Re: Trying to create default ACL entries to match file ACL entries

[Brian Inglis <Brian.Inglis@SystematicSw.ab.ca>]

On 2019-06-04 13:59, L A Walsh wrote:
> lets see if this is more clear:
> On 2019/06/04 12:44, Eliot Moss wrote:
>> On 6/4/2019 3:34 PM, L A Walsh wrote:
>>> I am trying to create an entry for '/' (or '.' w/me sitting in '/')
>>> where the default entries are the same as the file entries.
>>>           ^^^^^^^
>>> so tried doing:
>>>    getfacl . | setfacl -d - .
> Sorry, but am trying to get the 'file' entries (w/o the -d)
> copied into the default.

Not seeing -d, --default documented or supported in the code as an option flag
under Cygwin: it is available under Debian/Ubuntu at least, and probably other
Linux; neither are the file input option flags -M, --modify-file, -X,
--remove-file, or symbolic link -L, --logical, -P, --physical, or -R,
--recursive option flags.

Cygwin equivalent based on setfacl(1) would be something like:
$ getfacl -a source_file | sed 's/.*/&\nd:&/' | setfacl -f - target_file
where you are getting and duplicating the file accesses and also creating the
DACLs.

> On 2019/06/04 12:44, Eliot Moss wrote:
>> Ooooo ... not sure _I'd_ mess what / on a Windows system!
> -----
>     Ya, not idea, but too late for that.  Thanks for your
> vote of confidence though!  :waaaaa: :-(

I have had success using only setfacl -m and specifying everything I want
changed or set in that argument e.g.

	$ setfacl -m u::rwx,g::r-x,o::r-x,d:u::rwx,d:g::r-x,d:o::r-x /

probably using an admin account running with elevated permissions in this case.

For Cygwin root /, I have only:

$ lsp / | cygcheck-hrsv.sed
drwxr-xr-x+ 1 $USER Administrators 0 May 31 05:19 /
# file: /
# owner: $USER
# group: Administrators
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:other::r-x

C:/.../cygwin64 $HOSTNAME\$USER:(F)
                      BUILTIN\Administrators:(RX)
                      Everyone:(RX)
                      CREATOR OWNER:(OI)(CI)(IO)(F)
                      CREATOR GROUP:(OI)(CI)(IO)(RX)
                      Everyone:(OI)(CI)(IO)(RX)

Successfully processed 1 files; Failed processing 0 files

-- 
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple