Re: Howto fix C:\cygwin acl after backup/restore?

[Brian Inglis <Brian.Inglis@Shaw.ca>]

On 2023-04-07 14:36, Thomas Schweikle via Cygwin wrote:
> How can C:\cygwin ACL be fixed after a backup/restore (file by file, not image). 
> The program seems to force canonical ACL while restoring.
> How do i get back ACL as they are right after installing cygwin?
> Docs did not help here. They discussed Windows-ACL to POSIX-ACL or simple 
> rwxrwxrwx POSIX rights used on most *nix machines, but at no point where 
> concrete ACL shown as they are supposed to be applied to the installed C:\cygwin 
> tree.
> Any idea? Any script? Any existing command to recreate recommended ACLs?

For the Cygwin root directory, normal u+rwx,go+rx perms are sufficient.

For other Cygwin files where perms are significant, you should use Cygwin 
backup/restore utilities e.g. rsync, tar, cpio, etc.

Without some image of Cygwin ACLs, you can not restore them as they were, as in 
the setfacl(1) example:

	$ getfacl source_file | setfacl -f - target_file

or an equivalent en masse.

For user created files and scripts, use relevant normal permissions.

For installed files, if you have a complete and current package cache directory, 
you can compare the installation to the latest archive of each package under 
<MIRROR>/{x86_64,noarch}/release/ looping thru:

tar -d -C / -f <MIRROR>/{x86_64,noarch}/release/<PKG>/.../...-<VER>-<REL>.tar.*z*

e.g.

$ tar -d -C / -f ~/mirror/x86_64/release/bash/bash-4.4.12-3.tar.xz
/bin/tar: etc/postinstall/bash.sh: Warning: Cannot stat: No such file or directory
usr/bin/bash.exe: Uid differs
usr/bin/bash.exe: Gid differs
usr/bin/bashbug: Mode differs
usr/bin/bashbug: Uid differs
usr/bin/sh.exe: Not linked to usr/bin/bash.exe
usr/include/bash/alias.h: Uid differs
...

which is very verbose, or do your own perms comparison vs the outputs from 
looping thru:

tar -tv -C / -f <MIRROR>/{x86_64,noarch}/release/<PKG>/.../...-<VER>-<REL>.tar.*z*

(*always remembering that all Cygwin installation tar file paths are relative to 
the Cygwin root directory / and need adjusted for use*) sort and group the files 
and directories which differ by tar permissions, and feed the lists of files and 
directories in a loop to e.g.:

	/bin/xargs -P `nproc` -a <PERMS>.lst /bin/chmod <PERMS>

to safely batch and parallelize the changes, or background each <PERMS> command 
in the loop:

	/bin/xargs -a <PERMS>.lst /bin/chmod <PERMS> &

to parallelize the workload.

The Windows directory cache will buffer the changes, and it might be good to:

	$ sync -f /usr /etc

to flush updates to disk: the second arg, if to the same file system, may have 
to wait until the first has completed, unless the command detects that.

-- 
Take care. Thanks, Brian Inglis              Calgary, Alberta, Canada

La perfection est atteinte                   Perfection is achieved
non pas lorsqu'il n'y a plus rien à ajouter  not when there is no more to add
mais lorsqu'il n'y a plus rien à retirer     but when there is no more to cut
                                 -- Antoine de Saint-Exupéry