This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: LDAP integration / ACL in Perl revisited

On Jun 24 12:18, Achim Gratz wrote:
> I've just set up a new machine with Cygwin (64bit w/ the 2014-06-23 13:20:35
> snapshot), nsswitch.conf specifies "db" for both passwd and group (the files
> have been moved away just to be sure they aren't picked up).  I have one
> share with somewhat strange ACL that I always had to use via a "noacl" mount
> option.  I thought I should try again and this is what happened (bla is a
> file that has non-zero size and is owned by me):
> (1014) > getfacl bla
> # file: bla
> # owner: gratz
> # group: Domain Users
> user::---
> group::---
> group:+Authenticated Users:rwx
> mask:rwx
> other:---

^^^^^^^ This... (*)

> (1015) > [ -r bla ] && echo Hello...
> Hello...
> (1018) > perl -E 'say -R "bla" ? "yes" : "no"'
> no
> (1016) > perl -E 'say -r "bla" ? "yes" : "no"'
> no
> (1017) > perl -E 'say -O "bla" ? "yes" : "no"'
> yes
> So for whatever reason Perl still doesn't deal correctly with those ACL,
> while the shell test operator does.  Now the kicker: if I run Perl under
> strace, the test succeeds... huh?

Without pulling strace into the picture, I get different results for -O
depending on whether running this on the command line as above, or if I
run this via a perl script.  I prepared a file with permissions
equivalent to the above getfacl output:

  $ getfacl bla
  # file: bla
  # owner: corinna
  # group: vinschen
  group:+Authenticated Users:rwx

This results in 

  $ perl -E 'say -R "bla" ? "yes" : "no"'
  $ perl -E 'say -r "bla" ? "yes" : "no"'
  $ perl -E 'say -O "bla" ? "yes" : "no"'

But when I run this via a perl script:

  $ cat > <<EOF
  use v5.10;
  say -R bla ? "yes" : "no";
  say -r bla ? "yes" : "no";
  say -O bla ? "yes" : "no";
  $ perl

I didn't try to debug this.

>    26  556465 [main] perl 5712 path_conv::check: this->path(\\share\bla),
> has_acls(1)
>    34  556499 [main] perl 5712 build_fh_pc: fh 0x18032C9F0, dev 000000C3
>    27  556526 [main] perl 5712 stat_worker: (\??\UNC\share\bla, 0x600039498,
> 0x18032C9F0), file_attributes 32
> 12380  568906 [main] perl 5712 fhandler_base::fstat_helper: 0 = fstat
> (\??\UNC\share\bla, 0x600039498) st_size=228, st_mode=0x81A4,

(*) ...does not match that .........................^^^^^^^^^^^^^^

The getfacl permissions look like the last 9 bits of st_mode should have
been 000 octal, but the above st_mode is equivalent to 0644 permissions.
That's weird.  It does not happen for me, st_mode is 0100000, as expected.

If perl really only calls stat to check the POSIX permission bits (as
the strace output suggests, I checked mine), that would account for the
"no" in the -r/-R case.  What it should do is calling euidaccess/access,
or faccessat as test(1) does.

Since test(1) is doing the right thing and returning the right results,
I'm blaming perl for now.


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpEo0CHQRADR.pgp
Description: PGP signature

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]