X-Recipient: archive-cygwin@delorie.com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; q=dns; s=default; b=eH belZ5KqqxUPBGjJx136nWG1cqks7EDKDCzebBcsDZ5JLp75T5/0wM0T7npdgDYtz 5VB0zFYEWOrX2avZSyK51Cd5wCN17JZ7niXvbcwQoNSNhuzuGzNkGoEmcCEySVkF sqtKaN+UZ/WeAtx/j7XgH9QBwCOsUTh05cBmKkT/w= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; s=default; bh=Tq33jxl0 Xh1MXtvySQEhJZEecDc=; b=HXnhDA4qVdjHqSKLaEZjePLmsOt9MzB+Lz4OpDYK pOwAFjLTsE1w78PajJ9gm1pyER86Y6Jo9buaw+04K/x1VDrSvYFWcyFmm8fAq8xH 7uX6ChrX8t9kXzajHBdkfC2lGdlJ8wkRFii+htm1/pZoDzNXqmt7FlX0mitSoB/E dh8= Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Delivered-To: mailing list cygwin@cygwin.com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=0.0 required=5.0 tests=AWL,BAYES_20,FREEMAIL_FROM,RCVD_IN_DNSWL_LOW,SPF_PASS,UPPERCASE_50_75 autolearn=ham version=3.3.2 spammy=Administrators, icacls, RW, rw X-HELO: mail-lf0-f45.google.com X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to; bh=8pCaJVT1X2bwxzWdl4uLXNe5v9p3O/8LacyZrm3auyg=; b=UEx+qn3hoUvT+pOj5p3O4vxEMTGG6JDjh/YH43Yhm2whCAmsZtX+mgL8Xw6upS9NtM NX84lqWbN7tIRk4nMjYLSYndFsnolaLtUyFIDtMvzoFnbXr7nD5sxG8Qifddv2yz9cIY lEoUPKcjsffIPecjHsX1avF6T43GLGxaOfCUP7oaiPK6zsOxSpVQ0xzRWLh2aM50yxMw 1HusB4iTdshpxaT+0MAByfDiZdqRcDGaDWYs6lTRxus5C+fBLx5NX0j0GElPDsfLXqO5 ZGkWUMMUlywtVIrAu6D85hzsRJaeHD7I8azXk4pa2HSIJ3zOLOc5evLuVqiCfLxEUcuU XNJw== X-Gm-Message-State: AOPr4FUTCbl/7ADKq/UFUOg5alBWEeD4fqWyBMgT1B/p5wUjBD1rhpNKgDOAINTRvOcma4MP92WIs3C+mtyYYQ== MIME-Version: 1.0 X-Received: by 10.112.125.9 with SMTP id mm9mr9229520lbb.45.1461945813293; Fri, 29 Apr 2016 09:03:33 -0700 (PDT) In-Reply-To: References: <1160735037.124947226.1457200185315.JavaMail.root@zimbra93-e16.priv.proxad.net> <1936538945.131164828.1457377923154.JavaMail.root@zimbra93-e16.priv.proxad.net> <20160308090233.GA13971@calimero.vinschen.de> Date: Fri, 29 Apr 2016 12:03:33 -0400 Message-ID: Subject: Re: Issues with ACL settings after updating to the latest cygwin.dll - correction From: Erik Soderquist To: cygwin@cygwin.com Content-Type: text/plain; charset=UTF-8 X-IsSubscribed: yes I'm having a similar issue with strange acl results... I wish I knew which update triggered this, but I'd ignored and/or worked around it... I can reproduce it with the following: user@localhost ~ $ touch /tmp/foo user@localhost ~ $ chmod 700 /tmp/foo user@localhost ~ $ echo foo>/tmp/foo -bash: /tmp/foo: Permission denied user@localhost ~ $ ls -la /tmp total 20 drwxrwxrwx+ 1 user Administrators 0 Apr 29 11:42 . dr-xrwxr-x+ 1 Administrators Administrators 0 Mar 9 17:00 .. -rwx------+ 1 user Domain Users 0 Apr 29 11:42 foo result of the acl commands, as I've seen them requested are: user@localhost /tmp $ cacls foo C:\cygwin64\tmp\foo NewDomain\user:(DENY)(special access:) FILE_READ_DATA FILE_WRITE_DATA FILE_APPEND_DATA FILE_READ_EA FILE_WRITE_EA FILE_DELETE_CHILD FILE_WRITE_ATTRIBUTES NewDomain\user:F NewDomain\user:(special access:) READ_CONTROL SYNCHRONIZE FILE_GENERIC_READ FILE_GENERIC_WRITE FILE_READ_DATA FILE_WRITE_DATA FILE_APPEND_DATA FILE_READ_EA FILE_WRITE_EA FILE_READ_ATTRIBUTES FILE_WRITE_ATTRIBUTES NewDomain\Domain Users:(DENY)(special access:) FILE_READ_DATA FILE_WRITE_DATA FILE_APPEND_DATA FILE_READ_EA FILE_WRITE_EA FILE_DELETE_CHILD FILE_WRITE_ATTRIBUTES OldDomain\Domain Users:(DENY)(special access:) FILE_READ_DATA FILE_WRITE_DATA FILE_APPEND_DATA FILE_READ_EA FILE_WRITE_EA FILE_DELETE_CHILD FILE_WRITE_ATTRIBUTES NewDomain\Domain Users:(special access:) READ_CONTROL SYNCHRONIZE FILE_GENERIC_READ FILE_GENERIC_WRITE FILE_READ_DATA FILE_WRITE_DATA FILE_APPEND_DATA FILE_READ_EA FILE_WRITE_EA FILE_READ_ATTRIBUTES FILE_WRITE_ATTRIBUTES BUILTIN\Administrators:(special access:) READ_CONTROL SYNCHRONIZE FILE_GENERIC_READ FILE_GENERIC_WRITE FILE_READ_DATA FILE_WRITE_DATA FILE_APPEND_DATA FILE_READ_EA FILE_WRITE_EA FILE_READ_ATTRIBUTES FILE_WRITE_ATTRIBUTES OldDomain\Domain Users:(special access:) READ_CONTROL SYNCHRONIZE FILE_GENERIC_READ FILE_GENERIC_WRITE FILE_READ_DATA FILE_WRITE_DATA FILE_APPEND_DATA FILE_READ_EA FILE_WRITE_EA FILE_READ_ATTRIBUTES FILE_WRITE_ATTRIBUTES Everyone:(special access:) READ_CONTROL SYNCHRONIZE FILE_READ_ATTRIBUTES user@localhost /tmp $ icacls foo foo NewDomain\user:(DENY)(W,RD,REA,DC) NewDomain\user:(F) NewDomain\user:(R,W) NewDomain\Domain Users:(DENY)(W,RD,REA,DC) OldDomain\Domain Users:(DENY)(W,RD,REA,DC) NewDomain\Domain Users:(R,W) BUILTIN\Administrators:(R,W) OldDomain\Domain Users:(R,W) Everyone:(Rc,S,RA) Successfully processed 1 files; Failed processing 0 files I don't understand why there is a DENY at all rather than simply removing the Allow permissions, nor do I understand why the user, who is owner of the file and has rwx for it, is getting a DENY at all. -- Erik -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple