Mail Archives: cygwin/2015/05/13/13:23:01

delorie.com/archives/browse.cgi

search

Mail Archives: cygwin/2015/05/13/13:23:01

X-Recipient: archive-cygwin AT delorie DOT com

DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:mime-version:in-reply-to:references:date

:message-id:subject:from:to:content-type

:content-transfer-encoding; q=dns; s=default; b=qP/yOPMHc20txj+B

O0X9U1isxgyvGRhJr6zNg9A82ivS9YqkriYvCzSbvJ6ec+7xdeYtovBJ30ClNLgk

AhkG1QKAK5SMuvxpDWzN804lVYQgnAxsSpPHqRBBqooKYjbStYBqiJTuGuUgspyM

fJCJNolpadTgvrsbacjAtDMe/hI=

DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id

:list-unsubscribe:list-subscribe:list-archive:list-post

:list-help:sender:mime-version:in-reply-to:references:date

:message-id:subject:from:to:content-type

:content-transfer-encoding; s=default; bh=yi0pUhxegGH27i+bT0d74i

cxIXM=; b=OxGzRfkHsiAuyK2PTbt7PNyrUfHHWP4x3NEEKBo0dScWu+9u4vXUxz

W8ROK79K5EOntTVzBjbi65AplAudWKAVq5IuVx9FHgHK+ZnhTKi9tdkavLtp9J/H

MUjiqkLxZYwVlMMG/7QdTataX+2kkV3J48lf1MCwbsAAq8no5wGGc=

Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm

List-Id: <cygwin.cygwin.com>

List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>

List-Archive: <http://sourceware.org/ml/cygwin/>

List-Post: <mailto:cygwin AT cygwin DOT com>

List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>

Sender: cygwin-owner AT cygwin DOT com

Mail-Followup-To: cygwin AT cygwin DOT com

Delivered-To: mailing list cygwin AT cygwin DOT com

Authentication-Results: sourceware.org; auth=none

X-Virus-Found: No

X-Spam-SWARE-Status: No, score=0.5 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2

X-HELO: mail-wi0-f177.google.com

MIME-Version: 1.0

X-Received: by 10.180.76.231 with SMTP id n7mr16038254wiw.44.1431537743598; Wed, 13 May 2015 10:22:23 -0700 (PDT)

In-Reply-To: <CAHODtZS3eN4EOnhwx0nMsooqWpkY_TRcuZXLhzRVpSV6pGH+sg@mail.gmail.com>

References: <CAHODtZTiAbrFLBfgcY=RNathFpi70P8LxQwQ2_sVWM=x7nZvpg AT mail DOT gmail DOT com> <CAHODtZS3eN4EOnhwx0nMsooqWpkY_TRcuZXLhzRVpSV6pGH+sg AT mail DOT gmail DOT com>

Date: Wed, 13 May 2015 13:22:23 -0400

Message-ID: <CAA3aKc-NawNMy7ZRv69-BFxLdo5-fiSjFx5X9=y5LKh09OE0Gw@mail.gmail.com>

Subject: Re: Problem with posix flags and permission denied on domain computer

From: schilpfamily <schilpfamily AT gmail DOT com>

To: cygwin <cygwin AT cygwin DOT com>

X-IsSubscribed: yes

X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id t4DHMvdB029357

finally, someone else experiencing the same problems i have been
seeing. i have to run chmod -r u+r,u+w * to fix this issue. cygwin
really need to fix this.

On Wed, May 13, 2015 at 8:17 AM, JiÅ™Ã Engelthaler <engycz AT gmail DOT com> wrote:
> Digging couple of hours found the cause. File security.cc line 389
> RtlGetGroupSecurityDescriptor gets group SID "DOM_LAN\Domain Users"
> but this group is not in Access list parsed in get_attribute_from_acl
> function. I think this is not only my problem and hope Cygwin will be
> fixed.
>
> Powershell get-acl:
> PS D:\> get-acl foo|format-list
>
>
> Path   : Microsoft.PowerShell.Core\FileSystem::D:\foo
> Owner  : DOM_LAN\engycz
> Group  : DOM_LAN\Domain Users
> Access : BUILTIN\Administrators Allow  FullControl
>          NT AUTHORITY\SYSTEM Allow  FullControl
>          NT AUTHORITY\Authenticated Users Allow  Modify, Synchronize
>          BUILTIN\Users Allow  ReadAndExecute, Synchronize
> Audit  :
> Sddl   : O:S-1-5-21-270207346-1464484900-1734353810-5370G:DUD:(A;ID;FA;;;BA)(A;ID;FA;;;SY)(A;ID;0x1301bf;;;AU)(A;ID;0x1200a9;;;BU)
>
> =========
>
> PS D:\> get-acl bar|format-list
>
>
> Path   : Microsoft.PowerShell.Core\FileSystem::D:\bar
> Owner  : DOM_LAN\engycz
> Group  : DOM_LAN\Domain Users
> Access : DOM_LAN\engycz Deny  ReadData, ReadExtendedAttributes, ExecuteFile
>          Everyone Allow  ReadAttributes, ReadPermissions, Synchronize
>          NT AUTHORITY\Authenticated Users Allow  Modify, Synchronize
>          NT AUTHORITY\SYSTEM Allow  FullControl
>          BUILTIN\Administrators Allow  FullControl
>          BUILTIN\Users Allow  ReadAndExecute, Synchronize
>          DOM_LAN\Domain Users Allow  ReadAndExecute, Synchronize
>          DOM_LAN\engycz Allow  ReadAttributes, WriteAttributes,
> Delete, ReadPermissions, ChangePermissions, TakeOwnership, Synchronize
> Audit  :
> Sddl   : O:S-1-5-21-270207346-1464484900-1734353810-5370G:DUD:P(D;;CCSWWP;;;S-1-5-21-270207346-1464484900-1734353810-5370)(A;;0x120080;;;WD)(A;;0x1301bf;;;AU)(
>          A;;FA;;;SY)(A;;FA;;;BA)(A;;0x1200a9;;;BU)(A;;0x1200a9;;;DU)(A;;0x1f0180;;;S-1-5-21-270207346-1464484900-1734353810-5370)
>
> 2015-05-12 21:02 GMT+02:00 JiÅ™Ã Engelthaler <engycz AT gmail DOT com>:
>> I have problem with posix file flags and permission denied on computer
>> which is in domain. I have file on disk D: named foo. It is accessible
>> both in Windows and in Cygwin as /cygdrive/d/foo but has flags
>> ----rwx---+. If I copy this file to file named bar, it is not
>> accessible in Cygwin nor in Windows.
>> Fresh Windows installation, fresh Cygwin 2.0.2-1, foo file created in
>> notepad. As user engycz I'm member of group "NT
>> AUTHORITY\Authenticated Users" and "BUILTIN\Users" so I have R/W
>> access to foo.
>>
>> $ ls -al foo
>> ----rwx---+ 1 engycz Domain Users 5 12. 5  20.15 foo
>>
>> $ cat foo
>> hello
>>
>> $ getfacl.exe foo
>> # file: foo
>> # owner: engycz
>> # group: Domain Users
>> user::---
>> group::---
>> group:Authenticated Users:rwx
>> group:SYSTEM:rwx
>> group:Administrators:rwx
>> group:Users:r-x
>> mask:rwx
>> other:---
>>
>> $ icacls.exe foo
>> foo BUILTIN\Administrators:(I)(F)
>>     NT AUTHORITY\SYSTEM:(I)(F)
>>     NT AUTHORITY\Authenticated Users:(I)(M)
>>     BUILTIN\Users:(I)(RX)
>>
>> ====================
>> $ cp foo bar
>> ====================
>>
>> $ ls -al bar
>> ----rwx---+ 1 engycz Domain Users 5 12. 5  20.18 bar
>>
>> $ cat bar
>> cat: bar: Permission denied
>>
>>
>> $ getfacl.exe bar
>> # file: bar
>> # owner: engycz
>> # group: Domain Users
>> user::---
>> group::r-x
>> group:Authenticated Users:rwx
>> group:SYSTEM:rwx
>> group:Administrators:rwx
>> group:Users:r-x
>> mask:rwx
>> other:---
>>
>> $ icacls.exe bar
>> bar DOM_LAN\engycz:(DENY)(S,RD,REA,X)
>>     DOM_LAN\engycz:(D,Rc,WDAC,WO,RA,WA)
>>     DOM_LAN\Domain Users:(RX)
>>     Everyone:(Rc,S,RA)
>>     BUILTIN\Administrators:(F)
>>     NT AUTHORITY\SYSTEM:(F)
>>     NT AUTHORITY\Authenticated Users:(M)
>>     BUILTIN\Users:(RX)
>
> --
> Problem reports:       http://cygwin.com/problems.html
> FAQ:                   http://cygwin.com/faq/
> Documentation:         http://cygwin.com/docs.html
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
>

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019

X-Recipient:	archive-cygwin AT delorie DOT com
DomainKey-Signature:	a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:content-type
	:content-transfer-encoding; q=dns; s=default; b=qP/yOPMHc20txj+B
	O0X9U1isxgyvGRhJr6zNg9A82ivS9YqkriYvCzSbvJ6ec+7xdeYtovBJ30ClNLgk
	AhkG1QKAK5SMuvxpDWzN804lVYQgnAxsSpPHqRBBqooKYjbStYBqiJTuGuUgspyM
	fJCJNolpadTgvrsbacjAtDMe/hI=
DKIM-Signature:	v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:content-type
	:content-transfer-encoding; s=default; bh=yi0pUhxegGH27i+bT0d74i
	cxIXM=; b=OxGzRfkHsiAuyK2PTbt7PNyrUfHHWP4x3NEEKBo0dScWu+9u4vXUxz
	W8ROK79K5EOntTVzBjbi65AplAudWKAVq5IuVx9FHgHK+ZnhTKi9tdkavLtp9J/H
	MUjiqkLxZYwVlMMG/7QdTataX+2kkV3J48lf1MCwbsAAq8no5wGGc=
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com
Authentication-Results:	sourceware.org; auth=none
X-Virus-Found:	No
X-Spam-SWARE-Status:	No, score=0.5 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2
X-HELO:	mail-wi0-f177.google.com
MIME-Version:	1.0
X-Received:	by 10.180.76.231 with SMTP id n7mr16038254wiw.44.1431537743598; Wed, 13 May 2015 10:22:23 -0700 (PDT)
In-Reply-To:	<CAHODtZS3eN4EOnhwx0nMsooqWpkY_TRcuZXLhzRVpSV6pGH+sg@mail.gmail.com>
References:	<CAHODtZTiAbrFLBfgcY=RNathFpi70P8LxQwQ2_sVWM=x7nZvpg AT mail DOT gmail DOT com> <CAHODtZS3eN4EOnhwx0nMsooqWpkY_TRcuZXLhzRVpSV6pGH+sg AT mail DOT gmail DOT com>
Date:	Wed, 13 May 2015 13:22:23 -0400
Message-ID:	<CAA3aKc-NawNMy7ZRv69-BFxLdo5-fiSjFx5X9=y5LKh09OE0Gw@mail.gmail.com>
Subject:	Re: Problem with posix flags and permission denied on domain computer
From:	schilpfamily <schilpfamily AT gmail DOT com>
To:	cygwin <cygwin AT cygwin DOT com>
X-IsSubscribed:	yes
X-MIME-Autoconverted:	from quoted-printable to 8bit by delorie.com id t4DHMvdB029357