Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Date:	Sat, 20 Aug 2005 10:59:26 +0200
From:	Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To:	cygwin AT cygwin DOT com
Subject:	Re: Permissions, again
Message-ID:	<20050820085926.GS17452@calimero.vinschen.de>
Reply-To:	cygwin AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
References:	<20050819194352 DOT GA28538 AT SDF DOT LONESTAR DOT ORG> <Pine DOT GSO DOT 4 DOT 61 DOT 0508191608070 DOT 16057 AT slinky DOT cs DOT nyu DOT edu> <20050819202459 DOT GA23900 AT SDF DOT LONESTAR DOT ORG> <Pine DOT GSO DOT 4 DOT 61 DOT 0508191653180 DOT 16057 AT slinky DOT cs DOT nyu DOT edu>
Mime-Version:	1.0
In-Reply-To:	<Pine.GSO.4.61.0508191653180.16057@slinky.cs.nyu.edu>
User-Agent:	Mutt/1.4.2i

On Aug 19 16:58, Igor Pechtchanski wrote:
> On Fri, 19 Aug 2005, Christopher Benson-Manica wrote:
> 
> > > chmod, and other POSIX programs know nothing about ACLs (which is where
> > > inheritance is specified).  You should, however, be able to use
> > > "getfacl/setfacl" to do what you want.
> >
> > Hm...  It seems that (get|set)facl do allow detailed permissions to be
> > set, but what I really need is the inherited property/attribute/whatever
> > to be set, as these files need to have permissions matching those of
> > their final destinations.
> 
> I thought that was what the various "mask" ACLs did, but someone more
> familiar with ACLs and getfacl/setfacl needs to chime in here...
> 
> > It's okay to tell me "Don't be absurd!" but I haven't heard it yet :-)
> 
> You can also try "cacls" and whatever the equivalent ACL modification tool
> is from Microsoft.
> 
> > Incidentally, while I was using the ntsec default for permissions,
> > all this stuff worked correctly...
> 
> You mean "nontsec", don't you?  In "nontsec" mode, Cygwin lets Windows
> handle the file ACLs, which results in inherited permissions.
> 
> > Also, with umask set to 077, a file I create with "touch" will end up
> > with NT permissions for read and write, but not execute, as well as
> > numerous other types of permissions.
> 
> I believe POSIX mandates that "touch" use permissions 0666&~umask for new
> files (i.e., the execute bits in the umask are ignored).

The bottom line is, either you want POSIX permission handling or Windows
permission handling.  You cannot have both.  POSIX has no concept of
inheritable permissions as NTFS has, beginning with W2K.  So use POSIX
permissions with POSIX permission rules -> ntsec, or use Windows 
permissions with Windows permission rules -> nontsec.  That's all, folks.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          mailto:cygwin AT cygwin DOT com
Red Hat, Inc.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -