This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: remove alternate access method / access control list

On 07/21/2010 11:44 AM, Fred Wheeler wrote:
> chmod affects the access permissions according to the ntsec system,
> but has no effect on this alternate access method.

This is possibly a bug in cygwin.  POSIX says:

"An alternate file access control mechanism shall:

    * Specify file permission bits for the file owner class, file group
class, and file other class of that file, corresponding to the access
    * Be enabled only by explicit user action, on a per-file basis by
the file owner or a user with appropriate privileges.
    * Be disabled for a file after the file permission bits are changed
for that file with chmod(). "

That is, calling chmod() to change bits should also have the effect of
removing ACLs, per POSIX (although POSIX appears to be silent about the
case of calling chmod() to set the bits to the value they already have).

But you would need to test this on Linux, to see if cygwin behaves the
same as Linux in this regard, or maybe ask the POSIX folks for some

Meanwhile, the correct tool to use for this task is setfacl(1).

Also, be aware that directories include inheritance ACLs, and that
inheritance ACLs are probably the main reason that files are created
with additional ACLs that cause ls to list a + for files in the first
place.  Generally, this is a good thing, as removing inheritance ACLs
from directories causes other problems in windows (so removing the +
from ls listings of files is a reasonable goal, but not necessarily
removing the + from ls listings of directories).

Eric Blake    +1-801-349-2682
Libvirt virtualization library

Attachment: signature.asc
Description: OpenPGP digital signature

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]