This is the mail archive of the cygwin-apps mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

setup and getfacl

From: Charles Wilson <cygwin at cwilson dot fastmail dot fm>
To: Mailing List: CygWin-Apps <cygwin-apps at cygwin dot com>
Date: Sun, 29 Mar 2009 20:26:20 -0400
Subject: setup and getfacl

I ran across something odd today while testing my forthcoming inetutils
update. It seems that within the environment in which postinstall
scripts are run via setup (the old, 1.5 versions 2.573.2.3 or 2.588),
one is unable to accurately obtain the ACLs or permissions of files and
directories.

Now, this all works just fine in the cygwin-1.7 setup (2.609) -- so it's
probably a moot issue as 1.5 is nearing EOL -- but if there's a quick
explanation I'd like to know, so I can update the inetutils
documentation with that info.

What happens is that during postinstall, various permission checks are
done on /var/run, /var/empty, /etc, and the like.  With the cygwin-1.5's
setup.exe, those checks fail, even though running the postinstall script
"by hand" from an Administrator account under cygwin-1.5 works fine (I
always run setup.exe with 'Run as Administration' and privilege
elevation under UAC).

So, I stuck some debug output at the end of csih to simply dump the ACLs
of a file and a directory (dummy files that are not otherwise involved
in the inetutils postinstall).  In a normal context (e.g. NOT during
setup/postinstall), they look like this:

First the file:

$ getfacl /etc/bob
# file: /etc/bob
# owner: Administrator
# group: Users
user::rwx
group::rwx
group:SYSTEM:rwx
group:Administrators:rwx
mask:rwx
other:rwx

Then the directory:

$ getfacl /etc/bobd
# file: /etc/bobd
# owner: Administrator
# group: Users
user::rwx
group::rwx
group:SYSTEM:rwx
group:Administrators:rwx
mask:rwx
other:rwx
default:user:Administrator:rwx
default:group:SYSTEM:rwx
default:group:Administrators:rwx
default:group:Users:r-x
default:mask:rwx

However, when I stuck the following into csih, so that it got invoked
via the inetutils postinstall script:

echo getfacl /etc/bob
getfacl /etc/bob
echo getfacl /etc/bobd
getfacl /etc/bobd

I get the following in setup.log.full:

getfacl /etc/bob
# file: /etc/bob
# owner: Administrator
# group: Users
user::rw-
group::r--
other:r--
mask:rwx


getfacl /etc/bobd
# file: /etc/bobd
# owner: Administrator
# group: Users
user::rwx
group::r-x
other:r-x
mask:rwx


Huh?  Is this a bug, or just a known mis-feature?  What causes it?  And,
is it worth fixing in the cygwin-1.5 setup (most probably not, I'd guess).

--
Chuck

Follow-Ups:
- Re: setup and getfacl
  - From: Corinna Vinschen

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]