From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-vk1-xa44.google.com (mail-vk1-xa44.google.com [IPv6:2607:f8b0:4864:20::a44]) by sourceware.org (Postfix) with ESMTPS id D0DFE3857C49 for ; Sat, 24 Oct 2020 07:02:29 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org D0DFE3857C49 Received: by mail-vk1-xa44.google.com with SMTP id z10so884482vkn.0 for ; Sat, 24 Oct 2020 00:02:29 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=2a76DjO069+a1fXas81gV/vnq4U7NLsIgljD5TwX2MM=; b=Zqrw/p6+PKm4ZgFKlt9/A/uVA2WdQWBhSAlzu2SdDtlL0ELV2CipVeFysjiFWiDe7g NgCmUGX+ZjqypUEhYlprL3YN6F0QtCZbditSN9V/NAZ8pHQd0o61LjmoYWVg1qwtkvr/ ywWSvMTjiniGIitkwHrQ7tHWruD7l363VgqZxz/6LVhEC4dJI1ZYBcUg2K89U6AKlkrl 1j86v1rb0uVdmfgDTN8Ok+JmP0xe39M4AZCbD4EsqlEGrT+GvfhgtmAOtj6Ka6CdlQ0W axpHhF7i8iSoBenbS6BCmZMQwcAcX2QbfSVa96tmo9YzNGPgFl0MIoAh1GPdaw4i3OxD uS7Q== X-Gm-Message-State: AOAM530zV666IBUWDv9uZJyh3hTXhuR9CAcjJxQ7r7/HSpoa+eeMFese GBGHJY1zYIkJbVZnwN+lu13qhQ7WomkCW2I+jdxi3My6 X-Google-Smtp-Source: ABdhPJwq0RmGxYEBeD8Dvr9y+gQSkVOrHvXdAVkAfOCWd7+sfN463jAlyQWQ2GcMpIhtIw2GTkQS9hVU5/ENV5XJUdA= X-Received: by 2002:a1f:6082:: with SMTP id u124mr3412232vkb.19.1603522949093; Sat, 24 Oct 2020 00:02:29 -0700 (PDT) MIME-Version: 1.0 References: <3f0e071c-66c7-b6e8-f907-40a333872d07@SystematicSw.ab.ca> <9c03f3ea-8989-5f93-41c4-4d832eaef94c@cs.umass.edu> <83773bf8-4ec6-d2ed-b2ba-37e64cc7dcc0@SystematicSw.ab.ca> In-Reply-To: <83773bf8-4ec6-d2ed-b2ba-37e64cc7dcc0@SystematicSw.ab.ca> From: Jim McNamara Date: Sat, 24 Oct 2020 03:02:17 -0400 Message-ID: Subject: Re: Fwd: Objects in ACL cygwin win 10 To: cygwin@cygwin.com X-Spam-Status: No, score=-0.5 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, HTML_MESSAGE, KAM_NUMSUBJECT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: cygwin@cygwin.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: General Cygwin discussions and problem reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Oct 2020 07:02:31 -0000 Hi Brian Yes, I see now what you are saying. Didn't know why it behaves like that. Do you reccomend: A. Noacl option in fstab B. Reinstall and leave icacls in windows alone so I can deploy in future with runtime Thnx, Roboloki On Sat, Oct 24, 2020, 12:46 AM Brian Inglis wrote: > On 2020-10-23 21:49, Jim McNamara via Cygwin wrote: > > On Fri, Oct 23, 2020, 10:06 PM Eliot Moss wrote: > > >> I have to admit I am not 100% sure what you are asking, but I am careful > >> to grant SYSTEM access so > >> that my backup program can access and save a copy of virtually > everything > > > Thanks for you and Brian helping me. > > I used icacls cygwin /q /c /t reset > > You have to be very careful using icacls and other Windows commands with > Cygwin > ACLs as > > "ICACLS preserves the canonical ordering of ACE entries: > Explicit denials > Explicit grants > Inherited denials > Inherited grants" > > and Cygwin's POSIX ACLs may or may not obey this canonical order; Windows > File > Explorer often does not consider Cygwin ACLs in what it considers canonical > order and requires them to be reordered, which breaks the Cygwin > permissions. > > Ah, that "NT AUTHORITY/SYSTEM" SID, normally paired with > BUILTIN/Administrators, > as users, groups, or both: > > $ ls -dl /proc/cygdrive/c/Users/; echo; getfacl /proc/cygdrive/c/Users/; > echo; > icacls C:/Users/ > drwxr-xr-x+ 1 SYSTEM SYSTEM 0 Apr 13 2020 /proc/cygdrive/c/Users/ > > # file: /proc/cygdrive/c/Users/ > # owner: SYSTEM > # group: SYSTEM > user::rwx > group::r-x > group:Administrators:rwx #effective:r-x > group:Users:r-x > mask::r-x > other::r-x > default:user::rwx > default:group::--- > default:group:Administrators:rwx #effective:r-x > default:group:Users:r-x > default:mask::r-x > default:other::r-x > > C:/Users/ NT AUTHORITY\SYSTEM:(OI)(CI)(F) > BUILTIN\Administrators:(OI)(CI)(F) > BUILTIN\Users:(RX) > BUILTIN\Users:(OI)(CI)(IO)(GR,GE) > Everyone:(RX) > Everyone:(OI)(CI)(IO)(GR,GE) > > Successfully processed 1 files; Failed processing 0 files > > -- > Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada > > This email may be disturbing to some readers as it contains > too much technical detail. Reader discretion is advised. > [Data in binary units and prefixes, physical quantities in SI.] > > -- > Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada > > This email may be disturbing to some readers as it contains > too much technical detail. Reader discretion is advised. > [Data in binary units and prefixes, physical quantities in SI.] > -- > Problem reports: https://cygwin.com/problems.html > FAQ: https://cygwin.com/faq/ > Documentation: https://cygwin.com/docs.html > Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple >