Web lists-archives.com

Re: [Bug] File permissions across domains




On Apr 11 09:03, Corinna Vinschen wrote:
> Same here, belong on the Cygwin ML.  Redirecting.
> 
> Corinna
> 
> On Apr 10 18:47, Achim Gratz wrote:
> > 
> > We're in the midst of switching to a different LDAP domain
> > organisation.  All my accounts still arein the old domain and that leads
> > to problems when lookking at shares from a mchine in the new domain:
> > 
> > --8<---------------cut here---------------start------------->8---
> > (1027)/mnt/upload > touch bla
> > (1027)/mnt/upload > getfacl bla
> > # file: bla
> > # owner: OLD+gratz
> > # group: OLD+Domain Users
> > user::---
> > group::---
> > group:OLD+cygwinupload:rwx
> > mask:rwx
> > other:---
> > 
> > (1028)/mnt/upload > ls -l bla
> > ----rwx---+ 1 OLD+gratz OLD+Domain Users 0 Apr 10 14:41 bla
> > --8<---------------cut here---------------end--------------->8---
> > 
> > So Cygwin correctly figures that I'm the owner of the file, but fails to
> > translate my access rights (via group OLD+cygwinupload) into the owner
> > part of the modes like it does when I look at the same file from a
> > machine in the old domain.  That in turn confuse sprograms that check
> > the modes before the ACL (like Git) to tell me that I can't access the
> > files (or that there is no repository in the case of Git).

This is a bit low on detail.  What does icacls say about this file?  How
does getfacl report the ACL on a machine in the old domain?  What does
ls -l report on the file on both machines?  Does an strace on getfacl
report an error in ACL checking?


Thanks,
Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: signature.asc
Description: PGP signature