This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: (call-process ...) hangs in emacs

On Aug 28 11:55, Corinna Vinschen wrote:
> On Aug 28 07:25, Achim Gratz wrote:
> > As a concrete example, in the following the directory x86 shows up on Cygwin
> > as follows:
> > 
> > > getfacl x86
> > # file: x86
> > # owner: otheruser
> > # group: Domain Users
> > user::---
> > group::---
> > group:FilerAdmins:rwx
> > group:ShareOwners:rwx
> > mask:rwx
> > other:---
> > default:user::---
> > default:group::---
> > default:group:FilerAdmins:rwx
> > default:group:ShareOwners:rwx
> > default:mask:rwx
> > default:other:---
> > > ls -ld x86
> > d---------+ 1 otheruser Domain Users 0 Jun 23 14:09 x86/
> > 
> > Under Linux in the same situation you'd get
> > 
> > > ls -ld x86
> > d---rwx---+ 1 otheruser Domain Users 0 Jun 23 14:09 x86/
> > 
> > instead (i.e. the mask bits shown in the group portion of the standard mode
> > flags).  If the file was owned by your uid, then you'd get indeed
> > 
> > > ls -ld x86
> > d---------+ 1 myself Domain Users 0 Jun 23 14:09 x86/
> > 
> > but you'd also really have no permissions.  On Windows you do have
> > permission to the file in that situation since the POSIX part of the ACL
> > (particularly the user::--- part that revokes all access for the file owner)
> > are faked by Cygwin and not taken into account when the file gets finally
> > accessed:
> > 
> > > icacls x86
> > x86 DOM\FilerAdmins:(I)(OI)(IO)(F)
> >     DOM\FilerAdmins:(I)(CI)(F)
> >     DOM\ShareOwners:(I)(OI)(IO)(M)
> >     DOM\ShareOwners:(I)(CI)(M)
> > 
> > If getting at the correct mask is too expensive, simply always faking an
> > "rwx" mask might actually be better than what we have now, since once the
> > ACL are fully processed you'll get the correct permissions anyway.
> 
> Handling of the CLASS object (aka "mask") has never been fully
> implemented, especially because there's no such thing as a CLASS object
> in a Windows ACL.
> 
> I guess it will always be some fake, but, yes, we can try to change
> stat() so that the st_mode group permissions reflect the or'ed bits of
> all permissions given to non-primary users and groups.  Same in acl(2).
> That might be useful.

I implemented this preliminary and uploaded a snapshot to
https://cygwin.com/snapshots/

"Preliminary", because this change introduces an API change:

Since the CLASS_OBJ and DEF_CLASS_OBJ entries only exist if secondary
user and group (default) entries exist, that means the default
permission entry only consists of 3 ACEs.  This in turn means, the
constant MIN_ACL_ENTRIES changed from 4 to 3.

This might negatively affect coreutils, at least `ls', even though in my
local testing it looked all normal.

Please test.


Thanks,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: pgpyIHxcSu9MQ.pgp
Description: PGP signature

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]