X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=B37iPqXBXM3IjSHTrcKyi8T8SHNl4oqaUponrtGsG2yGh/JHwyDKp pHMVWlc+5i9TbM2vQpdGErE0Hg7jb32yMifDDlHcQTOHZUjnN6tdgO8NlkGqI3/S NAf1BxTqbXXsH5iV0z4j1EaXqUMn0BKNaeonYnS8zW0tdTP9woC0oQ= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=k6y9phRUHgx1a/jO1fpngCEt7YM=; b=TZYbhhinefhSbjnO7OqeOO+xzBgi nTA9BFx27Mrp4BjNnn79AIvwJbSM2iu2RnIdhozzVC34qHD+/5ZWXqjFzT0It/VI v95p9fDGE750pQkj520fJbBmfXq3RXUsM0oDVUm9Yl0vHW1wVQty4zz3NqcvgOoc cNQL0MaYPnBOKgU= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-96.6 required=5.0 tests=BAYES_00,GOOD_FROM_CORINNA_CYGWIN,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_PBL,RDNS_DYNAMIC autolearn=ham version=3.3.2 spammy=H*MI:sk:5714DDA, compromise, H*i:sk:5714DDA, Hx-languages-length:2876 X-HELO: calimero.vinschen.de Date: Mon, 18 Apr 2016 20:55:53 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: Permissions change concern Message-ID: <20160418185553.GB31378@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <5712F224 DOT 7070308 AT cs DOT umass DOT edu> <20160418101803 DOT GM24565 AT calimero DOT vinschen DOT de> <5714DDA9 DOT 3030002 AT cs DOT umass DOT edu> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="vGgW1X5XWziG23Ko" Content-Disposition: inline In-Reply-To: <5714DDA9.3030002@cs.umass.edu> User-Agent: Mutt/1.5.24 (2015-08-30) --vGgW1X5XWziG23Ko Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Apr 18 09:14, Eliot Moss wrote: > On 4/18/2016 6:18 AM, Corinna Vinschen wrote: > >On Apr 16 22:17, Eliot Moss wrote: > >>The specific behavior I get is that chmod 644 on the file has no > >>effect on the file's permissions - they stay at 774. > >> > >>So, has something in cygwin "broken", or is there some setting I > >>should be doing a different way? > > > >It's broken. I added a small code snippet in 2.5.0 which was supposed > >to avoid writing a NULL SID ACE in case the POSIX permissions are simple > >enough. The condition under which to write the NULL SID ACE was... > >uhm... not well thought through. > > > >I applied a fix and I built new developer snapshots available on > >https://cygwin.com/snapshots/. > > > >Please give'em a try. Since I'm going on vacation end of this week, > >I intend to provide a fixed 2.5.1 ASAP. >=20 > Yes, that's better. I still have two confusions, though: >=20 > 1) If a directory says: >=20 > default:users::rwx > default:group::rwx > default:other:r-x >=20 > and my umask is 022 >=20 > when I create a new file by "echo test > foo.bar", foo.bar's > perms are 644, not the 755 I would expect. Your example looks like 775. But even then, the actual permissions depend on the mode bits given to the open(2) call, which are usually 666 in this echo example. The resulting perms should be 664. Cygwin also takes the umask value into account if the newly created ACL only contains default POSIX permissions. That's not quite correct in terms of POSIX 1003.1e draft 17, but in contrast to Linux, Windows directory ACLs practically always have default ACEs, so we have to compromise a bit, or umask just has no effect at all. I fixed a=20 problem with the permssion handling in case a mask value is present, but that shouldn't matter in your case. > 2) If the directory has g+s set (visible from -s- in the flags shown > by getfacl), the directory's group is Cygwin, and my primary group is = moss, > then the file gets created with group moss, not group Cygwin (which is > what g+s is supposed to mean, right?) There was still another bug in the same code snippet which disallowed to set the special POSIX bits S_ISVTX/S_ISGID/S_ISUID under some circumstances, but apart from that what you describe works for me if the bit is set in the parent dir and the parent dir inherits entries. But this only works if you create the file with a Cygwin executable and the parent dir has inheritable ACEs. I uploaded another snapshot to https://cygwin.com/snapshots/ to make sure the aforementioned bug can be tested as well. Please check the latest snapshot again. However, if the s bit (aka S_ISGID) doesn't quite work as desired, I have to defer any solution (if possible) until after my vaca. Thanks, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --vGgW1X5XWziG23Ko Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXFS25AAoJEPU2Bp2uRE+g07AP/3PpfsbeLTB7vEL/IlM7wYkg 5IIFz+2mCpNX59NrlViP3YtmNVtfitl3PZw39B9Op6cxQEyjwEUFncGFi2i4yMbJ TzLaVAI5PPDmIcYAG9MrVmsNFVboVAExn70354G5WoQf7X02kjh0557+OiceTBnh akcIJPK4BfQacUxRme0zGqe0gDqlo/vVIdif9aahL+L+b/rOJIIGJ9dJh8joWHG+ sPG9Bra60c+E8yeED8/dp4thi3dWbW5qkuVmC2ptRDTIoh2q4INefWpiOLjes6w6 PlsPWpN6tHbPBGIfAmBCbl3JOiggCOMK1vCcvX0t3kxpo0vZcni3GkvT/iZTma2R vlvgiL5+FiB2gKhFbaTuoY5OyeiaJi5Rr5isCOe+BDT4H152K5FoP6bFnyyt40mh MdfnYi9J2M4KGKQxWL5YYA4DQT+B0s9oYfXdk6UIHOKrXClhyXQfbZaBddjSL4+B vskFQ9YgkhULux0T2gfDAPBCub8SUKw1vh9bFjGbTiNbyCyn2DZVkEmF/rBE6ql3 plUggBcKWv0/PS6u7ZjSUEJXO138FYMXV4tmTi/kZpywtz6eGuXnk+Lu+RRMdEcL bQtutG2phLP0htowsW06KRurBtfGwdJJ7luItmuGvRkdilHhrLHZEfj41E3fq3W5 TRVbxpN1tKfKZf19Q8aH =ruBR -----END PGP SIGNATURE----- --vGgW1X5XWziG23Ko--