delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2006/01/10/09:00:40

X-Spam-Check-By: sourceware.org
Message-ID: <43C3BE55.6070009@juno.nrl.navy.mil>
Date: Tue, 10 Jan 2006 09:01:57 -0500
From: Ken Senior <senior AT juno DOT nrl DOT navy DOT mil>
Reply-To: cygwin AT cygwin DOT com
User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923)
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: permissions and ACLs
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com 

Cygwin gurus,

Frustrated by permission problems resulting from having two accounts 
with the same user name (one domain, one local) I decided to start over 
with my cygwin installation.  This time, I logged in as local 
administrator (account name say admin AT local) and installed cygwin as 
this user.  Then, to make sure I could read and use cygwin from my 
domain account I used the Windows ACLs to also grant my domain account 
"Full Control" to all the files in C:\cygwin.  Thus, both my admin AT local 
(local admin) and my admin AT domain (domain admin) have Full Control to 
files in C:\cygwin.  But, while logged in both as admin AT local and as 
admin AT domain I tried from Windows Explorer to delete a file and was 
informed that I do not have permission!  So, I launched the cygwin bash 
window (from admin AT local) and performed a chmod 777 on the file (which 
cygwin allowed) and STILL can't delete the file:

admin AT local /usr/bin
$ ls -la rsync.exe
-rwxrwxrwx  1 senior Users 245248 Aug 18 03:56 rsync.exe

admin AT local /usr/bin
$ rm -f rsync.exe
rm: cannot remove `rsync.exe': Permission denied

admin AT local /usr/bin
$

I have read the documentation on NTSEC and from my limited understanding 
of it was able to glean that using the Windows ACLs was probably not the 
right way to grant access to the admin AT domain account.  What is the best 
way to allow access of cygwin to *all* administrators and can I repair 
this permissions on this installation?  Thanks again. 

---

My CYGWIN environment variable is set to "CYGWIN binmode ntsec tty title 
server" and the /etc/passwd file follows.

senior AT LOCAL /usr/bin
$ less /etc/passwd
SYSTEM:*:18:544:,S-1-5-18::
Administrators:*:544:544:,S-1-5-32-544::
Administrator:unused_by_nt/2000/xp:500:513:U-LOCAL\Administrator,S-1-5-21-4847
63869-1563985344-682003330-500:/home/Administrator:/bin/bash
Guest:unused_by_nt/2000/xp:501:513:U-LOCAL\Guest,S-1-5-21-484763869-1563985344
-682003330-501:/home/Guest:/bin/bash
HelpAssistant:unused_by_nt/2000/xp:1000:513:Remote Desktop Help 
Assistant Accoun
t,U-LOCAL\HelpAssistant,S-1-5-21-484763869-1563985344-682003330-1000:/home/Hel
pAssistant:/bin/bash
admin:unused_by_nt/2000/xp:1003:513:U-LOCAL\admin,S-1-5-21-484763869-1563985
344-682003330-1003:/home/admin:/bin/bash
sshd:unused_by_nt/2000/xp:1020:513:sshd 
privsep,U-LOCAL\sshd,S-1-5-21-48476386
9-1563985344-682003330-1020:/var/empty:/bin/bash
SUPPORT_388945a0:unused_by_nt/2000/xp:1002:513:CN=Microsoft 
Corporation,L=Redmon
d,S=Washington,C=US,U-LOCAL\SUPPORT_388945a0,S-1-5-21-484763869-1563985344-682
003330-1002:/home/SUPPORT_388945a0:/bin/bash





--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019