X-Recipient: archive-cygwin AT delorie DOT com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 2608B385781D
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
	s=default; t=1605380846;
	bh=qH2vk1c2iwC7lqCObfgpXtC59+GI8uEaV6PbCLYhSLE=;
	h=References:In-Reply-To:Date:Subject:To:List-Id:List-Unsubscribe:
	 List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:
	 From;
	b=uF7fWZieka12VmTQ+jQKxn39Qeh+Jhlc1J51BvtOOrwHzhTQeMpBliiVJJvPshHTe
	 brqAcarKPQptQqQSSDnV2ZQx0pqTul34qxckbcmciAPonI71H06zp3sTZUP3Mqk+Oy
	 R0H46BurZYgO86qWmyhvGsxM0dIZss1uG354j8UQ=
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org AB7813858025
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to;
 bh=HEF0L+7bTn2Pir3Cfdxeo0znlNGq/2QWuF4eyY6uHVE=;
 b=c0GwizUUba8IDxIrmzVmUlS2dX9abGnB6gCadRPfIgFaYJfdQJRZ6IM8/v4xtYbvjg
 WY5C3tOhej6QE1j6dombgiodNc9pklyAKXhDVoP7ZVLbxCFSWfTUAz7yFYVcVT4JeOhi
 sAnYOLdyc/epwq+xc4kZfFMJdoGgV4qtyIS1EFT1njhplO/jOFpJj7Wduif0kKErhI0+
 Er/yvp4RSNrsx5Qo3MPcrORPl3T8zlX1jgo659XTsyOn5eg3ClKc7KgqFSzSqGEgJJq/
 +M3Oits+Fhw++BqXYXHmZ+A8j44kn+Ai/P95QM8wZrsjoBvXXBGFMsoO91RHT56RG/db
 I/tw==
X-Gm-Message-State: AOAM533/H2f3Aty6UM27sPGNU+Gy072E0u//9hKUeMBgUQnkeBqtBCou
 mGK+BNuQduhoaBe3zLAA+ZsXJn95jf2zsvBS+7jZuXi0
X-Google-Smtp-Source: ABdhPJzARBRqIZCTGnb5Fcqzh1RIby5u+hHg2i2XcUfH1KCJxxBbfHyRRcLnMhOxZPxbM6HZYzRtRCuSEN8EgIWN7ok=
X-Received: by 2002:ab0:778b:: with SMTP id x11mr3198452uar.116.1605380841826; 
 Sat, 14 Nov 2020 11:07:21 -0800 (PST)
MIME-Version: 1.0
References: <CAEMWCRvXcD+5WSB0YKD0sPmHxxyvF5_goA7VyoihuMu7EqsXJw AT mail DOT gmail DOT com>
 <CAEMWCRv8QTjp3Wrw5oobW-JT4gi71U5kdAx0xf=sMWuyKug5=Q AT mail DOT gmail DOT com>
In-Reply-To: <CAEMWCRv8QTjp3Wrw5oobW-JT4gi71U5kdAx0xf=sMWuyKug5=Q@mail.gmail.com>
Date: Sat, 14 Nov 2020 14:07:14 -0500
Message-ID: <CAEMWCRt3abuM3qPq+qxf0xCo+ztARNXkmU9rbdN6Bf_y5NOxEg@mail.gmail.com>
Subject: Fwd: Switching to posix with no acl
To: Cygwin <cygwin AT cygwin DOT com>
X-Spam-Status: No, score=-0.8 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, HTML_MESSAGE,
 RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.2
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 server2.sourceware.org
X-Content-Filtered-By: Mailman/MimeDel 2.1.29
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.29
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From: Jim McNamara via Cygwin <cygwin AT cygwin DOT com>
Reply-To: Jim McNamara <nefariousscheme AT gmail DOT com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: "Cygwin" <cygwin-bounces AT cygwin DOT com>

---------- Forwarded message ---------
From: Jim McNamara <nefariousscheme AT gmail DOT com>
Date: Sat, Nov 14, 2020, 1:37 PM
Subject: Fwd: Switching to posix with no acl
To: Cygwin <cygwin AT cygwin DOT com>




---------- Forwarded message ---------
From: Jim McNamara <nefariousscheme AT gmail DOT com>
Date: Sat, Nov 14, 2020, 12:57 AM
Subject: Switching to posix with no acl
To: Cygwin <cygwin AT cygwin DOT com>


Hi all

Since there are no adduser or addgroup, I guess I'd create those files
manually off /etc.

Then I'd run passwd.

After that put in /etc/fstab

none /cygdrive cygdrive binary, posix=0, noacl, user 0 0

Close all processes.

That would give me a posix permission set up, right?

I read something about windows ignoring some dos bit with a file permission
but that is outside of cygwin...right?

Lastly, with acl you open an administrator cmd shell. With posix can I
escalate to root and stay away from admin cmd shell?

Is anyone else using posfix setup in general or mostly acl?

Thanks for any help!
Roboloki

Sat. Nov. 14 1:35 pm

Hi all-

I found in the manual about the execute bit permission being ignored in
filesystems with acl. That answered one question above. I can just take
advantage of how exe heuristics work.

If I find myself in a position where it needs administrator rights via a
shell, will it interfere with my posix permissions, users, or groups once
the /etc/groups and /etc/password and fstab are already setup?

Did the fstab entry above look okay for posix permission?

Thanks for any assistance !
Roboloki

Sat. Nov. 14, 1:45 PM

HI all -

I had a privilege escalation window come up for instance when running a
system supplied configure script for sshd ( I think ). It gave the choices
yes or no prompting to choose carefully for noacl permission mode or acl
translation setup. I think that prompt is very good. Will it (administrator
mode) always at least ask or identify which type of setup if required?

Thanks as always,
Robo-loki
--
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple