Help with ACL and POSIX permissions for external flash/HD.

Oleksandr Gavenko gavenkoa@gmail.com
Mon Oct 31 20:40:00 GMT 2011


30.10.2011 23:24, Oleksandr Gavenko пишет:
> I have problem with permission (files stand non-readable sometimes) on
> host when "rsync" or "hg clone/pull" done on external drive
> on another host.
>
> I read http://www.cygwin.com/cygwin-ug-net/ntsec.html
> partially understand text but don't know how to resolve
> my problem...
>
>  From manual:
>
> To use Windows security correctly, Cygwin depends on the files
> /etc/passwd and /etc/group
>
> So if I carry external storage from one host to another
> does second Cygwin stop understand permission on external storage
> correctly?
>
> I would like to see if all Cygwin operation set 666 permission
> for files and 777 for directories for external drive and
> don't set any host specific owners so I always can access to files.
>
> It is possible that Cygwin set owners only from well knows SIDs?
> Like S-1-1-0 (everyone), S-1-5-32-544 (Administrators)
> so this IDs valid on any Windows host.
>
Summarise: We have Cygwin permission model and external storage
that moved from hist place to another (very frequent like any
flash drive...).

   $ cd /cygdrive/h
   $ umask 0000
   $ rsync -av --no-g --no-p --chmod=ugo=rwX --delete ~/tmp/forth/ forth/
   ...
   $ cd forth/
   $ ls -l
-rw-rw-rw-  1 user passwd/group_GID_clash(513/10513) 98575 июн  8  2008 
buzzard.2
   ....
   $ icacls buzzard.2
icacls buzzard.2
buzzard.2 desktop\user:(R,W,D,WDAC,WO)
           desktop\None:(R,W)
           All:(R,W)

If I move drive to another host I got:

   permission denied
   invalid descriptor

that come from 'desktop\user' and 'desktop\None'.

Some times I can not ever browse file hierarchy on another host...

But seems that this is Windows 7 problem as same happen
if use Explorer for file coping.

I partially can resolve problem. So I able fix permission but
this take 15 min of script job...

Put 'uac.js' and 'uac.bat' to root of your drive and run 'uac.js'
which ask for admin permission and invoke 'uac.bat' for taking
ownership and granting full access to all:

   $ cat uac.bat
cd %1
takeown /r /f %1
icacls %1 /grant:r *S-1-1-0:(f) /t /c
pause

   $ cat uac.js
var fso = new ActiveXObject("Scripting.FileSystemObject");
var curdir = fso.GetParentFolderName(WScript.ScriptFullName);
var objShell = new ActiveXObject("shell.application");
objShell.ShellExecute("uac.bat", curdir, "", "runas", 1);

>
> Is it right to update /etc/fstab to:
>
> h: /cygdrive/h ntfs binary,noacl,user 0 0
>
> How can I set umask? In .bashrc? What if I run
> Cygwin program from cmd?
>
This question is open...


--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



More information about the Cygwin mailing list