X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-2.0 required=5.0 	tests=BAYES_00,SARE_MSGID_LONG40,SPF_PASS
X-Spam-Check-By: sourceware.org
MIME-Version: 1.0
In-Reply-To: <4B12DE10.6080607@cornell.edu>
References: <4B115A56 DOT 2060705 AT alice DOT it> 	 <a13b5a590911281612r796d112bw1208a869433d2b88 AT mail DOT gmail DOT com> 	 <20091129143220 DOT GA16680 AT calimero DOT vinschen DOT de> 	 <a13b5a590911291159g5f837dbap614105a16adf41ce AT mail DOT gmail DOT com> 	 <4B12D769 DOT 9010408 AT cornell DOT edu> <4B12DE10 DOT 6080607 AT cornell DOT edu>
Date: Sun, 29 Nov 2009 16:57:59 -0500
Message-ID: <a13b5a590911291357o5538b285i9bf09dc9ca5c4744@mail.gmail.com>
Subject: Re: [ANNOUNCEMENT] [1.7] Updated: cygwin-1.7.0-67
From: Robert Pendell <shinji AT elite-systems DOT org>
To: cygwin AT cygwin DOT com
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-IsSubscribed: yes
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On Sun, Nov 29, 2009 at 3:48 PM, Ken Brown wrote:
> On 11/29/2009 3:19 PM, Ken Brown wrote:
>>
>> On 11/29/2009 2:59 PM, Robert Pendell wrote:
>>>
>>> On Sun, Nov 29, 2009 at 9:32 AM, Corinna Vinschen wrote:
>>>>
>>>> On Nov 28 19:12, Robert Pendell wrote:
>>>>>
>>>>> On Sat, Nov 28, 2009 at 12:13 PM, Angelo Graziosi wrote:
>>>>>>
>>>>>> Corinna Vinschen wrote:
>>>>>>>
>>>>>>> Fixes a few last-minute bugs:
>>>>>>
>>>>>> Now, it seems that creating directories and files in some manner
>>>>>> acquires an extra unexpected '+' flag. For example (from Cygwin.bat =
or
>>>>>> MinTTY):
>>>>>>
>>>>>>
>>>>>> $ echo "Not " > foo1.txt
>>>>>>
>>>>>> $ echo "Not OK" > foo2.txt
>>>>>>
>>>>>> $ diff -Naur foo1.txt foo2.txt > foo.diff
>>>>>>
>>>>>> $ cp foo1.txt foo.txt
>>>>>>
>>>>>> $ patch foo.txt foo.diff
>>>>>> patching file foo.txt
>>>>>>
>>>>>> $ mkdir foo
>>>>>>
>>>>>> $ ls -lrtd foo*
>>>>>> -rw-r--r-- =C2=A01 ... =C2=A0 5 28 Nov 18:02 foo1.txt
>>>>>> -rw-r--r-- =C2=A01 ... =C2=A0 7 28 Nov 18:02 foo2.txt
>>>>>> -rw-r--r-- =C2=A01 ... 124 28 Nov 18:02 foo.diff
>>>>>> -rw-r--r--+ 1 ... =C2=A0 7 28 Nov 18:03 foo.txt
>>>>>> drwxr-xr-x+ 1 ... =C2=A0 0 28 Nov 18:03 foo
>>>>>>
>>>>>> See the extra '+' for 'foo.txt' and 'foo'!
>>>>>>
>>>>>> I didn't note this with previous version -66, -65...
>>>>>>
>>>>>> Is it to be expected with -67?
>>>>>>
>>>> For the directory entry, yes. =C2=A0These additional entries are defau=
lt
>>>> entries for user, group, and other, generated by code which was already
>>>> in 1.5, and which had been removed from 1.7.0 back in January.
>>>> Unfortunately the removal of these entries result in potentially weird
>>>> permission settings on files within Cygwin-created directories in case
>>>> the files are created by non-Cygwin Windows tools. =C2=A0Therefore I p=
ut them
>>>> back in -63.
>>>>
>>>> Apart from that, I don't see the extra permissions when creating the
>>>> patched foo.txt. =C2=A0In other words, I can't reproduce it, at least =
not on
>>>> W7 under UAC.
>>>>
>>>>> Looks like there is a change in permissions with the file during the
>>>>> diff program run. =C2=A0I might run a strace on it if someone tells m=
e the
>>>>> appropriate command to do. =C2=A0Anyways here is the relevant part wi=
th
>>>>> icacls before and after the diff command.
>>>>>
>>>>> shinji AT Balthasar ~
>>>>> $ icacls foo.txt
>>>>> foo.txt Balthasar\shinji:(R,W,D,WDAC,WO)
>>>>> =C2=A0 =C2=A0 =C2=A0 =C2=A0Balthasar\None:(R)
>>>>> =C2=A0 =C2=A0 =C2=A0 =C2=A0Everyone:(R)
>>>>>
>>>>> Successfully processed 1 files; Failed processing 0 files
>>>>>
>>>>> shinji AT Balthasar ~
>>>>>
>>>>> $ patch foo.txt foo.diff
>>>>> patching file foo.txt
>>>>>
>>>>> shinji AT Balthasar ~
>>>>> $ icacls foo.txt
>>>>> foo.txt Balthasar\shinji:(R,W,D,WDAC,WO)
>>>>> =C2=A0 =C2=A0 =C2=A0 =C2=A0Balthasar\None:(R)
>>>>> =C2=A0 =C2=A0 =C2=A0 =C2=A0Everyone:(R)
>>>>> =C2=A0 =C2=A0 =C2=A0 =C2=A0NT AUTHORITY\SYSTEM:(F)
>>>>> =C2=A0 =C2=A0 =C2=A0 =C2=A0BUILTIN\Administrators:(F)
>>>>>
>>>>> Successfully processed 1 files; Failed processing 0 files
>>>>>
>>>>> The 2 additional permission lines on the second icacls run is what
>>>>> causes the + to appear.
>>>>
>>>> Indeed. =C2=A0I just don't get how they are generated. =C2=A0I know wh=
ere they are
>>>> coming from (they are part of the default DACL of the user token), but=
 I
>>>> don't understand how they get into the ACL of foo.txt. =C2=A0For some =
reason
>>>> this doesn't occur in my testing. =C2=A0I tried in a normal as well as=
 in an
>>>> elevated shell, in a directory created with an older version of Cygwin
>>>> without default entries, as well as in a directory created with a newer
>>>> Cygwin with default entries. =C2=A0In neither case I see the extra ent=
ries
>>>> for SYSTEM and Administrators.
>>>>
>>>> What are the permissions of the parent directory? =C2=A0In other words,
>>>> what does "icacls ." print in this scenario?
>>>
>>> Here is the output for icacls .
>>>
>>> shinji AT Balthasar ~
>>> $ icacls .
>>> . Balthasar\shinji:(F)
>>> =C2=A0Balthasar\None:(RX)
>>> =C2=A0Everyone:(RX)
>>
>> Maybe the extra permissions are coming from the ACLs on the temporary
>> directory used by patch. =C2=A0According to 'man patch', patch will use =
the first
>> of the following variables that is set: TMPDIR, TMP, TEMP. =C2=A0On my s=
ystem,
>> TMP and TEMP are both set in the Windows environment.
>
> I just confirmed this on my XP SP3 system. =C2=A0I initially got similar =
behavior
> to what Angelo and Robert reported, but it doesn't happen if I export
> TMPDIR=3D/tmp before running patch.
>
> Ken

Actually I found setting the TMP in .bashrc worked as well.  I set
both TMP and TEMP in that file for use in cygwin and directed them
towards /tmp.  I didn't know about TMPDIR though.

Coincidentally I thought to take a look at the system wide TEMP folder
and I get this...

shinji AT Balthasar /cygdrive/c/users/shinji/appdata/local/temp
$ icacls .
. NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F)
  BUILTIN\Administrators:(I)(OI)(CI)(F)
  Balthasar\shinji:(I)(OI)(CI)(F)

Successfully processed 1 files; Failed processing 0 files

That's where the additional Administrators and SYSTEM entries are
coming from.  The strace reveals a rename operation that is done to a
temp file in the system temp folder and sets it to the filename for
the item being patched.

Robert Pendell
shinji AT elite-systems DOT org
CAcert Assurer
"A perfect world is one of chaos."

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple