Re: multi-user file permission problems
Brian Ford wrote: Here is an example: ls -l /bin/make.exe -rwx--+ 1 ford None 156160 May 11 2002 make.exe getfacl -a /bin/make.exe # file: make.exe # owner: ford # group: None user::rwx group::--- group:SYSTEM:rwx group:Administrators:rwx group:Users:r-x mask:rwx other:--- So, you can see that the unix permissions do not show read or execute status for anyone but me. However, the ACL's show Users do have these permissions. Yep. It's impossible to fully represent an ACL in traditional Unix permissions. Trying to execute make in bash via PATH for other users results in make not found. But, trying to execute /usr/bin/make works fine for them. Can someone please help? Thanks. Options: - Disable ntsec - chown/chmod everything Future versions of setup will set the group to either Administrators or Users, which should allow more of the ACL to show in the mode bits. Max. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: multi-user file permission problems
On Tue, 11 Feb 2003, Max Bowsher wrote: Brian Ford wrote: Here is an example: ls -l /bin/make.exe -rwx--+ 1 ford None 156160 May 11 2002 make.exe getfacl -a /bin/make.exe # file: make.exe # owner: ford # group: None user::rwx group::--- group:SYSTEM:rwx group:Administrators:rwx group:Users:r-x mask:rwx other:--- So, you can see that the unix permissions do not show read or execute status for anyone but me. However, the ACL's show Users do have these permissions. Yep. It's impossible to fully represent an ACL in traditional Unix permissions. That's fine. Trying to execute make in bash via PATH for other users results in make not found. But, trying to execute /usr/bin/make works fine for them. Can someone please help? Thanks. Options: - Disable ntsec - chown/chmod everything Future versions of setup will set the group to either Administrators or Users, which should allow more of the ACL to show in the mode bits. I strongly vote for Users. Please yell loudly when this future version appears. Why are shells and such confused by this, though? -- Brian Ford Senior Realtime Software Engineer VITAL - Visual Simulation Systems FlightSafety International Phone: 314-551-8460 Fax: 314-551-8444 -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: multi-user file permission problems
Brian Ford wrote: On Tue, 11 Feb 2003, Max Bowsher wrote: Yep. It's impossible to fully represent an ACL in traditional Unix permissions. That's fine. Trying to execute make in bash via PATH for other users results in make not found. But, trying to execute /usr/bin/make works fine for them. Can someone please help? Thanks. Options: - Disable ntsec - chown/chmod everything Future versions of setup will set the group to either Administrators or Users, which should allow more of the ACL to show in the mode bits. I strongly vote for Users. Actually, the currently proposed patch decides based on the group membership of the user running setup. But it might be better for this to be a choosable option. Please yell loudly when this future version appears. It should be in the next version. Whenever that is. Probably soon-ish, but only probably, and stress on the *ish*. Why are shells and such confused by this, though? Well, that scan PATH, looking for executables and if file they see isn't executable, they ignore it. Max. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: multi-user file permission problems
On Wed, 12 Feb 2003, Max Bowsher wrote: Brian Ford wrote: Why are shells and such confused by this, though? Well, that scan PATH, looking for executables and if file they see isn't executable, they ignore it. Isn't that a bug if they don't use the ACL's for OS's that have 'em? -- Brian Ford Senior Realtime Software Engineer VITAL - Visual Simulation Systems FlightSafety International Phone: 314-551-8460 Fax: 314-551-8444 -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: multi-user file permission problems
Brian Ford wrote: On Wed, 12 Feb 2003, Max Bowsher wrote: Brian Ford wrote: Why are shells and such confused by this, though? Well, that scan PATH, looking for executables and if file they see isn't executable, they ignore it. Isn't that a bug if they don't use the ACL's for OS's that have 'em? Lack-of-feature is perhaps a better way to put it. And in the shells, not in Cygwin, in any case. ACLs aren't exactly common, or particularly standardized. I believe Cygwin tries to emulate Solaris. On Linux, ACLs require a non-standard kernel patch. Therefore, unrealistic to expect much support for ACLs outside specific ACL-handling tools. Max. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
Re: multi-user file permission problems
On Wed, Feb 12, 2003 at 12:04:07AM -, Max Bowsher wrote: Brian Ford wrote: I strongly vote for Users. Actually, the currently proposed patch decides based on the group membership of the user running setup. But it might be better for this to be a choosable option. It's Users when possible. It has to be one of the groups of the user running setup. Administrators is the backup choice. It should be unusual. I don't understand why Brian had problems this time, and not in previous installs. Were you running setup from Cygwin, with a gid (in /etc/passwd) different from 513? Pierre -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
