X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:message-id:date:from:reply-to:mime-version:to :subject:content-type:content-transfer-encoding; q=dns; s= default; b=PfzzB5yr06rUq2Aq9ZIAfGcKevlw4cKYokuI7x39YW/KR2hkZnVWf nuDhrmGiKF9Iq3WQth8ADV+d+S5kndddQOB+SDNJnVOdPqGZMt7ugiGgWY4YIoFB dEt9IG73V7F6j9JWr0exg3zRw4tsB4qBb6SFB6eTjXWaNhKL38RRbE= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:message-id:date:from:reply-to:mime-version:to :subject:content-type:content-transfer-encoding; s=default; bh=C vJSAZwmwZESHoiU7SnUSlIhNrs=; b=d2cT5aEJ2tyZDcZMNz0PP8BaQoWnAZv1x kVUlU2ZkzBRM3fMnXnv5uHnB3UsqdJ69IWOA9thMVA2c7Psjp0vldMS1B056vA09 apOrzbIrXcbX1H/i/BSoBdY/70QitciGSEVUqK/L53oEwEUhtrxLvibBxvM0OP3i f7wHBbMtKU= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00,T_RP_MATCHES_RCVD autolearn=ham version=3.3.2 X-HELO: csmail.cs.umass.edu Message-ID: <551A13D8.1030701@cs.umass.edu> Date: Mon, 30 Mar 2015 23:26:16 -0400 From: Eliot Moss Reply-To: moss AT cs DOT umass DOT edu User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.5.0 MIME-Version: 1.0 To: cygwin Subject: More about permissions Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-IsSubscribed: yes Dear Cygwin community -- Along with some others, I've been struggling a little to accommodate the changes to permissions handling that came lately. I think I about have it figured out to work mostly Unix-like within my cygwin tree, but have one remaining thing I am wondering about, even though I have been through the ntsec document more than once. (I think everyone will admit that this is complicated :-) ...) - I have created a new group, that I call Cygwin, to be the typical group of cygwin-related files, so that I can control group permissions appropriately. I am a member of that group. - I have found that if a directory is chmod to 2755 (2000 == set gid) and the directory's group is Cygwin, then cygwin-created files in the directory get group Cygwin. (This was not necessarily happening before.) To get this to happen, I had to list the sid of the Cygwin group as my group in my line of the /etc/passwd file. Otherwise the group would be me, which does not seem to allow the same differentiation of user versus group permissions. - I could not find an explanation of the 'mask' list by getfacl. Near as I can tell it is not really settable, although setfacl does not complain, and it is the OR of the permissions of the various groups. Now, to what I would like to do. Ideally I want SYSTEM to have rwx access to everything. Seems a generally good idea on Windows, and at least r permission on files and rx on directories is needed for my backup program to access things. But if I get group:SYSTEM:rwx and default:group:SYSTEM:rwx, then ls always lists rwx for the group part of any such file, and chmod, if applied, affects SYSTEM's access bits. What I'd like is for SYSTEM's role here to be hidden. If there are any files where I want to restrict SYSTEM, I can use Windows tools or setfacl to manipulate them. Is this simply not possible with the new scheme? Regards -- Eliot Moss -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple