Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin AT sources DOT redhat DOT com
Date: Fri, 22 Jun 2001 19:15:31 +0200
From: Corinna Vinschen <cygwin AT cygwin DOT com>
To: cygwin <cygwin AT cygwin DOT com>
Subject: Re: ssh private key permissions
Message-ID: <20010622191531.B1647@cobold.toronto.redhat.com>
Mail-Followup-To: cygwin <cygwin AT cygwin DOT com>
References: <3B311D93 DOT 20902 AT ece DOT gatech DOT edu> <20010622002754 DOT D1830 AT cobold DOT toronto DOT redhat DOT com> <3B329608 DOT 7010709 AT ece DOT gatech DOT edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.12i
In-Reply-To: <3B329608.7010709@ece.gatech.edu>; from cwilson@ece.gatech.edu on Thu, Jun 21, 2001 at 08:49:12PM -0400

On Thu, Jun 21, 2001 at 08:49:12PM -0400, Charles S. Wilson wrote:
> I tried the following command (as Administrator=500, who's in group 545 
> and 500.545 owns the file)
> $ setfacl -s user::rw-,group::---,other::---,mask::--- foo
> setfacl: missing entries.
> 
> $ setfacl -d group:1000 foo
> <succeeded>
> $ setfacl -d group:545 foo
> <succeeded>
> $ setfacl -d user:1002 foo
> <succeeded>
> $ getfacl foo
> # file: foo
> # owner: 500
> # group: 544
> user::rw-
> group::rw-
> mask::rw-
> other::rw-
> 
> Okay, after removing the extra stuff by hand, try again:
> $ setfacl -s user::rw-,group::---,other::---,mask::--- foo
> 
> setfacl: missing entries.
> 
> 
> Aarrgh.  Okay, try it piecemeal:
> $ setfacl -m user::rwx
> <no error reported>
> $ setfacl -m group::---
> <no error reported>
> $ setfacl -m other::---
> setfacl: illegal acl entries
> $ setfacl -m mask::---
> setfacl: illegal acl entries
> $ getfacl foo
> ~ > getfacl foo
> # file: foo
> # owner: 500
> # group: 544
> user::rw-
> group::rw-
> mask::rw-
> other::rwx
> 
> !!!! the user:: perms were applied to other::, and the group perms 
> didn't take effect. (And, of course, the other:: and mask:: perms 
> commands failed)
> 
> What gives?  I do NOT understand ACLs.

Hmm, obviously `setfacl' doesn't understand ACLs as well...
Thank god we have the sourcecode in the utils subdir.

Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Developer                                mailto:cygwin AT cygwin DOT com
Red Hat, Inc.

--
Want to unsubscribe from this list?
Check out: http://cygwin.com/ml/#unsubscribe-simple