delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2019/08/14/23:00:10

X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:reply-to:subject:to:references:from:message-id
:date:mime-version:in-reply-to:content-type
:content-transfer-encoding; q=dns; s=default; b=NIeNKqgiZm9use8Y
+aCJXRXatjSjHcnMIa+LrMhU2h8d04YTaEHDKVhItcmYk23CaoUcFVfsePCo6r2p
rwwLhe7rZNW+I36GHBf0V8tv+ZwBuKSHf0CM3dSFMvO+PJUBJOLSM6WdkPoPr8uR
733ndeTYKed/atZnEODbSg/hMA8=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
:list-unsubscribe:list-subscribe:list-archive:list-post
:list-help:sender:reply-to:subject:to:references:from:message-id
:date:mime-version:in-reply-to:content-type
:content-transfer-encoding; s=default; bh=t4R18mV97p8FtetlI6dMws
NN+VI=; b=NQlH7a2Q5ihqgTnXBuYhzb3TFqYJ/Q6Zsp1nfgTE7hBSio2CR4Ea5D
Cq6ResOrQl+U3l0nPxCoUwJ/TdBEUIO9e3KRxc+q12qWIt9X3pCq+n/npKApvMbn
vz93tqUKp9xRgESUtDKJwWeidLNvIK022z4pmAWTw3bwfRemAcnng=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-5.0 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_2,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 spammy=deny, GROUP, authority
X-HELO: smtp-out-no.shaw.ca
Reply-To: Brian DOT Inglis AT SystematicSw DOT ab DOT ca
Subject: Re: SMBFS mount's file cannot be made executable
To: cygwin AT cygwin DOT com
References: <BN6PR09MB14090CCC3D36B48425650A55A5AC0 AT BN6PR09MB1409 DOT namprd09 DOT prod DOT outlook DOT com>
From: Brian Inglis <Brian DOT Inglis AT SystematicSw DOT ab DOT ca>
Openpgp: preference=signencrypt
Message-ID: <98680ad1-fac9-123e-35c4-c55b7139f75f@SystematicSw.ab.ca>
Date: Wed, 14 Aug 2019 20:59:12 -0600
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <BN6PR09MB14090CCC3D36B48425650A55A5AC0@BN6PR09MB1409.namprd09.prod.outlook.com>
X-IsSubscribed: yes 

On 2019-08-14 19:40, Lavrentiev, Anton (NIH/NLM/NCBI) [C] via cygwin wrote:
>> You can often figure permissions problems

> I already figured where the problem was, in how cygwin convers (or, actually 
> doesn't) the UNIX's "x" bit into the native DAC for the underlying filesystem
> (to store as, again, "x" in the Linux share). 
> Missing that DACL, SMBD returns "Access denied" for an attempt to execute the
> .exe file.>
> I don't think that any of the requested output is of any help or indication, 
> rather than to actually show that the execute permission is missing.
> 
> $ /usr/lib/csih/getVolInfo /cygdrive/z
> Device Type        : 7
> Characteristics    : 10
> Volume Name        : <home>
> Serial Number      : 3112497429
> Max Filenamelength : 255
> Filesystemname     : <NTFS>
> Flags              : 1006f
>   FILE_CASE_SENSITIVE_SEARCH  : TRUE
>   FILE_CASE_PRESERVED_NAMES   : TRUE
>   FILE_UNICODE_ON_DISK        : TRUE
>   FILE_PERSISTENT_ACLS        : TRUE
>   FILE_FILE_COMPRESSION       : FALSE
>   FILE_VOLUME_QUOTAS          : TRUE
>   FILE_SUPPORTS_SPARSE_FILES  : TRUE
>   FILE_SUPPORTS_REPARSE_POINTS: FALSE
>   FILE_SUPPORTS_REMOTE_STORAGE: FALSE
>   FILE_VOLUME_IS_COMPRESSED   : FALSE
>   FILE_SUPPORTS_OBJECT_IDS    : TRUE
>   FILE_SUPPORTS_ENCRYPTION    : FALSE
>   FILE_NAMED_STREAMS          : FALSE
>   FILE_READ_ONLY_VOLUME       : FALSE
>   FILE_SEQUENTIAL_WRITE_ONCE  : FALSE
>   FILE_SUPPORTS_TRANSACTIONS  : FALSE
> 
> $ pwd
> /cygdrive/z
> 
> $ gcc hello.c
> 
> $ /usr/lib/csih/getVolInfo /cygdrive/z/a.exe
> Device Type        : 7
> Characteristics    : 10
> Volume Name        : <home>
> Serial Number      : 3112497429
> Max Filenamelength : 255
> Filesystemname     : <NTFS>
> Flags              : 1006f
>   FILE_CASE_SENSITIVE_SEARCH  : TRUE
>   FILE_CASE_PRESERVED_NAMES   : TRUE
>   FILE_UNICODE_ON_DISK        : TRUE
>   FILE_PERSISTENT_ACLS        : TRUE
>   FILE_FILE_COMPRESSION       : FALSE
>   FILE_VOLUME_QUOTAS          : TRUE
>   FILE_SUPPORTS_SPARSE_FILES  : TRUE
>   FILE_SUPPORTS_REPARSE_POINTS: FALSE
>   FILE_SUPPORTS_REMOTE_STORAGE: FALSE
>   FILE_VOLUME_IS_COMPRESSED   : FALSE
>   FILE_SUPPORTS_OBJECT_IDS    : TRUE
>   FILE_SUPPORTS_ENCRYPTION    : FALSE
>   FILE_NAMED_STREAMS          : FALSE
>   FILE_READ_ONLY_VOLUME       : FALSE
>   FILE_SEQUENTIAL_WRITE_ONCE  : FALSE
>   FILE_SUPPORTS_TRANSACTIONS  : FALSE
> 
> $ ls -dl /cygdrive/z/a.exe
> -rw-rw-r--+ 1 lavr cppcore 157753 Aug 14 21:30 /cygdrive/z/a.exe
> 
> $ getfacl /cygdrive/z/a.exe
> # file: /cygdrive/z/a.exe
> # owner: lavr
> # group: cppcore
> user::rw-
> user:lavr:rw-
> group::r--
> group:cppcore:r--
> mask::rw-
> other::r--
> 
> $ icacls `cygpath -w /cygdrive/z/a.exe`
> Z:\a.exe S-1-22-1-4640:(R,W)
>          S-1-22-2-5333:(R)
>          S-1-22-2-5333:(R)
>          S-1-22-1-4640:(R,W)
>          Everyone:(R)
> 
> Successfully processed 1 files; Failed processing 0 files

Prerequisite for +x is DACL and masks allowing +x on normal file system
directories and executables, as Cyggwin is emulating POSIX D/ACLs using Windows
D/ACLs:

drwxrwxr-x+ 1 SYSTEM SYSTEM 0 Aug 14 18:40 .

# file: .
# owner: SYSTEM
# group: SYSTEM
user::rwx
user:$USER:rwx
group::r-x
group:Administrators:rwx
group:$GROUP:r-x
mask::rwx
other::r-x
default:user::rwx
default:user:$USER:rwx
default:group::---
default:group:Administrators:rwx
default:mask::rwx
default:other::r-x

. NULL SID:(DENY)(Rc,S,REA,WEA,X,DC)
  NT AUTHORITY\SYSTEM:(F)
  $HOSTNAME\$USER:(RX,W,DC)
  NT AUTHORITY\SYSTEM:(RX)
  BUILTIN\Administrators:(RX,W,DC)
  BUILTIN\$GROUP:(RX)
  Everyone:(RX)
  NULL SID:(OI)(CI)(IO)(DENY)(Rc,S,REA,WEA,X,DC)
  CREATOR OWNER:(OI)(CI)(IO)(F)
  $HOSTNAME\$USER:(OI)(CI)(IO)(RX,W,DC)
  CREATOR GROUP:(OI)(CI)(IO)(Rc,S,RA)
  BUILTIN\Administrators:(OI)(CI)(IO)(RX,W,DC)
  CREATOR GROUP:(OI)(CI)(IO)(DENY)(S,RD,REA,X)
  Everyone:(OI)(CI)(IO)(RX)

Successfully processed 1 files; Failed processing 0 files

-rwxr-xr-x+ 1 $USER $GROUP 158443 Aug  3  2018 test.exe
# file: test.exe
# owner: $USER
# group: $GROUP
user::rwx
group::r-x
group:SYSTEM:rwx        #effective:r-x
group:Administrators:rwx        #effective:r-x
mask::r-x
other::r-x

test.exe NULL SID:(DENY)(Rc,S,REA,X,DC)
         $HOSTNAME\$USER:(F)
         BUILTIN\$GROUP:(RX)
         NT AUTHORITY\SYSTEM:(RX,W)
         BUILTIN\Administrators:(RX,W)
         Everyone:(RX)

Successfully processed 1 files; Failed processing 0 files

-- 
Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

This email may be disturbing to some readers as it contains
too much technical detail. Reader discretion is advised.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019