This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: chmod failed: Invalid argument


On Jan 28 19:43, Rainer Blome wrote:
> > Corinna Vinschen wrote 2016-01-28 18:22:
> > On Jan 28 17:06, Rainer Blome wrote:
> > > > Corinna Vinschen wrote 2016-01-28 15-44:
> > > > On Jan 28 15:24, Rainer Blome wrote:
> > > > the acl should always at least contain ACEs for the
> > > > default POSIX perms, plus a NULL ACE:
> > > > 
> > > > foo NULL SID:(DENY)(Rc,S)
> > > >     VINSCHEN\corinna:(R,W,D,WDAC,WO)
> > > >     VINSCHEN\vinschen:(R)
> > > >     Everyone:(Rc,S,RA)
> > > 
> > > In Windows Explorer -> `bar` -> RMB -> Properties -> Security ->
> > > Advanced, I am told that it inherits ist permissions from `base`,
> > > the parent of `bar`. (To be precise, it inherits from its
> > > grandparent, but I assume that the length of the ancestor chain is
> > > not important here.)
> > 
> > This means the permission have been inherited when creating the
> > file but Cygwin couldn't overwrite the ACL with a POSIXified variant
> > for one reason or another.  It might have to do with this mysterious
> > group 213...
> > 
> > > > For directories also inheritable default perms for "CREATOR OWNER" and
> > > > "CREATOR GROUP".  Is that really a Cygwin mkdir?!?
> > > 
> > > As far as can see, yes, see above.
> > > 
> > > > And then, what about
> > > > this unknwon group with gid 213?  What does
> > > > 
> > > >   $ getent group 213
> > > > 
> > > > print?  Something's weird here...
> > > 
> > > getent group 213; echo $?
> > > 2
> > 
> > Ok, that's not exactly helpful to analyze this problem.  Can you try
> > running another strace
> > 
> >   strace -o getfacl.trace getfacl <file>
> > 
> > on a file which has supposedly that group as owning group, e.g.  your
> > "base" dir?  We might have a chance to look at the SID of group 213 in
> > there.
> 
> That command segfaults, just as `strace : ` does.
> 
> > On a hunch, do you have old /etc/passwd and /etc/group files by any
> > chance?  Does moving them out of /etc (don't delete them for now!),
> > exiting from Cygwin and starting a new shell somehow fix things for you?
> > How do the files look like?
> 
> Define "old"! ;-) Yes, I do. There is no `/etc/group`, but
> `/etc/passwd` defines the group ID of my user as 213 (the real ID
> is a bit different, to be honest, but I do not think that matters.)

Ouch, that may be the reason.  I have to check that but your passwd
and group files are

1) Not required anymore, see https://cygwin.com/cygwin-ug-net/ntsec.htm,
   and

2) *iff* they are there, there's good reason to have them in a good
   working shape.

> When I rename the file and open a new Cygwin terminal, things start
> to work. `strace echo` yields the expected output, `chmod` does
> what it's supposed to do, and `git config`, `git init` and `git
> clone foo foo2` work as well.
> 
> The `git clone repo:bar` then fails because my `~/.ssh` is
> apparently no longer found (and I can only log in via SSH
> key). This is a bit surprising, because in the new terminal,
> `$HOME` and `~/.` are still set the way I specified it in the old
> `/etc/passwd` (now with extension `.renamed`).  So some programs
> apparently use one method of determining the home directory, and
> others use a different method. I will look into that tomorrow.

Yes, indeed.  Ssh ignores $HOME and it does so as long as it exists.
Ssh uses the pw_dir field from your passwd entry and that in turn is
determined by /etc/passwd if it exists, or by /etc/nsswitch.conf. 
See the extensive documentation starting at
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch
The default homedir is /home/<USERNAME>.  There are a few knobs to
play with to change this setting, see
https://cygwin.com/cygwin-ug-net/ntsec.html#ntsec-mapping-nsswitch-home

> If, after this "breakthrough", there is still value in looking
> further into the ACLs, I am willing to do that. However, the strace
> output looks awfully laborious to sanitize, so I can not do this
> today.

There's not much to sanitize usually, a few env variables you don't like
to publish, that's all.  Other than that, it might not be required
anymore to generate the strace at all.  Writing this mail is my last
action for today aswell, at least :)

> Thanks for the help so far.

Thanks for *your* help.  I expect there are still a few problems in that
code since not even a multi-month testphase finds all problems.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: signature.asc
Description: PGP signature


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]