This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

`setfacl -m u:jdoe:rwx foo` returns 0, but file not writable by jdoe??


Admittedly, this may be going "outside the cygwin perms model" a bit:

In the below test case file 'foo' has it's RO file attribute set, then has
it's owner changed to someone other than the current user, has the posix
group set to None, the DACL protected, and all aces removed from the DACL.

Next step is to run this (assumes we are user 'jdoe' [an administrator]):

  setfacl -m u:jdoe:rwx foo

Above command returns 0 but jdoe can not write.  The cause appears to
be that the windows RO file attribute is not unset by setfacl.

The example below uses 'setacl' ( http://setacl.sourceforge.net/html/doc-reference.html )
to protect and clear the DACL, and set owner and group.

Pls see example below. 

--
thanks,
Tom Rodman

--v-v------------------C-U-T---H-E-R-E-------------------------v-v-- 
$ cd /tmp
$ object=foo owner=staffuser2
$ rm -f foo; ls foo
ls: foo: No such file or directory
$ touch foo;cmd /c attrib +R foo 
$ setacl -on "$(cygpath -aw "$object")" -ot file -actn setowner -ownr "n:$owner" \
>         -actn setgroup -grp n:none -actn clear -clr dacl -actn setprot -op dacl:p_nc
Processing ACL of: <\\?\c:\aut\cyg\tmp\foo>

SetACL finished successfully.
$ ls -l foo
---------- 1 staffuser2 None 0 Jan  5 12:53 foo
$ cmd /c attrib foo
A    R     C:\aut\cyg\tmp\foo
$ dacl foo
+ setacl -on 'c:\aut\cyg\tmp\foo' -ot file -actn list -lst 'f:tab;w:o,g,d,s;i:y;s:n'
\\?\c:\aut\cyg\tmp\foo

   Owner: DOMxx1\staffuser2

   Group: OurWorkStn00\None


SetACL finished successfully.
+ set +x
$ getfacl foo
# file: foo
# owner: staffuser2
# group: None
user::---
group::---
mask:rwx
other:---
$ setfacl -m u:adm_usr1:rwx "$object"
$ getfacl foo
# file: foo
# owner: staffuser2
# group: None
user::---
user:adm_usr1:rwx
group::---
mask:rwx
other:---
$ echo hi >> foo
-bash: foo: Permission denied
$ test -w foo || echo not writable
not writable
$ : in another shell session user staffuser2 unsets RO file attribute
$ test -w foo || echo not writable by adm_usr1
$ echo hi >> foo
$
$ uname -a
CYGWIN_NT-5.0 OurWorkStn00 1.5.20s(0.155/4/2) 20060403 13:33:45 i686 Cygwin


--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]