X-Spam-Check-By: sourceware.org From: ericblake AT comcast DOT net (Eric Blake) To: cygwin AT cygwin DOT com Subject: Re: sshd, /etc/hosts.allow, & Alternate Access Methods Date: Thu, 23 Feb 2006 18:09:35 +0000 Message-Id: <022320061809.28557.43FDFA5F0009806700006F8D22007374780A050E040D0C079D0A@comcast.net> Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com > > Cygwin isn't ACL-aware, and file creation operations don't retain the > original ACLs -- Cygwin constructs them anew to reflect the permission > mapping. See . > To make sure you keep the ACLs, use an editor that edits files in-place, > rather than making a copy (e.g., vim). Actually, it is more accurate to state that most applications on cygwin aren't ACL-aware. CVS coreutils (which will someday become coreutils 6.0) has a patch currently undergoing testing that makes cp, mv, and friends ACL-aware, such that copying a file with ACLs will be able to give the new file the same permissions. At any rate, I have not yet had time to play with those patches to see if they need some more fixes as part of porting the eventual coreutils 6.0 to cygwin. However, you are correct that one of the biggest limitations currently in cygwin's ACL implementation is that default ACLs attached to directories are not applied to new files created in those directories. It may be that vim also needs to be taught to be ACL aware, and that when editing a file with ACLs and creating a replacement, it should put the same permissions on the replacement as the original. But I leave that to the vim maintainer to track down. -- Eric Blake -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/