Subject: default ACLs
From: Mikel Ward <mward AT aconex DOT com>
To: cygwin AT cygwin DOT com
Content-Type: text/plain
Date: Fri, 23 Oct 2009 10:45:27 +1100
Message-Id: <1256255127.2713.41.camel@mward-laptop.ops.acx>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com

Hi All

Default ACLs don't seem to work as they would on Linux, or for that
matter as they do for files created via Windows Explorer.

Is this expected?

Administrator AT hostname:/
$ mkdir newdir

Administrator AT hostname:/
$ getfacl newdir
# file: newdir
# owner: Administrator
# group: None
user::rwx
group::r-x
mask:rwx
other:r-x
default:user::rwx
default:group::r-x
default:other:r-x

Administrator AT hostname:/
$ setfacl -m 'd:g:dbas:rwx,d:g:SYSTEM:rwx' newdir

Administrator AT hostname:/
$ getfacl newdir
# file: newdir
# owner: Administrator
# group: None
user::rwx
group::r-x
mask:rwx
other:r-x
default:user::rwx
default:group::r-x
default:group:SYSTEM:rwx
default:group:dbas:rwx
default:mask:rwx
default:other:r-x

Administrator AT hostname:/
$ touch newdir/newfile

Administrator AT hostname:/
$ getfacl newdir/newfile
# file: newdir/newfile
# owner: Administrator
# group: None
user::rw-
group::r--
mask:rwx
other:r--

Irrespective of CYGWIN=(null), CYGWIN=ntsec, or CYGWIN=nontsec.

If I create a file in Windows Explorer, its ACLs are:
$ getfacl newdir/newfile2
# file: newdir/newfile2
# owner: Administrators
# group: None
user::rwx
group::r-x
group:SYSTEM:rwx
group:Users:r-x
group:dbas:rwx
mask:rwx
other:r-x

Basically I'm looking for a way to ensure the right users and groups can read files that I create.

Thanks

Mikel


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple