X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:reply-to:subject:to:references:from:message-id
	:date:mime-version:in-reply-to:content-type
	:content-transfer-encoding; q=dns; s=default; b=vmUblS1Dav+5S6CX
	veygn4M31lbvOnz0lsrO/k9wA3LM1lVSxDIOPqz4kJRES7+b48km4jRA3BbMwkrR
	H+15DQldWoyYo6DnTnBdm2PQiAfVwCkOd8HUwtAKFlCZ1Efe+O1XUx4Anlg2nN9+
	yChCJepVg6ZgwXMun2xyZh8vqbk=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:reply-to:subject:to:references:from:message-id
	:date:mime-version:in-reply-to:content-type
	:content-transfer-encoding; s=default; bh=pO0fWl7AWG1iRHwT/BjxAB
	+pP+o=; b=fWWp6pbLD9OIm3AkqIEa3+AE/WdzekVK+pzkws56R5yyy0zb4Xq0HV
	eey315Ec3B6TLMrKLSAJ1mP4NBr/oh0nCs6yHxra5klDGaEFKhHOB1P2v7LTl4Qv
	sotJB+5a29zUOI+et8IbsnsEcLW6FLMQlGf+bZqAkoSdm/yFoxqtw=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-6.4 required=5.0 tests=AWL,BAYES_00,GIT_PATCH_2,SPF_PASS autolearn=ham version=3.3.2 spammy=Greetings, SYSTEM, H*Ad:D*edu, gotchas
X-HELO: mailsrv.cs.umass.edu
Reply-To: moss AT cs DOT umass DOT edu
Subject: Re: umask problem: wrong permissions for new files
To: cygwin AT cygwin DOT com
References: <20180420100357 DOT GA21217 AT rus DOT uni-stuttgart DOT de> <6cd38c2e-2271-aaee-3263-babf905325c1 AT SystematicSw DOT ab DOT ca> <20180426143827 DOT GA27620 AT rus DOT uni-stuttgart DOT de> <1823587349 DOT 20180427115440 AT yandex DOT ru>
From: Eliot Moss <moss AT cs DOT umass DOT edu>
Message-ID: <0d4824ff-5f23-1c16-a952-97bf4521aefd@cs.umass.edu>
Date: Fri, 27 Apr 2018 05:26:56 -0400
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <1823587349.20180427115440@yandex.ru>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes

On 4/27/2018 4:54 AM, Andrey Repin wrote:
> Greetings, Ulli Horlacher!
> 
>> On Fri 2018-04-20 (07:25), Brian Inglis wrote:
> 
>>> Cygwin supports Windows ACLs as POSIX ACLs, which are also supported by
>>> Linux. Use setfacl to set similar default ACLs (DACLs) on a Linux
>>> directory, rerun your test there, and you should see similar results.
> 
>> (How) can I completly remove ACLs from the cygwin files and directories?
> 
> You CAN, yes.
> However, you will lose any way to access the files, as explained below.
> 
>> The standard UNIX permissions are sufficent for my needs and much easier
>> to handle :-}
> 
> "Standard POSIX" permissions are insufficient even for most basic operations.
> They survive only because removing them would cause even more harm, than
> letting them sit around.
> 
>>> *Never* remove DACLs from any Windows directory which will *ever* be used
>>> with any non-Cygwin Windows program: /undefined behaviour/ will result.
> 
>> Uuups... thanks for the warning!


Let me add this ...

What mostly work for me (occasional gotchas) is this:

I am "moss" and I added a group "Cygwin".  I have admin permissions under Windows.

A typical file acl for me has owner moss and group Cygwin - sometimes I have to
set these manually, particularly if they are created by a Windows program.

Also, typical acls for files print out as:

# owner: moss
# group: Cygwin
user::rw-
group::rwx                              #effective:rw-
group:SYSTEM:r-x                        #effective:r--
group:Cygwin:rwx                        #effective:rw-
mask:rw-
other:r--

This corresponds to Posix permissions 664.  The SYSTEM thing helps insure that
Windows programs, such as my backup program, can read the file.

Here is a typical directory acl:

# owner: moss
# group: Cygwin
# flags: -s-
user::rwx
group::rwx
group:SYSTEM:r-x
group:Cygwin:rwx
mask:rwx
other:r-x
default:user::rwx
default:group::rwx
default:group:SYSTEM:r-x
default:group:Cygwin:rwx
default:mask:rwx
default:other:r-x

This is more complex since it is intended to propagate useful permissions to
files crated within the directory.  It is the default entries that help do that.
Note the -s- flag, which encodes the 2000 (set gid) bit of Posix permissions,
enabling propagation of default permissions.  This directory's Posix permissions
are 2775.  Again, the SYSTEM entries are important for me.

A typical file created by a Windows program (Word, in this case) ends up with
this acl:

# owner: moss
# group: moss
# flags: -s-
user::rwx
group::---
group:SYSTEM:r-x
group:Cygwin:rwx
mask:rwx
other:r-x

The Posix permissions read as 2775 (rwxrwsr-x).

Some people like this way of setting things up, some don't.  As they say, YMMV.

Regards - Eliot Moss

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple