delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2024/11/11/06:52:32

DMARC-Filter: OpenDMARC Filter v1.4.2 delorie.com 4ABBqWdA3791263
Authentication-Results: delorie.com; dmarc=pass (p=none dis=none) header.from=cygwin.com
Authentication-Results: delorie.com; spf=pass smtp.mailfrom=cygwin.com
DKIM-Filter: OpenDKIM Filter v2.11.0 delorie.com 4ABBqWdA3791263
Authentication-Results: delorie.com;
dkim=pass (1024-bit key, unprotected) header.d=cygwin.com header.i=@cygwin.com header.a=rsa-sha256 header.s=default header.b=pfCWNOzH
X-Recipient: archive-cygwin AT delorie DOT com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 6E6E13858C62
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
s=default; t=1731325951;
bh=Gq3/hoci1w8PtXuseUb3IfwQ6WKsGwjs6T3EQN0+b7s=;
h=Date:To:Subject:In-Reply-To:References:List-Id:List-Unsubscribe:
List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:
From;
b=pfCWNOzHLEdH1GagnwKDkpJFTQUg/yS/UTK/gp7JuG6Udt1FFVZOh8u4e8G3WAMxQ
Z80WGvvSdHR5O8OWwRo2RJwVV3Ktk1ppcGBMK3Wezkak76AQrOc3ECNQPUM+UGUBJc
3k7cdAV5BpRL71St1O9ryOn61jltwhavUVrkkepA=
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org DA4993858D39
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org DA4993858D39
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1731325890; cv=none;
b=vKEBUIKBfd/Tkk7VoO1+0xovTaShg0xyV6oA38qMQTjJNkfh9hOm8yhe6lsoots1Sy67S3QU/etTpcj7UR/HZF5iEG3TzGQbb5DvJoqf9pVJP+40CeugN/sVb5FqyZaGqBkA42UO8jVmcJBp4QMDYI00IF9o+tfqtsERn/IkOzM=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
t=1731325890; c=relaxed/simple;
bh=inis0yYIORmcJurDc22Ui2luUfhcKoXJ/pKIiSJdVJQ=;
h=Date:From:To:Subject:Message-Id:Mime-Version:DKIM-Signature;
b=YwCULgkmgDL2zqo3NAWeRmOKi/3TNVE2l1xLmSlZYWHDIQHvTk1A4OvEMdXOJnQmXpcLUUVIyTvrEnWSXUSc7JbrJ5AUeXz8XPsQse5m6Ql59LQDvlq7JCJjgYuGLZioh+iVcKwvL/wnBNECFr6JXlsF7tkMj61w5ho/IIjSl+E=
ARC-Authentication-Results: i=1; server2.sourceware.org
Date: Mon, 11 Nov 2024 20:51:24 +0900
To: cygwin AT cygwin DOT com
Subject: Re: SMBFS mount's file cannot be made executable
Message-Id: <20241111205124.d141ee6930125a827195365c@nifty.ne.jp>
In-Reply-To: <20241111201928.811a2f8f09142b7aa8fe9bdc@nifty.ne.jp>
References: <BL0PR0901MB430827F1A0668E468B498FBBA5D70 AT BL0PR0901MB4308 DOT namprd09 DOT prod DOT outlook DOT com>
<20241108205109 DOT 55f99e2d172b9fc87e92ae67 AT nifty DOT ne DOT jp>
<Zy4ODHHpmZPggGSz AT calimero DOT vinschen DOT de>
<20241111193152 DOT c3a81044a03ecf2093185166 AT nifty DOT ne DOT jp>
<ZzHizX_6FXABDPvZ AT calimero DOT vinschen DOT de>
<20241111201928 DOT 811a2f8f09142b7aa8fe9bdc AT nifty DOT ne DOT jp>
X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.30; i686-pc-mingw32)
Mime-Version: 1.0
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.30
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
<mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From: Takashi Yano via Cygwin <cygwin AT cygwin DOT com>
Reply-To: Takashi Yano <takashi DOT yano AT nifty DOT ne DOT jp>
Errors-To: cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com
Sender: "Cygwin" <cygwin-bounces~archive-cygwin=delorie DOT com AT cygwin DOT com> 

On Mon, 11 Nov 2024 20:19:28 +0900
Takashi Yano wrote:

> On Mon, 11 Nov 2024 11:56:13 +0100
> Corinna Vinschen wrote:
> 
> > On Nov 11 19:31, Takashi Yano via Cygwin wrote:
> > > On Fri, 8 Nov 2024 14:11:40 +0100
> > > Corinna Vinschen wrote:
> > > > If the server is a Samba share, check if `force unknown acl user = yes'
> > > > and for the share itself, check that
> > > > 
> > > >   read only = No
> > > >   vfs objects = acl_xattr
> > >     ^^^^^^^^^^^^^^^^^^^^^^^
> > > Thanks! This makes things better.
> > > At least x permissions are set to executable compiled by gcc.
> > > 
> > > However, something is still wrong in my environment....
> > > Others permission seems to be reffered in some cases.
> > 
> > I don't understand.  Please run icacls for a just created file on your
> > Samba share (without the below patch) as well as Windows' `whoami /all'.
> 
> $ touch samba_test_file.txt
> $ icacls samba_test_file.txt
> samba_test_file.txt S-1-5-21-479325430-3041864944-504445739-1000:(R,W,D,WDAC,WO)
>                     S-1-5-21-479325430-3041864944-504445739-513:(R)
>                     Everyone:(R)
> 
> This seems reasonable to me.
> 
> For Windows 11 share, the result is
> samba_test_file.txt NULL SID:(DENY)(Rc,S,WEA,X,DC)
>                     S-1-5-21-2089672436-4097686843-2104605006-1001:(R,W,D,WDAC,WO)
>                     S-1-5-21-2089672436-4097686843-2104605006-513:(DENY)(S,X)
>                     NT AUTHORITY\Authenticated Users:(DENY)(S,X)
>                     NT AUTHORITY\SYSTEM:(DENY)(S,X)
>                     BUILTIN\Administrators:(DENY)(S,X)
>                     BUILTIN\Users:(DENY)(S,X)
>                     S-1-5-21-2089672436-4097686843-2104605006-513:(RX)
>                     NT AUTHORITY\Authenticated Users:(RX,W)
>                     NT AUTHORITY\SYSTEM:(RX,W)
>                     BUILTIN\Administrators:(RX,W)
>                     BUILTIN\Users:(RX)
>                     Everyone:(R)

Sorry, I forgot to add result of 'whoami /all'.

$ /cygdrive/c/windows/system32/whoami /all

USER INFORMATION
----------------

User Name    SID
============ ==============================================
hp-z230\yano S-1-5-21-1515853178-1880514851-1804962447-1001


GROUP INFORMATION
-----------------

Group Name                             Type             SID                                            Attributes
====================================== ================ ============================================== ==================================================
Everyone                               Well-known group S-1-1-0                                        Mandatory group, Enabled by default, Enabled group
HP-Z230\docker-users                   Alias            S-1-5-21-1515853178-1880514851-1804962447-1073 Mandatory group, Enabled by default, Enabled group
BUILTIN\Performance Log Users          Alias            S-1-5-32-559                                   Mandatory group, Enabled by default, Enabled group
BUILTIN\Remote Desktop Users           Alias            S-1-5-32-555                                   Mandatory group, Enabled by default, Enabled group
BUILTIN\Users                          Alias            S-1-5-32-545                                   Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\INTERACTIVE               Well-known group S-1-5-4                                        Mandatory group, Enabled by default, Enabled group
CONSOLE LOGON                          Well-known group S-1-2-1                                        Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users       Well-known group S-1-5-11                                       Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization         Well-known group S-1-5-15                                       Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\$B%m!<%+%k(B $B%"%+%&%s%H(B       Well-known group S-1-5-113                                      Mandatory group, Enabled by default, Enabled group
LOCAL                                  Well-known group S-1-2-0                                        Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\NTLM Authentication       Well-known group S-1-5-64-10                                    Mandatory group, Enabled by default, Enabled group
Mandatory Label\Medium Mandatory Level Label            S-1-16-8192


PRIVILEGES INFORMATION
----------------------

Privilege Name                Description                          State
============================= ==================================== ========
SeShutdownPrivilege           Shut down the system                 Disabled
SeChangeNotifyPrivilege       Bypass traverse checking             Enabled
SeUndockPrivilege             Remove computer from docking station Disabled
SeIncreaseWorkingSetPrivilege Increase a process working set       Disabled
SeTimeZonePrivilege           Change the time zone                 Disabled


-- 
Takashi Yano <takashi DOT yano AT nifty DOT ne DOT jp>

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019