X-Recipient: archive-cygwin@delorie.com X-Original-To: cygwin@cygwin.com Delivered-To: cygwin@cygwin.com DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org DAA893885C2A Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=SystematicSw.ab.ca Authentication-Results: sourceware.org; spf=none smtp.mailfrom=brian.inglis@systematicsw.ab.ca X-Authority-Analysis: v=2.3 cv=ecemg4MH c=1 sm=1 tr=0 a=kiZT5GMN3KAWqtYcXc+/4Q==:117 a=kiZT5GMN3KAWqtYcXc+/4Q==:17 a=IkcTkHD0fZMA:10 a=9I5xiGouAAAA:8 a=jChkm-x5hCMFubTIiR0A:9 a=QEXdDO2ut3YA:10 a=ztjZPAohYq4A:10 a=ARFN2YZ7Uv8kHtb7LS-q:22 Subject: Re: Files and folders created with invalid ACL To: cygwin@cygwin.com References: <1335658627.20200622202035@yandex.ru> <94fb9b46-a1e9-6a5c-f7af-9d8e43777a0d@cs.umass.edu> From: Brian Inglis Autocrypt: addr=Brian.Inglis@SystematicSw.ab.ca; prefer-encrypt=mutual; keydata= mDMEXopx8xYJKwYBBAHaRw8BAQdAnCK0qv/xwUCCZQoA9BHRYpstERrspfT0NkUWQVuoePa0 LkJyaWFuIEluZ2xpcyA8QnJpYW4uSW5nbGlzQFN5c3RlbWF0aWNTdy5hYi5jYT6IlgQTFggA PhYhBMM5/lbU970GBS2bZB62lxu92I8YBQJeinHzAhsDBQkJZgGABQsJCAcCBhUKCQgLAgQW AgMBAh4BAheAAAoJEB62lxu92I8Y0ioBAI8xrggNxziAVmr+Xm6nnyjoujMqWcq3oEhlYGAO WacZAQDFtdDx2koSVSoOmfaOyRTbIWSf9/Cjai29060fsmdsDLg4BF6KcfMSCisGAQQBl1UB BQEBB0Awv8kHI2PaEgViDqzbnoe8B9KMHoBZLS92HdC7ZPh8HQMBCAeIfgQYFggAJhYhBMM5 /lbU970GBS2bZB62lxu92I8YBQJeinHzAhsMBQkJZgGAAAoJEB62lxu92I8YZwUBAJw/74rF IyaSsGI7ewCdCy88Lce/kdwX7zGwid+f8NZ3AQC/ezTFFi5obXnyMxZJN464nPXiggtT9gN5 RSyTY8X+AQ== Organization: Systematic Software Message-ID: <4534cc0d-0e4c-b169-28c9-c658ef242dc6@SystematicSw.ab.ca> Date: Mon, 22 Jun 2020 15:13:10 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0 MIME-Version: 1.0 In-Reply-To: <94fb9b46-a1e9-6a5c-f7af-9d8e43777a0d@cs.umass.edu> Content-Language: en-CA X-CMAE-Envelope: MS4wfLqVZyM9wTW1GHPInpyemJS85Nza2ZBrnLYa2y4AM1AqdJ3eK/2vGJWQeYIjv2Us7gV7ihUwftzhFSvx4RvD/E3bXNroYjut67MBWNiD8Dw+kUl8+If+ NYxUp8YNaG7arkngrl6QqlTlvbiOEN/YcYkuuE5DBjRfbJXRbizDDmvjbMrkRKojCsyiRgREei30zQ== X-Spam-Status: No, score=-10.7 required=5.0 tests=BAYES_00, KAM_DMARC_STATUS, KAM_LAZY_DOMAIN_SECURITY, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP, URI_HEX autolearn=no autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: cygwin@cygwin.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: General Cygwin discussions and problem reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: cygwin@cygwin.com Content-Type: text/plain; charset="utf-8" Errors-To: cygwin-bounces@cygwin.com Sender: "Cygwin" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by delorie.com id 05MLDfcE000819 On 2020-06-22 13:59, Eliot Moss wrote: > On 6/22/2020 2:08 PM, Thorsten Kampe wrote: >> * Andrey Repin (Mon, 22 Jun 2020 20:20:35 +0300) >>> >>>> icacls test.txt /verify >>>> test.txt: Ace entries not in canonical order. >>> >>> This is normal. All conformant drivers MUST be able to correctly process such >>> ACL's. "Non-canonical" does not mean "invalid". >> >> `lsd` reports an error ("os error 1336"). But that might simply >> be a result of the "non canonical order". > > I agree; lsd seems to be being overly picky, not that you personally > can do much about that. > >>>> Interestingly the issue does not occur with files created in >>>> the user's Cygwin home directory but - for instance - in the >>>> Documents folder of the user's Windows profile. >>> >>>> This is a fresh Cygwin installation on a test system. Has >>>> anyone found a solution? >>> >>>> [1] > http://cygwin.1069669.n5.nabble.com/Issues-with-ACL-settings-after-updating-to-the-latest-cygwin-dll-td124123.html > >>> > >>> Needs more specifics. >>> How did you set your fstab, particularly cygdrive prefix? Any extra mounts? >>> How did you modify nsswitch? >> >> As I wrote, it's a "fresh Cygwin installation on a test >> system" that means the phenomennon is observable directly after >> the installation. >> >> I did some testing: files created in the user's home directory >> (/home/Administrator), the home directory (/home) and other sub >> directories don't show the issue. >> >> If I create a file or directory directly under / or anywhere >> else on the drive, the issue occurs. >> >> If that would be the case on my main workstation, I would be >> fine with that. Unfortunately on my main workstation the issue >> occurs everywhere. > > Maybe you took Andre slightly literally; rephrasing, what are your current > fstab and nsswitch contents?  I would also ask, what do icacls and getfacl > show on your / directory (the some that is the root of the hierarchy where > things aren't working for you)?  It could be that fixing some entry there, > and recursively, will get you to a good state. Often setfacl -b on files may reduce the ACLs to simple canonical entries u::rw[-x],g::r-[-x],o::r-[-x] .\$USER:(F) BUILTIN\$GROUP:(RX) Everyone:(RX) but you have to be careful that the same operation on directories keeps the DACLs d:u::rwx,d:g::r-x,d:o::r-x .\$USER:(F) BUILTIN\$GROUP:(RX) Everyone:(RX) CREATOR OWNER:(OI)(CI)(IO)(F) CREATOR GROUP:(OI)(CI)(IO)(RX) Everyone:(OI)(CI)(IO)(RX) as if the DACLs get stripped, files created under those directories often have *NO* permissions: making them create only directories. -- Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada This email may be disturbing to some readers as it contains too much technical detail. Reader discretion is advised. [Data in IEC units and prefixes, physical quantities in SI.] -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple