Mail Archives: cygwin/2023/02/09/16:11:24

Corinna Vinschen via Cygwin <cygwin AT cygwin DOT com> · Thu, 9 Feb 2023 22:09:47 +0100

Hi Norton,

On Feb  9 13:25, Norton Allen via Cygwin wrote:
> On 2/8/2023 4:05 PM, Norton Allen via Cygwin wrote:
> > I briefly raised this issue months ago and am trying to resolve it again
> > now.
> > 
> > What I am trying to do is setup permissions so multiple users on one
> > machine can share full control over a particular directory hierarchy.
> > 
> > On Linux I have usually been able to make things work with:
> > 
> > Ā Ā  $ mkdir shared_dir
> > Ā Ā  $ chgrp shared_group shared_dir
> > Ā Ā  $ chmod g+ws shared_dir
> > Ā Ā  $ umask 2
> > 
> > User shells are configured with umask 2 so files they create have group
> > write. Users belong to shared_group. Files and subdirs created under
> > shared_dir are all in group shared_group. Files moved in retain their
> > original group, but the group members still have permission to rename or
> > delete them.
> > 
> > The problem:
> > 
> > $ chmod g+ws fails to set the 's' bit, and the resulting icacls output
> > does not contain any "NULL SID" entries. I am seeing the same problem on
> > (at least) two different systems setup by my organization. One of these
> > was just re-imaged and I installed Cygwin yesterday with no customized
> > configurations. AV is Windows Defender, but I suspect if that were the
> > culprit, there would have been more noise.
> > 
> > I suspect there might be a group policy or something that is interfering
> > with Cygwin's strategy for implementing POSIX permissions. I am pretty
> > sure this worked correctly at some point in the past.
> > 
> > Has anyone encountered this?
> > 
> > Does group policy seem like a likely suspect? Anyone know which
> > policy(ies)? I think I might be able to get IT to cut me slack if I knew
> > what to ask for.
> > 
> > I have also played with using setfacl directly to add permissions, but
> > as anyone who has read about Cygwin file permissions might guess, that
> > tends to have mixed/poor results, but I'd be open to any suggestions.
> > 
> 
> I don't actually have a system on which this is working to compare to, so I
> am not exactly sure how it is supposed to look when it's working correctly.
> The current behavior onĀ  my new uncustomized installation:
> [...]
> Any idea what g+s should be doing? Any more/better information I can
> provide?

What you observe is a bug in Cygwin, plain and simple.  Without going
into too much detail, part of the problem could never be observed with
older coreutils, which we had to live with for much too long in the
Cygwin distro.  The newer coreutils handles permissions slightly
differently and that dropped the mask from the buggy code.

I applied a patch which, hopefully, fixes this problem (in fact, plural,
"these problems").

A new Cygwin test release 3.5.0-0.162.g498fce80ef33 is just being built
and should be up in an hour or so.  You can simply install it via
Cygwin's setup tool as soon as it's on your favorite mirror.

If it works as desired, it will be part of the next Cygwin bugfix
release 3.4.6.

Thanks,
Corinna

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

X-Recipient:	archive-cygwin AT delorie DOT com
DKIM-Filter:	OpenDKIM Filter v2.11.0 sourceware.org 1FF4F3858033
DKIM-Signature:	v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1675977039;
	bh=q3RsA/RLsXxMzmvg5AXla/K2z/3kX91+Ujojgb1XIVs=;
	h=Date:To:Subject:References:In-Reply-To:List-Id:List-Unsubscribe:
	List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:
	From;
	b=EXSxKg3Mvg5snuZLiOnwrMdt+4YOMM2pdILrIBeYoPNhbQBIZZSdWteiksNqYcWxd
	P1uPmcEEMC9MgGfVOMdIOVw+NatPSkJqUjlex0FmJaUDuM4TdDUfzahSu6hhEmB5Pb
	fzr3N7pB93lUf/5jdC5Elays5HrwDeGUpqguBTzk=
X-Original-To:	cygwin AT cygwin DOT com
Delivered-To:	cygwin AT cygwin DOT com
Date:	Thu, 9 Feb 2023 22:09:47 +0100
To:	Norton Allen <allen AT huarp DOT harvard DOT edu>
Subject:	Re: chmod g+ws unsuccessful, "NULL SID" icacls missing
Message-ID:	<Y+VhGwpEkYx2TEMR@calimero.vinschen.de>
Mail-Followup-To:	Norton Allen <allen AT huarp DOT harvard DOT edu>,
	"cygwin AT cygwin DOT com" <cygwin AT cygwin DOT com>
References:	<0219f7c5-ca4c-bae3-3e13-abfc14c53e01 AT huarp DOT harvard DOT edu>
	<8af5a564-094f-e4eb-25b4-bed2b9294f39 AT huarp DOT harvard DOT edu>
MIME-Version:	1.0
In-Reply-To:	<8af5a564-094f-e4eb-25b4-bed2b9294f39@huarp.harvard.edu>
X-Provags-ID:	V03:K1:Ts8+SuAJRdgK+Q+ZWDt6u0SwdktkoG+cCcCE3pKisLxOglZJjFu
	UpEkB7fvN/TkZbkuGwud/+GvXgs9coQmcvoXECG/iymMKL3l7MHq26iT8IZuUCq75UslUVS
	Sa9yyE0KwSUILHbbywuvHiql334BnAHfccOrCfLHGN+jubBf3LILq7mBuQaR4SLgVazi9mA
	LmKOaHoGFf4mk9W7ulvCA==
UI-OutboundReport:	notjunk:1;M01:P0:VAVOZwx3vT8=;dtFXcNSb+PQV7UpQi7zeCxCvBNX
	wYAwDs22JtoRBrm3hKAy1nxoGiR+qrdCz2pPYuAtPs5Ij+5NCSWpC5UzkgRuIBZJRfZ6WPDHL
	3/f7TaYnTAONzN3LNU+k6ll5vcoWFSNYGTyvSbJhv4QNXpI+pIJQnQKsF9oppU+J47TnP9sqe
	+yavcyZZ8QqopTJUwxIzXRuZxohdw6i6+zNl9Xc/P+h1i8P9io1/MBSztRRE8cXuI4qQ9zQlG
	PocyCOQyjw+2fst/A02rpXv1g83PQ1onHrjDcuuIJ95fHrsgNKLOyTs5fRFm+CrHWVamUrzGr
	On3Legp/3RnW3tGrbNiG/HSnE83SCuK2Cow7nL6gBBACd74csi+78ri3S02hnQ6l7zxyv2tRq
	Wg5ehXWHD/RnVruuXpgpegn6+Rsqn5/b1gGNkV0+oI0bv6m3VPeFZZ2yNPz/S185qGc4l0oju
	sFCQLMyfYrQhNvzTBglQ6NhPfK8Ks71yubUyzBI5x5IwDX6K/VKQ43x/dPt1uzs8brnRD+EBl
	BR7zurDDrnLQmebdbItn+vUCW7dSsPuRHPBXj8tVvFHdA56qKHAErSZehvRH0yO9Ug2qURDZY
	SWOvv5NwrrX8JoAUhZO0YoB1F0DpRC8WCUXv+mpssBewa/pN9MZI32aoq9/f1KT0tweCOe/ZY
	owFzzBevAJW0aTFjErkLAv6EOgP8/W3mgBqIDGpYtg==
X-Spam-Status:	No, score=-97.3 required=5.0 tests=BAYES_00,
	GOOD_FROM_CORINNA_CYGWIN, KAM_DMARC_STATUS, RCVD_IN_DNSWL_NONE,
	RCVD_IN_MSPIKE_H2, SPF_FAIL, SPF_HELO_NONE,
	TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version:	SpamAssassin 3.4.6 (2021-04-09) on
	server2.sourceware.org
X-BeenThere:	cygwin AT cygwin DOT com
X-Mailman-Version:	2.1.29
List-Id:	General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe:	<https://cygwin.com/mailman/options/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive:	<https://cygwin.com/pipermail/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe:	<https://cygwin.com/mailman/listinfo/cygwin>,
	<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From:	Corinna Vinschen via Cygwin <cygwin AT cygwin DOT com>
Reply-To:	cygwin AT cygwin DOT com
Cc:	Corinna Vinschen <corinna-cygwin AT cygwin DOT com>,
	"cygwin AT cygwin DOT com" <cygwin AT cygwin DOT com>
Errors-To:	cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com
Sender:	"Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com>
X-MIME-Autoconverted:	from base64 to 8bit by delorie.com id 319LB3JJ020417

webmaster	delorie software privacy
Copyright © 2019 by DJ Delorie	Updated Jul 2019