On Sun, Nov 29, 2009 at 3:48 PM, Ken Brown wrote: > On 11/29/2009 3:19 PM, Ken Brown wrote: >> >> On 11/29/2009 2:59 PM, Robert Pendell wrote: >>> >>> On Sun, Nov 29, 2009 at 9:32 AM, Corinna Vinschen wrote: >>>> >>>> On Nov 28 19:12, Robert Pendell wrote: >>>>> >>>>> On Sat, Nov 28, 2009 at 12:13 PM, Angelo Graziosi wrote: >>>>>> >>>>>> Corinna Vinschen wrote: >>>>>>> >>>>>>> Fixes a few last-minute bugs: >>>>>> >>>>>> Now, it seems that creating directories and files in some manner >>>>>> acquires an extra unexpected '+' flag. For example (from Cygwin.bat or >>>>>> MinTTY): >>>>>> >>>>>> >>>>>> $ echo "Not " > foo1.txt >>>>>> >>>>>> $ echo "Not OK" > foo2.txt >>>>>> >>>>>> $ diff -Naur foo1.txt foo2.txt > foo.diff >>>>>> >>>>>> $ cp foo1.txt foo.txt >>>>>> >>>>>> $ patch foo.txt foo.diff >>>>>> patching file foo.txt >>>>>> >>>>>> $ mkdir foo >>>>>> >>>>>> $ ls -lrtd foo* >>>>>> -rw-r--r-- 1 ... 5 28 Nov 18:02 foo1.txt >>>>>> -rw-r--r-- 1 ... 7 28 Nov 18:02 foo2.txt >>>>>> -rw-r--r-- 1 ... 124 28 Nov 18:02 foo.diff >>>>>> -rw-r--r--+ 1 ... 7 28 Nov 18:03 foo.txt >>>>>> drwxr-xr-x+ 1 ... 0 28 Nov 18:03 foo >>>>>> >>>>>> See the extra '+' for 'foo.txt' and 'foo'! >>>>>> >>>>>> I didn't note this with previous version -66, -65... >>>>>> >>>>>> Is it to be expected with -67? >>>>>> >>>> For the directory entry, yes. These additional entries are default >>>> entries for user, group, and other, generated by code which was already >>>> in 1.5, and which had been removed from 1.7.0 back in January. >>>> Unfortunately the removal of these entries result in potentially weird >>>> permission settings on files within Cygwin-created directories in case >>>> the files are created by non-Cygwin Windows tools. Therefore I put them >>>> back in -63. >>>> >>>> Apart from that, I don't see the extra permissions when creating the >>>> patched foo.txt. In other words, I can't reproduce it, at least not on >>>> W7 under UAC. >>>> >>>>> Looks like there is a change in permissions with the file during the >>>>> diff program run. I might run a strace on it if someone tells me the >>>>> appropriate command to do. Anyways here is the relevant part with >>>>> icacls before and after the diff command. >>>>> >>>>> shi...@balthasar ~ >>>>> $ icacls foo.txt >>>>> foo.txt Balthasar\shinji:(R,W,D,WDAC,WO) >>>>> Balthasar\None:(R) >>>>> Everyone:(R) >>>>> >>>>> Successfully processed 1 files; Failed processing 0 files >>>>> >>>>> shi...@balthasar ~ >>>>> >>>>> $ patch foo.txt foo.diff >>>>> patching file foo.txt >>>>> >>>>> shi...@balthasar ~ >>>>> $ icacls foo.txt >>>>> foo.txt Balthasar\shinji:(R,W,D,WDAC,WO) >>>>> Balthasar\None:(R) >>>>> Everyone:(R) >>>>> NT AUTHORITY\SYSTEM:(F) >>>>> BUILTIN\Administrators:(F) >>>>> >>>>> Successfully processed 1 files; Failed processing 0 files >>>>> >>>>> The 2 additional permission lines on the second icacls run is what >>>>> causes the + to appear. >>>> >>>> Indeed. I just don't get how they are generated. I know where they are >>>> coming from (they are part of the default DACL of the user token), but I >>>> don't understand how they get into the ACL of foo.txt. For some reason >>>> this doesn't occur in my testing. I tried in a normal as well as in an >>>> elevated shell, in a directory created with an older version of Cygwin >>>> without default entries, as well as in a directory created with a newer >>>> Cygwin with default entries. In neither case I see the extra entries >>>> for SYSTEM and Administrators. >>>> >>>> What are the permissions of the parent directory? In other words, >>>> what does "icacls ." print in this scenario? >>> >>> Here is the output for icacls . >>> >>> shi...@balthasar ~ >>> $ icacls . >>> . Balthasar\shinji:(F) >>> Balthasar\None:(RX) >>> Everyone:(RX) >> >> Maybe the extra permissions are coming from the ACLs on the temporary >> directory used by patch. According to 'man patch', patch will use the first >> of the following variables that is set: TMPDIR, TMP, TEMP. On my system, >> TMP and TEMP are both set in the Windows environment. > > I just confirmed this on my XP SP3 system. I initially got similar behavior > to what Angelo and Robert reported, but it doesn't happen if I export > TMPDIR=/tmp before running patch. > > Ken
Actually I found setting the TMP in .bashrc worked as well. I set both TMP and TEMP in that file for use in cygwin and directed them towards /tmp. I didn't know about TMPDIR though. Coincidentally I thought to take a look at the system wide TEMP folder and I get this... shi...@balthasar /cygdrive/c/users/shinji/appdata/local/temp $ icacls . . NT AUTHORITY\SYSTEM:(I)(OI)(CI)(F) BUILTIN\Administrators:(I)(OI)(CI)(F) Balthasar\shinji:(I)(OI)(CI)(F) Successfully processed 1 files; Failed processing 0 files That's where the additional Administrators and SYSTEM entries are coming from. The strace reveals a rename operation that is done to a temp file in the system temp folder and sets it to the filename for the item being patched. Robert Pendell shi...@elite-systems.org CAcert Assurer "A perfect world is one of chaos." -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
