X-Recipient: archive-cygwin@delorie.com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id:content-type :content-transfer-encoding:mime-version; q=dns; s=default; b=WLa gyvRUL56aBF+EBvwIVJZDjGzTgf0z1V71x7Hdt0MJjh2T6DbkeI2wyFGe4Wc53Mo vxlqZ6Ikcf03KnK2//jyYZuVKuVHgYPzNkEIDPOCaV9+1pjZPxqsPhTFm9T/BnFX bz/S0IzHWVY/kt1xPpYAhjaCm5z9v3A7QjArzmtk= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:from:to:subject:date:message-id:content-type :content-transfer-encoding:mime-version; s=default; bh=IDgzl6ln4 hxq3b+U7O1IqX9/418=; b=Geiyvpz/daTm1CfwhxPg0dHWdnm0Q0HEYUy2BtjNM RH4Cslgf+Q/FEhHqX3tYw33t3oDOnNAt618I28f00PlXnOEs3hrkCFri97haQRaI rD7m7Q7+ZZ1ZCcB67Uudgylnp9qrqidnIu2nE975/6tZGDwcbojwXK83ztzQ6W43 3Y= Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Delivered-To: mailing list cygwin@cygwin.com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE,SPF_PASS,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 spammy=Community, H*RU:15.1.466.34, H*r:15.1.466, H*r:ip*15.1.466.34 X-HELO: mail.knapheide.com Authentication-Results: mail.knapheide.com; spf=None smtp.pra=eduesterhaus@knapheide.com; spf=None smtp.mailfrom=eduesterhaus@knapheide.com; spf=None smtp.helo=postmaster@mail.knapheide.com Received-SPF: None (mail.knapheide.com: no sender authenticity information available from domain of eduesterhaus@knapheide.com) identity=pra; client-ip=10.129.5.99; receiver=mail.knapheide.com; envelope-from="eduesterhaus@knapheide.com"; x-sender="eduesterhaus@knapheide.com"; x-conformance=sidf_compatible Received-SPF: None (mail.knapheide.com: no sender authenticity information available from domain of eduesterhaus@knapheide.com) identity=mailfrom; client-ip=10.129.5.99; receiver=mail.knapheide.com; envelope-from="eduesterhaus@knapheide.com"; x-sender="eduesterhaus@knapheide.com"; x-conformance=sidf_compatible Received-SPF: None (mail.knapheide.com: no sender authenticity information available from domain of postmaster@mail.knapheide.com) identity=helo; client-ip=10.129.5.99; receiver=mail.knapheide.com; envelope-from="eduesterhaus@knapheide.com"; x-sender="postmaster@mail.knapheide.com"; x-conformance=sidf_compatible X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A2DSAwDo4i5a/2MFgQpbHAEBAQQBAQoBA?= =?us-ascii?q?YVGtiOCFQqKcBYBAQEBAQEBAQGBCAuFY1EBPkImAQQbDLR1inAmg2iDYYFpiDS?= =?us-ascii?q?FbiAFijqJR48QgXiTIIIfih+HLpZegTsmDYF0b4J5hFSJQoEVAQEB?= X-IPAS-Result: =?us-ascii?q?A2DSAwDo4i5a/2MFgQpbHAEBAQQBAQoBAYVGtiOCFQqKcBY?= =?us-ascii?q?BAQEBAQEBAQGBCAuFY1EBPkImAQQbDLR1inAmg2iDYYFpiDSFbiAFijqJR48Qg?= =?us-ascii?q?XiTIIIfih+HLpZegTsmDYF0b4J5hFSJQoEVAQEB?= From: Eric Duesterhaus To: "cygwin@cygwin.com" Subject: Files created in cygwin on fileshare no longer allow "delete" in NTFS Date: Mon, 11 Dec 2017 19:58:28 +0000 Message-ID: <059e3621048b4ee68257b6bfb0ae1053@knapheide.com> Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id vBBJwhKj004645 Hi Cygwin Community, We are currently encountering an issue with Cygwin in regards to NTFS permissions on files created within Cygwin. I'll try to outline my issue with specifics. 1. There is a windows file server mapped to M:\ on the a windows computer running Cygwin. 2. There is an active directory group that has "Modify" level permissions on this file share (In NTFS, Modify includes explicit "delete" rights) 3. "User1" and "User2" are both members of the aforementioned AD group. 4. A file is created in /cygdrive/m/filepath/ through Cygwin being run as "User1". 5. "User2" attempts to delete this file. It does not work (access denied). 6. Upon further inspection of this file's ACL, the AD group with Modify level permissions now only has "read, write, execute" permissions, which, using windows "Effective Access" tool shows that the checkbox that assigns "delete" rights is no longer checked for this group. I tried using getfacl on a file with the modify permission allowed to my AD group, then passed that file into setfacl with the -f option to overwrite the ACL of my created file. From the NTFS point of view, my AD group still only has read/write/execute permissions instead of modify, which again, doesn't allow delete. For information gathering I use the resultant file from getfacl to setacl -f on a file with "good" NTFS permissions, it overwrites the permissions and again, my AD group only has rwx and not "modify" permissions while looking at the ACL from windows. How can I retain NTFS "delete" rights for my users and groups on files created by Cygwin? Eric -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple