X-Recipient: archive-cygwin AT delorie DOT com
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 08A603858408
Authentication-Results: sourceware.org;
 dmarc=pass (p=none dis=none) header.from=yandex.ru
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=yandex.ru
X-Yandex-Fwd: 2
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail;
 t=1656633903; bh=UhwwdaEy4ZzBJxuf81LnAUnKpcX9RCLJqF39/j0wj7c=;
 h=In-Reply-To:Subject:To:From:Message-ID:References:Date:Reply-To;
 b=nb/PChMSaN5ZnKwipjIPKc78gide4lLE9/V7UG3HgKadb+OfvxtXhuYXfBzQazXjB
 GS+P6/V6rhKNbFRUWYiegXupkVQr1RspRc7pKqKY5sq4b17kg+itZlgkKyrvGwZUDX
 QuJ9Nwbd2r2Y6PSk3R8Stt3S6Ar01RgC/Y+jASYM=
Authentication-Results: myt5-a76c7b0c543c.qloud-c.yandex.net;
 dkim=pass header.i=@yandex.ru
Date: Fri, 1 Jul 2022 02:56:01 +0300
From: Andrey Repin <anrdaemon AT yandex DOT ru>
X-Mailer: The Bat! (v9.3.4) Professional
Message-ID: <463526579.20220701025601@yandex.ru>
To: Norton Allen <allen AT huarp DOT harvard DOT edu>, cygwin AT cygwin DOT com
Subject: Re: chmod g+s ineffective
In-Reply-To: <7964c08d-83cb-aab3-5d1c-4a5f0a86bf0a@huarp.harvard.edu>
References: <9c053381-4466-ea8a-11d6-ea2e676d3b35 AT huarp DOT harvard DOT edu> 
 <792558531 DOT 20220629153952 AT yandex DOT ru>
 <dd5e2750-5d86-0283-84fb-ef10efd4a8a0 AT huarp DOT harvard DOT edu>
 <7964c08d-83cb-aab3-5d1c-4a5f0a86bf0a AT huarp DOT harvard DOT edu>
MIME-Version: 1.0
X-Spam-Status: No, score=0.4 required=5.0 tests=BAYES_00, BODY_8BITS,
 DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM,
 KAM_THEBAT, NICE_REPLY_A, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_PASS, TXREP,
 T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Unsubscribe: <https://cygwin.com/mailman/options/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=unsubscribe>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
 <mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
Reply-To: cygwin AT cygwin DOT com
Content-Type: text/plain; charset="utf-8"
Errors-To: cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com
Sender: "Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com>
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from base64 to 8bit by delorie.com id 26105Y7L022857

Greetings, Norton Allen!

> On 6/29/2022 9:18 AM, Norton Allen wrote:
>> On 6/29/2022 7:39 AM, Andrey Repin wrote:
>>> Greetings, Norton Allen!
>>>
>>>> On one machine I have, chmod g+s fails to set the sticky bit. The >>> command
>>>> does not return any error, but ls -l continues to show the bit not set.
>>>>      $ mkdir foo
>>>>      $ chgrp flight foo
>>>>      $ chmod g+ws foo
>>>>      $ ls -ld foo
>>>>      drwxrwxr-x+ 1 nort flight 0 Jun 29 06:50 foo
>>> ----------------^
>>>
>>> $ getfacl foo
>>
>> I will collect this shortly, but IIRC, getfacl showed it was not set. > I did see it set there under 'flags' on the system that works.

>     nort AT EAS-SOFTWAREE1B ~
>     $ ls -ld foo
>     drwxrwxr-x 1 nort flight 0 Jun 29 06:25 foo

>     nort AT EAS-SOFTWAREE1B ~
>     $ chmod g+s foo

>     nort AT EAS-SOFTWAREE1B ~
>     $ ls -ld foo
>     drwxrwxr-x 1 nort flight 0 Jun 29 06:25 foo

>     nort AT EAS-SOFTWAREE1B ~
>     $ getfacl foo
>     # file: foo
>     # owner: nort
>     # group: flight
>     user::rwx
>     group::rwx
>     other::r-x


>>
>>
>>>
>>>> I ran strace, and it looks like the correct system call parameter is >>> getting passed.
>>>> I am curious as to how the sticky bit is implemented.
>>> First see if it was set or not.
>>>
>>>> It isn't obvious what underlying Windows functionality (if any) is >>> applied.
>>> It does. But the big question is, where do you try to do that.
>>> If this is inside Cygwin installation root, then things could work >> more or
>>> less POSIX'y. If this is outside Cygwin root (f.e. in your system >> profile), it
>>> may or may not work completely, depends how did you mount /cygdrive >> prefix.
>>
>> I will confirm (shortly), but I'm pretty sure these tests were done > under vanilla /home (so c:\cygwin64\home)


> Confirmed (as shown above). Tested in /home/nort on directory /home/nort/foo


>>
>>
>>>
>>>> Ah, just checked on a system where this works, and creating a file >>> in the
>>>> directory from the
>>>> command shell does not set the group, so presumably this >>> functionality is
>>>> all within cygwin. That works for my application, except when it >>> doesn't.
>>>> Any suggestions on what I should look for?
>>> Look if you could avoid using +s. Isn't DACL enough?
>>
>> Am I correct that DACL is not available unless I am on a domain? This > is for a field computer, so connection to a domain is generally more > problematic than helpful.
>>

> So is this implemented using DACL under the hood? And is that expected to fail without a domain?

DACL  means "default ACL" or "directory ACL" (which is essentially the same
and meaning ACL's which will be applied to newly created child objects),
as in `setfacl -m 'd:g:flight:rwx,d:m::rwx' dir [...]`.


-- 
With best regards,
Andrey Repin
Friday, July 1, 2022 02:50:30

Sorry for my terrible english...

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple