X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=uQxTsd2YEJiKeP3Tl4Wvu5BVbDrUfEFl7BjtNCrnfFxAkmRFTIGeu u1+TtfFyAK8XZVhUbrWxxlb8k4bCSrfLpgv51t65OVJoJsGj2WlAMBPlseOXsQP4 4BZ5+B6hwanMSLNvVXP9zQGyGhIY95Wi7gkD/u5a5RXyKv9Xa0Ha4Q= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=yShyHWt85ZqSOwW5SWbcdKC9u0A=; b=ScySI8TrnZmpbXCPqUk8XxbAf7F/ LhZdL4bjKcVN2jmTJQSlmXGmYOd5wKa97FA9tk+a8XSVupNb8JeoBMgzp3gNuehE EUDJ2fMkBrHxws1+w1+iRI0aUENwI0LcluXx3qy9ZRhpKDXOFZH221qcONibRKD+ skOZxkDqsA5fya4= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-93.1 required=5.0 tests=AWL,BAYES_40,KAM_LAZY_DOMAIN_SECURITY,KHOP_DYNAMIC,RCVD_IN_BRBL_LASTEXT,RCVD_IN_PBL,RDNS_DYNAMIC,USER_IN_WHITELIST autolearn=no version=3.3.2 spammy=filetype, ace, H*MI:sk:5695EC0, H*f:sk:5695EC0 X-HELO: calimero.vinschen.de Date: Wed, 13 Jan 2016 16:12:49 +0100 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: [ANNOUNCEMENT] TEST RELEASE: Cygwin 2.4.0-0.18 Message-ID: <20160113151249.GM15034@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <5695EC0F DOT 7010103 AT gmail DOT com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="3MMMIZFJzhAsRj/+" Content-Disposition: inline In-Reply-To: <5695EC0F.7010103@gmail.com> User-Agent: Mutt/1.5.24 (2015-08-30) --3MMMIZFJzhAsRj/+ Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Jan 12 22:17, random user wrote: > Something I wasn't aware of at the time of our prior discussion is > that the Linux NTFS-3g driver already supports Linux extended ACLs > on NTFS. This is discussed at >=20=20 > http://www.tuxera.com/community/ntfs-3g-advanced/ownership-and-permission= s/ >=20 > I explored taking a flash card back and forth between Cygwin > 2.4.0-0.18 and a Linux system, testing how each interprets what the > other wrote. >=20 > I find they don't seem to interpret each other's per-group and mask > permission bits correctly when creating their Posix interpretation of > an NTFS ACL. >=20 > I also find that somehow setting extended ACLs on Linux for a > directory is causing Cygwin to then see that object as a socket, if > I'm reading the below correctly. 'ls' on Cygwin won't descend into > that as it normally would for a directory, > bash: cd: dir_acl: Not a directory > results when attempting to cd into it, etc. >=20 > I don't know how common such uses are, but I do use both Cygwin and > Linux on the same flash cards and external disks. If they are both > going to support Posix-style extended ACLs written to NTFS, it'd seem > nice if they could do so in compatible ways. Cygwin is trying to create an ACL with least possible entries while at the same time being POSIX compatible. Apart from the NULL SID deny ACE to keep mask info and special bits, it's a pretty normal ACL. It's a bit late now to change how Cygwin constructs and evaluates ACLs. I'll take a look into the dir vs. socket thingy, but no guarantee that I can change that for 2.4.0. > bash 1 34 # ls -al > total 0 > drwx------+ 1 sally sally 0 Jan 12 20:42 . > drwx------+ 1 sally sally 0 Jan 12 20:40 .. > srwxr-----+ 1 sally sally 0 Jan 12 20:42 dir_acl > -rwxr-----+ 1 sally sally 0 Jan 12 20:42 file_acl > -rw------- 1 sally sally 0 Jan 12 20:41 file_simple Weird. The only way to set the filetype to socket is if the file is a Cygwin symlink (file with system DOS bit set and starting with the string "!". > [...] > bash 1 41 # getfacl dir_acl > # file: dir_acl > # owner: sally > # group: sally > user::rwx > group::--- > group:julia:r-- > mask:r-- > other:--- > default:user::rwx > default:group::--- > default:other:--- > [...] > bash 1 42 # icacls dir_acl > dir_acl CYGWIN\julia_ug:(NP)(DENY)(W,Rc,WO,X,DC) > Everyone:(OI)(IO)(DENY)(S,X) > CYGWIN\sally:(NP)(F) > CYGWIN\julia_ug:(NP)(RX,W,DC) > CYGWIN\sally_ug:(NP)(DENY)(W,Rc,WO,X,DC) > Everyone:(NP)(Rc,S,REA,RA) > CYGWIN\sally:(OI)(CI)(IO)(F) > Everyone:(OI)(CI)(IO)(Rc,S,REA,RA) It will be hard to reproduce such an ACL. It's just as non-standard as a Cygwin ACL, just differently so. What bugs me is the deny ACE for sally_ug which looks pretty weird to me. Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --3MMMIZFJzhAsRj/+ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWlmlxAAoJEPU2Bp2uRE+gsDoP/0d/WdIyRmkcmXpxzAwEaoSD WAokRaxJy6ZanxkSZzbJ/AIMbpPtsMt2ZXDF/UcMnWzRH9iy4vXd2hGAakV7C9hb rfOQ6PCEMy0fLs1J3q08k6QD3ypQJX3394RifsDlJgSXlhQXzbuJUekeF0glR+6D FCPjUxUCYXYAkX2InSpxUtBNjYI/1+Q+WCQ7V2LOCIPNhmOnDwh78ngCMOXoxwZ0 TDffUbup0i99F9GzvJ5OsQgxYqKQbN4h2DYOkJGsaxSBQ879g7cOZQvKe4CUuC+/ Li9K43VOqJqAL1oZp/8+Hp9A+no5coRNQwYSORMcCEkPHv9GlaBCMiNWyZQGoUhr 7pn+prMb3A4Dqo0Yjya/iUX1utFAPgObrG2AVjopXcObqkgg9riq6ulda5qLjJKg 832vDM4p6Rs5rUGLwh98zIJ/2cPLq1/SmRi5WjbiShBr8T9BE+IPKT7uZPsU8o5O QFINQ5FIseflBzroQrr+KoFxDS8NY+1tBbPhrsZZiDKz8LvkFYefUd1dIjoOKSrw G96TcsWexeicbF7UFOmmEHWXWvOaLaUo3jPvb5WPGSzj4ohU2mtWUxj5EVHjOfuJ D4PzLkH6wmDAlWPZ03+nE05vvedsKlJSZ1QzIbIXQe6x3yubtGaQOovF0US0GPsU aOqseUiKgMUoPtXohdiG =vqjy -----END PGP SIGNATURE----- --3MMMIZFJzhAsRj/+--