CYGWIN=ntsec, "cp -a", and NT acls
Rob Walker
rwalker@qualcomm.com
Sat Dec 6 01:05:00 GMT 2008
I'm having some issues accessing "read-only" files created with cp under
the default CYGWIN=ntsec security mode.
The issues center around Windows programs that want to overwrite these
files. Sometimes they fail to do so even when told to make the file
write-able.
The issue is most easily illustrated with the following script (called
acls_test.sh)
#!/bin/bash
FILE=acls_test_file.$$
# good form to clean up first
rm -f ${FILE}
# create a file with a Windows program
cmd /c "echo hi > ${FILE}"
# make it read-only the windows way
attrib +R ${FILE}
# copy it
cp -a ${FILE} ${FILE}_copy
# attempt to copy over the copy using cmd's copy, will fail
cmd /c "copy /Y ${FILE} ${FILE}_copy"
# examine the files
ls -l ${FILE} ${FILE}_copy
cacls ${FILE}
cacls ${FILE}_copy
# cleanup
if [ "${1}" != "-dirty" ]
then
rm -f ${FILE} ${FILE}_copy
fi
The result of which, when run on my machine is:
rwalker@pariah> ./acls_test.sh
Access is denied.
0 file(s) copied.
-r-xr-xr-x 1 rwalker None 5 Dec 5 16:53 acls_test_file.1516
-r-xr-xr-x 1 rwalker None 5 Dec 5 16:53 acls_test_file.1516_copy
c:\tmp\acls_test_file.1516 PARIAH\rwalker:F
PARIAH\None:R
Everyone:R
c:\tmp\acls_test_file.1516_copy PARIAH\rwalker:(special access:)
STANDARD_RIGHTS_ALL
DELETE
READ_CONTROL
WRITE_DAC
WRITE_OWNER
SYNCHRONIZE
STANDARD_RIGHTS_REQUIRED
FILE_GENERIC_READ
FILE_GENERIC_EXECUTE
FILE_READ_DATA
FILE_READ_EA
FILE_WRITE_EA
FILE_EXECUTE
FILE_READ_ATTRIBUTES
FILE_WRITE_ATTRIBUTES
PARIAH\None:R
Everyone:R
The output of the examination above shows me that "cp -a" doesn't
preserve Full Control for the owner on the copied file. Is this the
expected behavior under ntsec? If I use CYGWIN=nontsec, Full Control is
preserved.
Note the "Access is denied". This is the issue I'm having. I need for
the Windows programs to view the file copy the same way they'd view the
original file.
This is obviously a contrived example. I don't need to use "cmd /c
copy" and "cp" interchangeably, but there are a bunch of native Windows
tools that have the same behavior as "cmd /c copy". Cygwin's
interoperability with these are my problem.
Cygcheck.out attached.
Thanks a bunch,
Rob
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: cygcheck.out
URL: <http://cygwin.com/pipermail/cygwin/attachments/20081206/19684075/attachment.ksh>
-------------- next part --------------
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list