Mail Archives: cygwin/2014/11/01/11:46:55

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2014/11/01/11:46:55

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:date:from:to:subject:message-id:reply-to

:references:mime-version:content-type:in-reply-to; q=dns; s=

default; b=rWoitbjvS6QqqmdosoiMVk5Pk1GXWWXrDGaIZqfMNnFcl39jSwrtq

5Ws2IoD4uOZ4MCHnH70giGtA7cm2jFQm1PpyEmly3debj9xb8VRCXox/TLkGELFE

qSvxjhuZaRPM8JyuRrtXO7ryGp4R1I/lKObLsZKniYGfD7CkcTJmrE=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:date:from:to:subject:message-id:reply-to

:references:mime-version:content-type:in-reply-to; s=default;

bh=tiNmC5TLxunrziV394L5goLb+vU=; b=axp3D4GAHhv5DMszhJxR6H1GeAK+

feFQLNb7RcI074yFNyIRqq11lBJqbZ1Xq6CTl9hGkWlKYQGQJgUQz1a69E8qo38c

3YNbOGXm+C09VIhxXKPZbN7A2W4R6MGIhAiOV6PSuMHOH0bFn3loV6Lh7hOSdPRr

sDM4jv/VpNluu/4=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2

X-HELO: calimero.vinschen.de

Date: Sat, 1 Nov 2014 16:46:37 +0100

From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>

To: cygwin AT cygwin DOT com

Subject: Re: cannot turn off group (None) permissions in 1.7.33-04

Message-ID: <20141101154637.GE14051@calimero.vinschen.de>

Reply-To: cygwin AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

References: <5454F941 DOT 4060507 AT gmail DOT com>

MIME-Version: 1.0

In-Reply-To: <5454F941.4060507@gmail.com>

User-Agent: Mutt/1.5.23 (2014-03-12)

--WK3l2KTTmXPVedZ6
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Nov  1 08:16, Stephen Sheldon wrote:
> I had some key files in ~/.ssh.  They looked like this.
>=20
> -rw-------+ 1 sheldon None 1.7K Nov  1 07:09 id_rsa
> -rw-r--r--+ 1 sheldon None  401 Nov  1 07:09 id_rsa.pub
> -rw-r--r--+ 1 sheldon None  174 Nov  1 07:09 known_hosts
>=20
> After I installed 1.7.33-04 they looked like this.
>=20
> -rw-rwx---+ 1 sheldon None 1.7K Nov  1 07:09 id_rsa*
> -rw-rwxr--+ 1 sheldon None  401 Nov  1 07:09 id_rsa.pub*
> -rw-rwxr--+ 1 sheldon None  174 Nov  1 07:09 known_hosts*
>=20
> ssh complained about permissions when I tried to log on to another host. =
 I
> could not change the permissions back with chmod, either with chmod 600 or
> chmod g-w ...

Correct.  This is the result of the change to 1.7.33 to implement
POSIX ACL handling more POSIX-like:

There are permissions on the file given to other users and/or groups
beside the primary user and group.  Per POSIX, the group permission
bits reflect the *sum* of all permission bits granted to other users
and all groups,

To easily get rid of such overly open permissions, I implemented the
new setfacl -b flag:

Initial situation:

  $ touch xxx
  $ ls -l xxx
  -rw-r--r--  1 corinna vinschen 57110 Oct 27 14:47 xxx

Grant permissions to "somebody else":

  $ setfacl -m g:administrators:rwx xxx
  $ getfacl xxx
  # file: xxx
  # owner: corinna
  # group: vinschen
  user::rw-
  group::r--
  group:Administrators:rwx
  mask:rwx
  other:r--

  $ ls -l xxx
  -rw-rwxr--+ 1 corinna vinschen 57110 Oct 27 14:47 xxx

Revert to POSIX-only permissions:

  $ setfacl -b xxx
  $ ls -l xxx
  -rw-r--r--  1 corinna vinschen 57110 Oct 27 14:47 xxx


HTH,
Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--WK3l2KTTmXPVedZ6
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJUVQBdAAoJEPU2Bp2uRE+gmEgP/i6VOCThqyyBUGvUGQDaYeHK
T0jvbLoptKlgUUn1tFcik9g7qLTmBUDW1cBoWBSF5WfdpbKXS6rnv48K1GMJ0Vqe
OnPoDCu3OSO8VM0m14vZnszg7hTWSxkDyu3Mb87RsfOEwvz1iHSx6C3G6GnoKVxD
ICnuwQfp8cp9ZE8KckfCehP83VqByvQrv+fc6TuyjV/KXqtyHMgUhYJWvI33dOAf
lAcegUnAQkbU+ttp1LiAzsbEuDfJwT4AKPcnNVKEu9Fkwldpv9/ArRe3l2zcTB0C
tmlUhL5j5pdEJPkMbbKgotp+ijYPhhoMpC19MqjR+0qCpjSFi34t8dFTLFJhy6m7
XXctIyWtxWPpycMYcEgK7qA5bgWJTJ8l/rjFON7fKGg2LQsr1TTfZiBQgV9ZoqtA
nPzB80fPzsGEJ2yFXyTslebfyFAHUM+CUB3v9skxgWMy1j1OKXlEJtQGbtd2v1Wq
DYiX/wQWfUMHYQR3STyG7qHg1PKNzvDkdJLLwq5XsFLjBCImk7crk9IHmUtqTgdT
pA0JfeSgtq+LOjCiv383GH+ucj0PWIwem+Je22mGchX4JzWqrcLttJAJaz1J+M8Y
pToyLy2Dyj1VVowHBtsp3Ru1f0f0cmiE3l+AbPzXYonOq+ol+Gm/pjDkgHIfW5cv
HbEpPmZ45Mnm9VRveZ8n
=NVYu
-----END PGP SIGNATURE-----

--WK3l2KTTmXPVedZ6--

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; q=dns; s=
	default; b=rWoitbjvS6QqqmdosoiMVk5Pk1GXWWXrDGaIZqfMNnFcl39jSwrtq
	5Ws2IoD4uOZ4MCHnH70giGtA7cm2jFQm1PpyEmly3debj9xb8VRCXox/TLkGELFE
	qSvxjhuZaRPM8JyuRrtXO7ryGp4R1I/lKObLsZKniYGfD7CkcTJmrE=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; s=default;
	bh=tiNmC5TLxunrziV394L5goLb+vU=; b=axp3D4GAHhv5DMszhJxR6H1GeAK+
	feFQLNb7RcI074yFNyIRqq11lBJqbZ1Xq6CTl9hGkWlKYQGQJgUQz1a69E8qo38c
	3YNbOGXm+C09VIhxXKPZbN7A2W4R6MGIhAiOV6PSuMHOH0bFn3loV6Lh7hOSdPRr
	sDM4jv/VpNluu/4=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2
X-HELO:	calimero.vinschen.de
Date:	Sat, 1 Nov 2014 16:46:37 +0100
From:	Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To:	cygwin AT cygwin DOT com
Subject:	Re: cannot turn off group (None) permissions in 1.7.33-04
Message-ID:	<20141101154637.GE14051@calimero.vinschen.de>
Reply-To:	cygwin AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
References:	<5454F941 DOT 4060507 AT gmail DOT com>
MIME-Version:	1.0
In-Reply-To:	<5454F941.4060507@gmail.com>
User-Agent:	Mutt/1.5.23 (2014-03-12)