* Switching to posix with no acl
@ 2020-11-14 5:57 Jim McNamara
2020-11-14 18:37 ` Fwd: " Jim McNamara
0 siblings, 1 reply; 5+ messages in thread
From: Jim McNamara @ 2020-11-14 5:57 UTC (permalink / raw)
To: Cygwin
Hi all
Since there are no adduser or addgroup, I guess I'd create those files
manually off /etc.
Then I'd run passwd.
After that put in /etc/fstab
none /cygdrive cygdrive binary, posix=0, noacl, user 0 0
Close all processes.
That would give me a posix permission set up, right?
I read something about windows ignoring some dos bit with a file permission
but that is outside of cygwin...right?
Lastly, with acl you open an administrator cmd shell. With posix can I
escalate to root and stay away from admin cmd shell?
Is anyone else using posfix setup in general or mostly acl?
Thanks for any help!
Roboloki
^ permalink raw reply [flat|nested] 5+ messages in thread
* Fwd: Switching to posix with no acl
2020-11-14 5:57 Switching to posix with no acl Jim McNamara
@ 2020-11-14 18:37 ` Jim McNamara
2020-11-14 19:07 ` Jim McNamara
2020-11-15 0:18 ` René Berber
0 siblings, 2 replies; 5+ messages in thread
From: Jim McNamara @ 2020-11-14 18:37 UTC (permalink / raw)
To: Cygwin
---------- Forwarded message ---------
From: Jim McNamara <nefariousscheme@gmail.com>
Date: Sat, Nov 14, 2020, 12:57 AM
Subject: Switching to posix with no acl
To: Cygwin <cygwin@cygwin.com>
Hi all
Since there are no adduser or addgroup, I guess I'd create those files
manually off /etc.
Then I'd run passwd.
After that put in /etc/fstab
none /cygdrive cygdrive binary, posix=0, noacl, user 0 0
Close all processes.
That would give me a posix permission set up, right?
I read something about windows ignoring some dos bit with a file permission
but that is outside of cygwin...right?
Lastly, with acl you open an administrator cmd shell. With posix can I
escalate to root and stay away from admin cmd shell?
Is anyone else using posfix setup in general or mostly acl?
Thanks for any help!
Roboloki
Sat. Nov. 14 1:35 pm
Hi all-
I found in the manual about the execute bit permission being ignored in
filesystems with acl. That answered one question above. I can just take
advantage of how exe heuristics work.
If I find myself in a position where it needs administrator rights via a
shell, will it interfere with my posix permissions, users, or groups once
the /etc/groups and /etc/password and fstab are already setup
Did the fstab entry above look okay for posix permission?
Thanks for any assistance !
Roboloki
^ permalink raw reply [flat|nested] 5+ messages in thread
* Fwd: Switching to posix with no acl
2020-11-14 18:37 ` Fwd: " Jim McNamara
@ 2020-11-14 19:07 ` Jim McNamara
2020-11-15 0:18 ` René Berber
1 sibling, 0 replies; 5+ messages in thread
From: Jim McNamara @ 2020-11-14 19:07 UTC (permalink / raw)
To: Cygwin
---------- Forwarded message ---------
From: Jim McNamara <nefariousscheme@gmail.com>
Date: Sat, Nov 14, 2020, 1:37 PM
Subject: Fwd: Switching to posix with no acl
To: Cygwin <cygwin@cygwin.com>
---------- Forwarded message ---------
From: Jim McNamara <nefariousscheme@gmail.com>
Date: Sat, Nov 14, 2020, 12:57 AM
Subject: Switching to posix with no acl
To: Cygwin <cygwin@cygwin.com>
Hi all
Since there are no adduser or addgroup, I guess I'd create those files
manually off /etc.
Then I'd run passwd.
After that put in /etc/fstab
none /cygdrive cygdrive binary, posix=0, noacl, user 0 0
Close all processes.
That would give me a posix permission set up, right?
I read something about windows ignoring some dos bit with a file permission
but that is outside of cygwin...right?
Lastly, with acl you open an administrator cmd shell. With posix can I
escalate to root and stay away from admin cmd shell?
Is anyone else using posfix setup in general or mostly acl?
Thanks for any help!
Roboloki
Sat. Nov. 14 1:35 pm
Hi all-
I found in the manual about the execute bit permission being ignored in
filesystems with acl. That answered one question above. I can just take
advantage of how exe heuristics work.
If I find myself in a position where it needs administrator rights via a
shell, will it interfere with my posix permissions, users, or groups once
the /etc/groups and /etc/password and fstab are already setup?
Did the fstab entry above look okay for posix permission?
Thanks for any assistance !
Roboloki
Sat. Nov. 14, 1:45 PM
HI all -
I had a privilege escalation window come up for instance when running a
system supplied configure script for sshd ( I think ). It gave the choices
yes or no prompting to choose carefully for noacl permission mode or acl
translation setup. I think that prompt is very good. Will it (administrator
mode) always at least ask or identify which type of setup if required?
Thanks as always,
Robo-loki
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Fwd: Switching to posix with no acl
2020-11-14 18:37 ` Fwd: " Jim McNamara
2020-11-14 19:07 ` Jim McNamara
@ 2020-11-15 0:18 ` René Berber
[not found] ` <CAEMWCRsjXGomTpavtqPp9frmPUmaNUr28v8eBngNtJk3P3j68w@mail.gmail.com>
1 sibling, 1 reply; 5+ messages in thread
From: René Berber @ 2020-11-15 0:18 UTC (permalink / raw)
To: Cygwin
On 11/14/2020 12:37 PM, Jim McNamara via Cygwin wrote:
> Since there are no adduser or addgroup, I guess I'd create those files
> manually off /etc.
I think the recommended way is using the mkpasswd command. Actually the
recommended procedure is not to use anything.
Just run that command and take a look at the output. You have to filter
out most lines, only add the user you want.
Now run it with --help, you'll see you can list 'local' users AND domain
users. I put quotes on local because you can also specify local to
which computer (as long as it is running SMB, I think).
Its about the same for groups: mkgroup.
Hope this helps a little.
--
R.Berber
^ permalink raw reply [flat|nested] 5+ messages in thread
* Fwd: Fwd: Switching to posix with no acl
[not found] ` <CAEMWCRsjXGomTpavtqPp9frmPUmaNUr28v8eBngNtJk3P3j68w@mail.gmail.com>
@ 2020-11-15 2:08 ` Jim McNamara
0 siblings, 0 replies; 5+ messages in thread
From: Jim McNamara @ 2020-11-15 2:08 UTC (permalink / raw)
To: Cygwin
---------- Forwarded message ---------
From: Jim McNamara <nefariousscheme@gmail.com>
Date: Sat, Nov 14, 2020, 7:26 PM
Subject: Re: Fwd: Switching to posix with no acl
To: René Berber <rene.berber@gmail.com>
On Sat, Nov 14, 2020, 7:17 PM René Berber via Cygwin <cygwin@cygwin.com>
wrote:
> On 11/14/2020 12:37 PM, Jim McNamara via Cygwin wrote:
>
> > Since there are no adduser or addgroup, I guess I'd create those files
> > manually off /etc.
>
> I think the recommended way is using the mkpasswd command. Actually the
> recommended procedure is not to use anything.
>
> Just run that command and take a look at the output. You have to filter
> out most lines, only add the user you want.
>
> Now run it with --help, you'll see you can list 'local' users AND domain
> users. I put quotes on local because you can also specify local to
> which computer (as long as it is running SMB, I think).
>
> Its about the same for groups: mkgroup.
>
> Hope this helps a little.
> --
> R.Berber
> --
> Problem reports: https://cygwin.com/problems.html
> FAQ: https://cygwin.com/faq/
> Documentation: https://cygwin.com/docs.html
> Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
Hi R. Berber-
Thanks for the cool info. Can't wait to check it out :-)
Robo-loki
Hi R.
Yes. 'The recommendation is to not use anything.'
There are too many accounts specific to the OS like SYSTEM.
I think they serve a purpose. e.g. a process can run as system.
I vote for leaving well enough alone on this one.
I will just set permission at command line in mintty for stuff like ssh
authorized_keys etc. and not touch permission outside of mintty.
Have a cool night.
Thanks,
Robo-loki
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-11-15 2:08 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-14 5:57 Switching to posix with no acl Jim McNamara
2020-11-14 18:37 ` Fwd: " Jim McNamara
2020-11-14 19:07 ` Jim McNamara
2020-11-15 0:18 ` René Berber
[not found] ` <CAEMWCRsjXGomTpavtqPp9frmPUmaNUr28v8eBngNtJk3P3j68w@mail.gmail.com>
2020-11-15 2:08 ` Fwd: " Jim McNamara
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).