X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:references:to:from:message-id:date :mime-version:in-reply-to:content-type :content-transfer-encoding; q=dns; s=default; b=as4bAM9LjR6O6CVk HpzY4QuMPAMjEOpWd5U8lwG8grpqTwuuMf/lv7ewrU2xBqzrK2eDAztw9G0PGvmj tyuVxBi/Wh0LNjd32merzDqEoVefGH1N9z0xfOqfqGy0OQBqpn9rGSqGDR7GfMxr yfnYxb8fgpyQFqpaujITFAy0IYI= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:subject:references:to:from:message-id:date :mime-version:in-reply-to:content-type :content-transfer-encoding; s=default; bh=XRj7qUwsn+UmrN3bLWiaEA Z6bQY=; b=XxCWUPMSrqdsGCdPqpkq6bKr+gYbWCyU7sUXGm2KY36oIa2KnqoJ8L Zff0/eU4DRbetvsjQdpzz8QGFgO5c5JNPRm97g330HkG8UCTDY4z7r6K5O869+5l vYHjm3NWDLObQPR302YrBV1QNNfMSB6vdJa7q1jnF1Xr8LFOUNgUA= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-6.7 required=5.0 tests=AWL,BAYES_00,FREEMAIL_FROM,GIT_PATCH_2,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.2 spammy=lan, 545, H*Ad:U*don, Enterprise X-HELO: mail-pf0-f175.google.com X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:subject:references:to:from:message-id :date:user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=31YRNXAm5s/3T4+4MKLfi9uyBAaV+i+7f9trTZum8VM=; b=ddGd1FoFhmyjB0UwzpcNQQaiEADX5Yio7KzCHpH8KOqK/JJ7fSpWrMG6eRE3XGt+GX TO/NUS7LFvLI9fCqcWdGOpxvQ4TH+d985QhOmHML3XMV9Dm+e8cNRfHjxCiwO/T0bglJ Aq7EH0N448JJb8dnImEbu+E1whYg7evi9b4AbKtYfM7RLBzsLLKOa5/8aQOQ19B0K7AZ OEwk6MFd9VSM3yVJGkBRzYhhX02xKOklktqqdGwqWS1RBn9tGBIrYvAEW/qzJz5j6LZU f+CuCAFz8nSvS88qWdd3CpyT3rp5ehznYqauqWIZaeWID0oS5u+I+guoNmZlvI4jP3Xu p2+g== X-Gm-Message-State: AMke39mCu3xrPtEKlezwbbs13BeNTvl5vsMDPhAlBdma0HMuZ7Z7Go5LAV6ZAjP3TFMRfw== X-Received: by 10.98.160.84 with SMTP id r81mr21266922pfe.71.1489152983406; Fri, 10 Mar 2017 05:36:23 -0800 (PST) Subject: NTFS permissons bug? References: <3b0c4285-0e88-ac73-b1c4-63ce193920cb AT beusee DOT com> To: Cygwin From: Don Beusee X-Forwarded-Message-Id: <3b0c4285-0e88-ac73-b1c4-63ce193920cb AT beusee DOT com> Message-ID: Date: Fri, 10 Mar 2017 05:40:21 -0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <3b0c4285-0e88-ac73-b1c4-63ce193920cb@beusee.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit I'm having a problem with openssh on cygwin. When I'm logged into windows, things are fine, even in a cygwin64 window: dbeusee2 AT lan /e $ cd ppscvsroot/ dbeusee2 AT lan /e/ppscvsroot $ id uid=1049863(dbeusee2) gid=1049089(Domain Users) groups=1049089(Domain Users),545(Users),4(INTERACTIVE),66049(CONSOLE LOGON),11(Authenticated Users),15(This Organization),66048(LOCAL),1050040(vpn-demo),1050138(CVS-PPS users),1049743(PPUser),1050137(CVS Users),1049741(Sharepoint AllUsers),401408(Medium Mandatory Level) dbeusee2 AT lan /e/ppscvsroot $ getfacl /e/ppscvsroot/ # file: /e/ppscvsroot/ # owner: Administrators # group: Domain Users <--------- where is this coming from? I have removed this from the permissions! Is this cached somewhere? user::rwx group::--- group:SYSTEM:rwx group:CVS-PPS users:rwx mask:rwx other:--- default:user::rwx default:group::--- default:group:SYSTEM:rwx default:group:CVS-PPS users:rwx default:mask:rwx default:other:--- dbeusee2 AT lan /e/ppscvsroot $ ls -ld /e/ppscvsroot/ drwxrwx---+ 1 Administrators Domain Users 0 Mar 9 19:02 /e/ppscvsroot/ dbeusee2 AT lan /e/ppscvsroot $ But when I ssh into it, things are not fine: dbeusee AT pp165 ~/.ssh $ ssh dbeusee2 AT lan Last login: Thu Mar 9 20:30:05 2017 from 192.168.104.74 dbeusee2 AT lan ~ $ id uid=1049863(dbeusee2) gid=1049089(Domain Users) groups=1049089(Domain Users),11(Authenticated Users),66048(LOCAL),66049(CONSOLE LOGON),4(INTERACTIVE),15(This Organization),545(Users),1050040(vpn-demo),1049743(PPUser),1050137(CVS Users),1049741(Sharepoint AllUsers),401408(Medium Mandatory Level) dbeusee2 AT lan ~ $ cd /e/ppscvsroot/ -bash: cd: /e/ppscvsroot/: Permission denied dbeusee2 AT lan ~ $ ls -ld /e/ppscvsroot/ drwxr-x--- 1 Unknown+User Unknown+Group 0 Mar 9 19:02 /e/ppscvsroot/ dbeusee2 AT lan ~ $ I noticed in the "id" output in the problem ssh session, this group is missing: "1050138(CVS-PPS users)". Could this be the reason? Is sshd not doing group recursion? The dbeusee2 username is a member of CVS Users, which has access to more CVS repositories than CVS-PPS Users. And what's up with the Unknown+User and Unknown+Group in the ssh session's ls command output? This system (lan) is running WS 2016 STD. CVS Users group is a member of CVS-PPS group in AD (WS Enterprise 2003 R2). The ppscvsroot folder is given access to CVS-PPS Users group. Domain Users used to be granted to ppscvsroot, but I removed that so that CVS-PPS Users would control the access. Why am I not able to access the folder from the ssh session? How do I solve this problem? Version of OpenSSH (from cygwin) is: dbeusee2 AT lan ~ $ ssh -V OpenSSH_7.4p1, OpenSSL 1.0.2k 26 Jan 2017 Version of cygwin: dbeusee2 AT lan ~ $ uname -a CYGWIN_NT-10.0 lan 2.7.0(0.306/5/3) 2017-02-12 13:18 x86_64 Cygwin Please advise. -Don -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple