chmod rocks!

List of commands:
 - mkdir T
 - chmod u-w T
 - chmod u+w T
 - touch T/aap

Summary: chmod is able to remove 'write access', and reinstate it subsequently in contrast to setfacl

@@ pwd
/drv/e
@@ mkdir T
@@ chmod u-w T
@@ chmod u+w T
@@ touch T/aap

----- same sequence of commands
@@ pwd
/drv/e
@@ mkdir T
@@ chmod u-w T
@@ icacls T
T Seven\Henri:(RX,D,WDAC,WO,WA) # <==== Note: lost W, but got WA in stead ... (setfacl fails here)
  Seven\None:(RX)
  Everyone:(RX)
  CREATOR OWNER:(OI)(CI)(IO)(F)
  CREATOR GROUP:(OI)(CI)(IO)(RX)
  Everyone:(OI)(CI)(IO)(RX)

Successfully processed 1 files; Failed processing 0 files
@@ chmod u+w T
@@ icacls T
T Seven\Henri:(F)
  Seven\None:(RX)
  Everyone:(RX)
  CREATOR OWNER:(OI)(CI)(IO)(F)
  CREATOR GROUP:(OI)(CI)(IO)(RX)
  Everyone:(OI)(CI)(IO)(RX)

Successfully processed 1 files; Failed processing 0 files
@@

----- same sequence of commands, but now using Helge Klein's SetACL to diagnose
 - https://helgeklein.com/setacl

@@ pwd
/drv/e
@@ mkdir T
@@ chmod u-w T
@@ hk-getfacl.sh T
Privilege 'Back up files and directories' could not be enabled. SetACL's powers are restricted. Better run SetACL with admin rights.
Privilege 'Restore files and directories' could not be enabled. SetACL's powers are restricted. Better run SetACL with admin rights.
Privilege 'Take ownership of files or other objects' could not be enabled. SetACL's powers are restricted. Better run SetACL with admin rights.
E://T

   DACL(protected):
   Seven\Henri   read_execute+FILE_WRITE_ATTRIBUTES+WRITE_OWNER+WRITE_DAC+DELETE   allow   no_inheritance
   Seven\None   read_execute   allow   no_inheritance
   Everyone   read_execute   allow   no_inheritance
   CREATOR OWNER   full   allow   container_inherit+object_inherit+inherit_only
   CREATOR GROUP   read_execute   allow   container_inherit+object_inherit+inherit_only
   Everyone   read_execute   allow   container_inherit+object_inherit+inherit_only
Note: Seven\Henri: lost write, but got FILE_WRITE_ATTRIBUTES in stead ... (setfacl fails here)

SetACL finished successfully.
@@ chmod u+w T
@@ hk-getfacl.sh T
Privilege 'Back up files and directories' could not be enabled. SetACL's powers are restricted. Better run SetACL with admin rights.
Privilege 'Restore files and directories' could not be enabled. SetACL's powers are restricted. Better run SetACL with admin rights.
Privilege 'Take ownership of files or other objects' could not be enabled. SetACL's powers are restricted. Better run SetACL with admin rights.
E://T

   DACL(protected):
   Seven\Henri   full   allow   no_inheritance
   Seven\None   read_execute   allow   no_inheritance
   Everyone   read_execute   allow   no_inheritance
   CREATOR OWNER   full   allow   container_inherit+object_inherit+inherit_only
   CREATOR GROUP   read_execute   allow   container_inherit+object_inherit+inherit_only
   Everyone   read_execute   allow   container_inherit+object_inherit+inherit_only


SetACL finished successfully.
@@

=====