PLAY/written_by_linux
bash 1 12 $ getfacl . *
# file: .
# owner: sally
# group: sally
user::rwx
group::---
other::---
default:user::rwx
default:group::---
default:other::---

# file: dir_acl
# owner: sally
# group: sally
user::rwx
user:julia_UG:rwx        #effective:r--
group::---
mask::r--
other::---
default:user::rwx
default:group::---
default:other::---

# file: file_acl
# owner: sally
# group: sally
user::rwx
user:julia_UG:rwx        #effective:r--
group::---
mask::r--
other::---

# file: file_simple
# owner: sally
# group: sally
user::rw-
group::---
other::---

############ Part 3: On Cygwin

[0] 20:47:45 sally@CYGWIN /e/ACL_PLAY/written_by_linux
bash 1 34 # ls -al
total 0
drwx------+ 1 sally sally 0 Jan 12 20:42 .
drwx------+ 1 sally sally 0 Jan 12 20:40 ..
srwxr-----+ 1 sally sally 0 Jan 12 20:42 dir_acl
-rwxr-----+ 1 sally sally 0 Jan 12 20:42 file_acl
-rw-------  1 sally sally 0 Jan 12 20:41 file_simple

[0] 20:48:06 sally@CYGWIN /e/ACL_PLAY/written_by_linux
bash 1 35 # getfacl .
# file: .
# owner: sally
# group: sally
user::rwx
group::---
other:---
default:user::rwx
default:group::---
default:other:---


[0] 20:48:12 sally@CYGWIN /e/ACL_PLAY/written_by_linux
bash 1 36 # icacls .
. Everyone:(OI)(IO)(DENY)(S,X)
  CYGWIN\sally:(NP)(F)
  Everyone:(NP)(Rc,S,REA,RA)
  CYGWIN\sally:(OI)(CI)(IO)(F)
  Everyone:(OI)(CI)(IO)(Rc,S,REA,RA)

Successfully processed 1 files; Failed processing 0 files

[0] 20:48:15 sally@CYGWIN /e/ACL_PLAY/written_by_linux
bash 1 37 # getfacl file_simple
# file: file_simple
# owner: sally
# group: sally
user::rw-
group::---
other:---


[0] 20:49:24 sally@CYGWIN /e/ACL_PLAY/written_by_linux
bash 1 38 # icacls file_simple
file_simple CYGWIN\sally:(NP)(R,W,D,WDAC,WO)
            Everyone:(NP)(Rc,S,REA,RA)

Successfully processed 1 files; Failed processing 0 files

[0] 20:50:51 sally@CYGWIN /e/ACL_PLAY/written_by_linux
bash 1 40 # getfacl.exe file_acl
# file: file_acl
# owner: sally
# group: sally
user::rwx
group::---
group:julia:r--
mask:r--
other:---


[0] 20:49:50 sally@CYGWIN /e/ACL_PLAY/written_by_linux
bash 1 39 # icacls file_acl
file_acl CYGWIN\julia_ug:(NP)(DENY)(W,Rc,WO,X)
         CYGWIN\sally:(NP)(M,WDAC,WO)
         CYGWIN\julia_ug:(NP)(RX,W)
         CYGWIN\sally_ug:(NP)(DENY)(W,Rc,WO,X)
         Everyone:(NP)(Rc,S,REA,RA)

Successfully processed 1 files; Failed processing 0 files



[0] 20:51:02 sally@CYGWIN /e/ACL_PLAY/written_by_linux
bash 1 41 # getfacl dir_acl
# file: dir_acl
# owner: sally
# group: sally
user::rwx
group::---
group:julia:r--
mask:r--
other:---
default:user::rwx
default:group::---
default:other:---


[0] 20:52:03 sally@CYGWIN /e/ACL_PLAY/written_by_linux
bash 1 42 # icacls dir_acl
dir_acl CYGWIN\julia_ug:(NP)(DENY)(W,Rc,WO,X,DC)
        Everyone:(OI)(IO)(DENY)(S,X)
        CYGWIN\sally:(NP)(F)
        CYGWIN\julia_ug:(NP)(RX,W,DC)
        CYGWIN\sally_ug:(NP)(DENY)(W,Rc,WO,X,DC)
        Everyone:(NP)(Rc,S,REA,RA)
        CYGWIN\sally:(OI)(CI)(IO)(F)
        Everyone:(OI)(CI)(IO)(Rc,S,REA,RA)

Successfully processed 1 files; Failed processing 0 files


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 2.4.0-0.18

[Corinna Vinschen]

[-- Attachment #1: Type: text/plain, Size: 3026 bytes --]

On Jan 12 22:17, random user wrote:
> Something I wasn't aware of at the time of our prior discussion is
> that the Linux NTFS-3g driver already supports Linux extended ACLs
> on NTFS.  This is discussed at
>  
> http://www.tuxera.com/community/ntfs-3g-advanced/ownership-and-permissions/
> 
> I explored taking a flash card back and forth between Cygwin
> 2.4.0-0.18 and a Linux system, testing how each interprets what the
> other wrote.
> 
> I find they don't seem to interpret each other's per-group and mask
> permission bits correctly when creating their Posix interpretation of
> an NTFS ACL.
> 
> I also find that somehow setting extended ACLs on Linux for a
> directory is causing Cygwin to then see that object as a socket, if
> I'm reading the below correctly. 'ls' on Cygwin won't descend into
> that as it normally would for a directory,
>   bash: cd: dir_acl: Not a directory
> results when attempting to cd into it, etc.
> 
> I don't know how common such uses are, but I do use both Cygwin and
> Linux on the same flash cards and external disks.  If they are both
> going to support Posix-style extended ACLs written to NTFS, it'd seem
> nice if they could do so in compatible ways.

Cygwin is trying to create an ACL with least possible entries while at
the same time being POSIX compatible.  Apart from the NULL SID deny ACE
to keep mask info and special bits, it's a pretty normal ACL.

It's a bit late now to change how Cygwin constructs and evaluates ACLs.
I'll take a look into the dir vs. socket thingy, but no guarantee that
I can change that for 2.4.0.

> bash 1 34 # ls -al
> total 0
> drwx------+ 1 sally sally 0 Jan 12 20:42 .
> drwx------+ 1 sally sally 0 Jan 12 20:40 ..
> srwxr-----+ 1 sally sally 0 Jan 12 20:42 dir_acl
> -rwxr-----+ 1 sally sally 0 Jan 12 20:42 file_acl
> -rw-------  1 sally sally 0 Jan 12 20:41 file_simple

Weird.  The only way to set the filetype to socket is if the file is a
Cygwin symlink (file with system DOS bit set and starting with the
string "!<socket >".

> [...]
> bash 1 41 # getfacl dir_acl
> # file: dir_acl
> # owner: sally
> # group: sally
> user::rwx
> group::---
> group:julia:r--
> mask:r--
> other:---
> default:user::rwx
> default:group::---
> default:other:---
> [...]
> bash 1 42 # icacls dir_acl
> dir_acl CYGWIN\julia_ug:(NP)(DENY)(W,Rc,WO,X,DC)
>         Everyone:(OI)(IO)(DENY)(S,X)
>         CYGWIN\sally:(NP)(F)
>         CYGWIN\julia_ug:(NP)(RX,W,DC)
>         CYGWIN\sally_ug:(NP)(DENY)(W,Rc,WO,X,DC)
>         Everyone:(NP)(Rc,S,REA,RA)
>         CYGWIN\sally:(OI)(CI)(IO)(F)
>         Everyone:(OI)(CI)(IO)(Rc,S,REA,RA)

It will be hard to reproduce such an ACL.  It's just as non-standard as
a Cygwin ACL, just differently so.  What bugs me is the deny ACE for
sally_ug which looks pretty weird to me.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 2.4.0-0.18

[random user]

>> It's a bit late now to change how Cygwin constructs and evaluates ACLs.

Sorry, with the holidays and other issues it wasn't possible for me to
look at the test drops earlier.

Going production with a new Cygwin NTFS ACL layout incompatible with
NTFS-3g's already-existing layout would seem a long-term decision
regarding Cygwin <-> Linux interoperability.  Please consider.


On 01/13/2016 07:12 AM, Corinna Vinschen wrote:
> On Jan 12 22:17, random user wrote:
>> Something I wasn't aware of at the time of our prior discussion is
>> that the Linux NTFS-3g driver already supports Linux extended ACLs
>> on NTFS.  This is discussed at
>>  
>> http://www.tuxera.com/community/ntfs-3g-advanced/ownership-and-permissions/
>>
>> I explored taking a flash card back and forth between Cygwin
>> 2.4.0-0.18 and a Linux system, testing how each interprets what the
>> other wrote.
>>
>> I find they don't seem to interpret each other's per-group and mask
>> permission bits correctly when creating their Posix interpretation of
>> an NTFS ACL.
>>
>> I also find that somehow setting extended ACLs on Linux for a
>> directory is causing Cygwin to then see that object as a socket, if
>> I'm reading the below correctly. 'ls' on Cygwin won't descend into
>> that as it normally would for a directory,
>>   bash: cd: dir_acl: Not a directory
>> results when attempting to cd into it, etc.
>>
>> I don't know how common such uses are, but I do use both Cygwin and
>> Linux on the same flash cards and external disks.  If they are both
>> going to support Posix-style extended ACLs written to NTFS, it'd seem
>> nice if they could do so in compatible ways.
> Cygwin is trying to create an ACL with least possible entries while at
> the same time being POSIX compatible.  Apart from the NULL SID deny ACE
> to keep mask info and special bits, it's a pretty normal ACL.
>
> It's a bit late now to change how Cygwin constructs and evaluates ACLs.
> I'll take a look into the dir vs. socket thingy, but no guarantee that
> I can change that for 2.4.0.
>
>> bash 1 34 # ls -al
>> total 0
>> drwx------+ 1 sally sally 0 Jan 12 20:42 .
>> drwx------+ 1 sally sally 0 Jan 12 20:40 ..
>> srwxr-----+ 1 sally sally 0 Jan 12 20:42 dir_acl
>> -rwxr-----+ 1 sally sally 0 Jan 12 20:42 file_acl
>> -rw-------  1 sally sally 0 Jan 12 20:41 file_simple
> Weird.  The only way to set the filetype to socket is if the file is a
> Cygwin symlink (file with system DOS bit set and starting with the
> string "!<socket >".
>
>> [...]
>> bash 1 41 # getfacl dir_acl
>> # file: dir_acl
>> # owner: sally
>> # group: sally
>> user::rwx
>> group::---
>> group:julia:r--
>> mask:r--
>> other:---
>> default:user::rwx
>> default:group::---
>> default:other:---
>> [...]
>> bash 1 42 # icacls dir_acl
>> dir_acl CYGWIN\julia_ug:(NP)(DENY)(W,Rc,WO,X,DC)
>>         Everyone:(OI)(IO)(DENY)(S,X)
>>         CYGWIN\sally:(NP)(F)
>>         CYGWIN\julia_ug:(NP)(RX,W,DC)
>>         CYGWIN\sally_ug:(NP)(DENY)(W,Rc,WO,X,DC)
>>         Everyone:(NP)(Rc,S,REA,RA)
>>         CYGWIN\sally:(OI)(CI)(IO)(F)
>>         Everyone:(OI)(CI)(IO)(Rc,S,REA,RA)
> It will be hard to reproduce such an ACL.  It's just as non-standard as
> a Cygwin ACL, just differently so.  What bugs me is the deny ACE for
> sally_ug which looks pretty weird to me.
>
>
> Corinna
>


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 2.4.0-0.18

[Corinna Vinschen]

[-- Attachment #1: Type: text/plain, Size: 973 bytes --]

On Jan 13 12:48, random user wrote:
> >> It's a bit late now to change how Cygwin constructs and evaluates ACLs.
> 
> Sorry, with the holidays and other issues it wasn't possible for me to
> look at the test drops earlier.

We're testing this Cygwin change for four(!) months now.  I release
the first one on Sep 2nd.  It's a bit late now just to support some
border case within 48 hours before the release.  Also consider that
NFSv4 uses yet another way to create POSIX-like ACLs which apparently
doesn't match the NTFS-3G layout either.  It's not so much the layout
of the ACL which decides, it's that every implementation can work
with the ones created by other implementations.  There's that weird
problem with the dir recognized as socket, but that's something I'll
look into at one point.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 2.4.0-0.18

[Corinna Vinschen]

[-- Attachment #1: Type: text/plain, Size: 1162 bytes --]

On Jan 14 10:17, Corinna Vinschen wrote:
> On Jan 13 12:48, random user wrote:
> > >> It's a bit late now to change how Cygwin constructs and evaluates ACLs.
> > 
> > Sorry, with the holidays and other issues it wasn't possible for me to
> > look at the test drops earlier.
> 
> We're testing this Cygwin change for four(!) months now.  I release
> the first one on Sep 2nd.  It's a bit late now just to support some
> border case within 48 hours before the release.  Also consider that
> NFSv4 uses yet another way to create POSIX-like ACLs which apparently
> doesn't match the NTFS-3G layout either.  It's not so much the layout
> of the ACL which decides, it's that every implementation can work
> with the ones created by other implementations.  There's that weird
> problem with the dir recognized as socket, but that's something I'll
> look into at one point.

I did and found the problem.  Please give the latest snapshot from
https://cygwin.com/snapshots/ a try.


Thanks,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]