On 11/4/2010 8:14 PM, Larry Hall (Cygwin) wrote:
> [...]
>>>> What does 'getfacl abc' say?
>> >
>>> $ getfacl abc
>>> # file: abc
>>> # owner: ibobyr
>>> # group: Domain Users
>>> user::rw-
>>> group::r--
>>> group:SYSTEM:rwx
>>> group:Administrators:rwx
>>> group:Users:r-x
>>> mask:rwx
>>> other:r--
>
> <snip>
>
>>>> There's more to permissions than just the 9 unix mode bits. You
>>>> really
>>>> CAN execute the file if test -x says you can; the question should
>>>> rather
>>>> be why 'chmod -x' didn't remove all execute permissions, and that
>>>> usually boils down to ACL settings.
>
> So, are you part of the 'Users' or 'Administrators' group? If so, you
> have executable permission from the ACL. Try removing those.
Both, I guess - it is the default Windows XP setup.
The problem is that it all happens in a git test script. The file is
created by the script and the checks are done by the script. And the
script it used on a number of systems.
Script does approximately the following:
cat <<EOF >abc
....
EOF
chmod -x abc
text ! -x abc
Larry Hall pointed out that it is probably the chmod "problem" that
after "chmod -x" I can still run abc as an executable. "test ! -x abc"
just conforms that the file is still indeed executable.
POSIX (IEEE Std 1003.1, 2004 Edition) says
"It is implementation-defined whether and how the /chmod/ utility
affects any alternate or additional file access control mechanism [...]
being used for the specified file."
(http://www.opengroup.org/onlinepubs/000095399/utilities/chmod.html)
I wonder what is the behavior on any other system. Is there anyone with
a variant of Unix or Linix with ACLs set up to do the same test?
Maybe there is any de facto standard?
I guess I can replace
test ! -x abc
with
{ ls -l abc | awk '/^.........x/ { exit 0 } { exit 1 }'; }
in this particular case. But if you have any other suggestion I would
like to hear it :)
