X-Recipient: archive-cygwin AT delorie DOT com DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; q=dns; s= default; b=rdAvf65k6nkRI7Re3GWytoZbgojHwP+WSm7UVPnQ+kgOHs7lo3F9Y NvI70+l6I7/a5f5Y3WUYLua9bmGR1JtAjxsGzSVHdD4hibFvky1/D4trd73kgrkc 09PSWbFLjBAmEKfocDiAaxzEJUt351xdZVoshpCidqjJbN2A9SWHfA= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id :list-unsubscribe:list-subscribe:list-archive:list-post :list-help:sender:date:from:to:subject:message-id:reply-to :references:mime-version:content-type:in-reply-to; s=default; bh=tIJHzFauR33XEY1I/otUXuJ3u+s=; b=KLGORbNVGfQLabGDamxuEKshLXp2 ZN0MlLVlfWgqQyfV905w9lUfB6gRfpDqMij5OzPPgVVu3rLpzfS+G+BP3FJfl/hg bh+NWSLTUnnj0TWHs4IZ7kaj2wBXO0nsK3tIpuDcGjCLJ911mS4dq9/7D/vyZaVb +ucpZGGiGvlsUdY= Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-106.2 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_2,GOOD_FROM_CORINNA_CYGWIN,KAM_LAZY_DOMAIN_SECURITY,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2 spammy=rights, accounts X-HELO: mout.kundenserver.de Date: Wed, 11 Apr 2018 11:34:43 +0200 From: Corinna Vinschen To: cygwin AT cygwin DOT com Subject: Re: [Bug] File permissions across domains Message-ID: <20180411093443.GM29703@calimero.vinschen.de> Reply-To: cygwin AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com References: <874lkjt3dw DOT fsf AT Rainer DOT invalid> <20180411070312 DOT GK29703 AT calimero DOT vinschen DOT de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="uJWb33pM2TcUAXIl" Content-Disposition: inline In-Reply-To: <20180411070312.GK29703@calimero.vinschen.de> User-Agent: Mutt/1.9.2 (2017-12-15) X-UI-Out-Filterresults: notjunk:1;V01:K0:vnO+P0Jgtw0=:8PJcdpt7qdp8JiT7KLtVIK zOgX7hw/1idYNSmkHh3ce/HPBbHNd/RbzZq+IEfP0YK4mKBkDzIDLk0VmJpxd1t/ZWagB8wJM k7orfuwxi6T0PXFjFOZrvjZdHz+hBj2vhpHgVDcYsJ70kaWfQRlN4RO+32RXMoU/dEhWF1NFT qObW/FeI+49yvs2zQqB9OpnuCWKdD+8cdDT6nx5rkOObsAWAyURQZ6GTxMi8HNOgUJKP1tGuA FKwGDcTjfXZglFMJeYQy2XU6e2kSSTshP/nNgMZXd25A0zCU7OHfAZPXIeNu+H5dAz3pE8SDb scSgvBNBQAW08lgo/vP6MBeYwL+MPYQz6MfxUWfkZuk98ElsPvOkqopXi1EASnudl5lq+I9Em /LCBBj9AYPSkm1N3SJVq5zARMJufTfcxvsW2DyTWPduIgd0GcNOv5JNC2o8SvnQd7l5KTpRij irPU9JDpsyxBZgWmbP4lJ3SVmn03uHL5HJ9NVehfj1VzonzcboWPY1nMdhstEi5u06AhZ3Ylh qpj4d1LU6lIvNiKyEspJIMpr6zug3GeA/aje6+fAE6hpR2I6oxPt7c2+qry0ytGsibA9EG+L5 9LiPw/LmSKG3N9K2ui4RPq9Kpha7roOpadR3DDTTWqI0pMUplgV+Rb5yZrHMZ3F54hXvQxrqY BbD5ZU/u++0NoZmiUhJc6EvH1d/lAdmgc2Nb8ThgSYEpWyU3AXkiZP5kgh9LallIY96Fx+/cW PxNh0d3eKuRenTNeKmtLdTdp+kwgI+xGpnFexA== --uJWb33pM2TcUAXIl Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Apr 11 09:03, Corinna Vinschen wrote: > Same here, belong on the Cygwin ML. Redirecting. >=20 > Corinna >=20 > On Apr 10 18:47, Achim Gratz wrote: > >=20 > > We're in the midst of switching to a different LDAP domain > > organisation. All my accounts still arein the old domain and that leads > > to problems when lookking at shares from a mchine in the new domain: > >=20 > > --8<---------------cut here---------------start------------->8--- > > (1027)/mnt/upload > touch bla > > (1027)/mnt/upload > getfacl bla > > # file: bla > > # owner: OLD+gratz > > # group: OLD+Domain Users > > user::--- > > group::--- > > group:OLD+cygwinupload:rwx > > mask:rwx > > other:--- > >=20 > > (1028)/mnt/upload > ls -l bla > > ----rwx---+ 1 OLD+gratz OLD+Domain Users 0 Apr 10 14:41 bla > > --8<---------------cut here---------------end--------------->8--- > >=20 > > So Cygwin correctly figures that I'm the owner of the file, but fails to > > translate my access rights (via group OLD+cygwinupload) into the owner > > part of the modes like it does when I look at the same file from a > > machine in the old domain. That in turn confuse sprograms that check > > the modes before the ACL (like Git) to tell me that I can't access the > > files (or that there is no repository in the case of Git). This is a bit low on detail. What does icacls say about this file? How does getfacl report the ACL on a machine in the old domain? What does ls -l report on the file on both machines? Does an strace on getfacl report an error in ACL checking? Thanks, Corinna --=20 Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat --uJWb33pM2TcUAXIl Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEoVYPmneWZnwT6kwF9TYGna5ET6AFAlrN1rMACgkQ9TYGna5E T6Aorw//en6ASTyntON+i3c1t6rTuOUFmZtOPO8USzOevqLz+y0bCf4ETpNgRnw8 B5e+yT3An6O9Sx3j7rgl2X9YjyKVbvw+mZ3L3OmXUOQHwF8fAGkSU5rqYqGU2Lnf Uj+5PMqCa9TiTXa90pUX5rVz7RarX5klph2AWWG2bXeGNBll2hjFh+lwW42CeqOt 6zVqqAWp52a2gwtWjh2Et5VUKqDPRsyxstfp/rleIN+WfjhYc9TJrZrudtWLr2G0 HiPQAYe6/kksB6baRErWTjRmckq5r6WrmJbTXde5s5h/0/3UaLdVdbwDhCOFT0Gy uf85rLieH7/RjY7wIbpj0DDs2YoMg3iDjDKVWdL/1Kw1o/EMNWt6KQpvNm3QhMXG P4OZ6HhkP9hm8akzNQIFZtdWjXftyBCoonxv//lx1hV+O6kIy2qOydvLXwKGKPKj a+EaxcuTAOqTP6ccGkxsoleGfEusq01mG7SuAtUUOa6bWq7qt3qr22+X7XKVWari tCaVLDJN1BbHHo81atvxOHnwrO0b3i8Hsa59aw9gdx6S9V7nNcY9j5d3W/CK0cvS H1hQMSCzrtgOgTMj5skNUbINTAnzYK3q8CMD0TIuGckieCKstjZj+uTcqJ3JQ91M 80TCRjgc0D+x9CPN/py5nQj8L9J0nopQA5MslTY1y8ovUfO99Fs= =9h8R -----END PGP SIGNATURE----- --uJWb33pM2TcUAXIl--