This is the mail archive of the
cygwin
mailing list for the Cygwin project.
RE: chmod not working with ntsec set
- From: "Matthew Pittman" <m dot pittman at pks dot com dot au>
- To: <cygwin at cygwin dot com>
- Date: Thu, 12 Jan 2006 16:27:41 +1100
- Subject: RE: chmod not working with ntsec set
> -----Original Message-----
> From: cygwin-owner@cygwin.com [mailto:cygwin-owner@cygwin.com]On Behalf
> Of Igor Peshansky
> Sent: Thursday, 12 January 2006 1:54 PM
> To: Matthew Pittman
> Cc: cygwin@cygwin.com
> Subject: RE: chmod not working with ntsec set
>
>
> Ugh, top-posting... Reformatted.
>
> On Thu, 12 Jan 2006, Matthew Pittman wrote:
>
> > -----Original Message-----
> > From: cygwin-owner@XXXXXX.XXX
> [mailto:cygwin-owner@XXXXXX.XXX]On Behalf Of Igor Peshansky
> > Sent: Thursday, 12 January 2006 12:54 PM
> > To: Matthew Pittman
> > Cc: cygwin@XXXXXX.XXX
>
> <http://cygwin.com/acronyms/#PCYMTNQREAIYR>. Thanks.
>
> > Subject: Re: chmod not working with ntsec set
> >
> > > On Thu, 12 Jan 2006, Matthew Pittman wrote:
> > >
> > > > I know this is a dumb question but I have made genuine efforts to
> > > > understand what I'm doing wrong and I'm still missing the point.
> > > > Sorry for wasting your time.
> > > >
> > > > I've installed cygwin under WXP in a domain. When I first started
> > > > bash I got a warning about groups but it said that I could safely
> > > > ignore it so I did. Of course now I can't remember exactly what it
> > > > was but I think it was something about creating mkgroup-l-d because
> > > > it couldn't create the correct group.
> > > >
> > > > I pressed on regardless but I found I couldn't get chmod to work so
> > > > I searched the documentation, web and mailing list archives and
> > > > found that I should set the CYGWIN environment variable to "ntsec".
> > > > I also noted that this should now be the default anyway but I set it
> > > > anyway and it hasn't solved the problem.
> > > >
> > > > $ echo $CYGWIN
> > > > ntsec
> > > >
> > > > $ chmod -v u+x .bashrc
> > > > mode of `.bashrc' changed to 0744 (rwxr--r--)
> > > >
> > > > $ ls -l .bashrc
> > > > -rw-r--r-- 1 matt mkgroup-l-d 316 Jan 11 13:39 .bashrc
> > > >
> > > > I also note that I have write permission to the folder.
> > > > drwxr-xr-x 1 matt mkgroup-l-d 4096 Jan 11 17:12 .
> > > > Can anyone put me out of my misery? Thanks in advance,
> > >
> > > This is not a dumb question, this is an (incomplete) problem report.
> > > It would be very helpful if you read and followed the Cygwin problem
> > > reporting guidelines at <http://cygwin.com/problems.html> --
> > > particularly the part about attaching (as an uncompressed text
> > > *attachment*) the output of "cygcheck -svr" on your machine.
> > >
> > > In the absence of that information, all I can do is venture a
> couple of
> > > WAGs:
> > >
> > > 1) you probably have two users named "matt" on your machine -- one
> > > local, and one domain. The file is owned by the domain user, while
> > > you're logged in as a local one, or vice versa. Thus, chmod just
> > > doesn't have the access rights to change permissions.
> > >
> > > 2) your file is on a FAT/FAT32 partition. Please read the description
> > > of the "ntea" option at
> > > <http://cygwin.com/cygwin-ug-net/using-cygwinenv.html>. This
> > > information also used to be in the NTSEC part of the User's Guide at
> > > <http://cygwin.com/cygwin-ug-net/ntsec.html> (and, in fact, the "ntea"
> > > description has a link to it), but it doesn't seem to be there
> > > anymore. In short, file permissions don't work on FAT (without special
> > > setup) and FAT32 partitions (at all).
> > >
> > > 3) building on 2) above, your file could be on a network share that a)
> > > doesn't support permissions, or b) is a Samba share but you don't have
> > > "smbntsec" turned on (I forget whether it's on by default, and am too
> > > lazy to look at the code at the moment).
> > >
> > > Note that these are WAGs, due to lack of exact information.
> > > HTH,
> >
> > Thanks very much Igor,
> >
> > Attached is the output of cygcheck -s -v -r > cygcheck.out
>
> Which looks ok, FWIW, and confirms that you're a domain user and that you
> have network drives.
>
> > I have also established that both C: and X: are NTFS partitions but X:
> > is a network share. chmod works on C: but not on X:.
>
> Your best bet is to add the "smbntsec" option to your CYGWIN variable and
> see if this solves your problem. If that doesn't help, then your share
> does not support ACLs for some reason (and thus permissions will not
> work).
>
> > There are no local accounts named matt but I note that creating a file
> > under my login account on c: results in the following undefined group:
> >
> > 420 -rwx------+ 1 matt ???????? 616236 Jan 12 11:48
> cygwin-ug-net.pdf
> >
> > I'm guessing that this has something to do with cygwin's need to create
> > the mkgroup-l-d group and that it can't work out what group the user
> > matt is in? But this is a WAG too.
>
> What it means is described in the last section of the NTSEC document at
> <http://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-ids>. You may want to
> run "mkgroup -l -d >> /etc/group" to update your groups (be aware that
> this may take a long time in large domains).
>
> > Any ideas where I go from here?
>
> If the "smbntsec" setting doesn't help, I'm not aware of any solution.
> Perhaps Corinna (Cygwin project co-leader and ntsec expert) will chime in
> with more suggestions.
> Igor
> --
The problem appears to be resolved although I am not clear why because I
didn't pay enough attantion as I worked through your suggestions (sorry).
I ran mkgroup and that certainly added a swag of SIDs to the group file that
weren't there before. I don't think this made any significant difference
but I may be mistaken. I can't remember if I restarted bash at this point
so I can't be sure if this fixed the problem or not but I don't think so.
I changed the group setting for my user to Domain Users and then found that
Domain Users was correctly displayed as the group (no big surprise there).
I added smbntsec to the CYGWIN env var (we don't use SAMBA) and I did
restart bash. At this point I noticed that the owner displayed for most of
the files had changed to "Administrators". (This is very odd to me because
that is a local group name.) It's possible this was the result opf the
mkgroup command, again not sure. Since this was clearly not the owner I
wanted I chown'ed to my user and then retried the chmod. This worked
correctly.
Thanks again for all your help.
Matt.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/