On Dec 21 14:22, Thomas Wolff wrote:
> On 23.10.2015 14:25, Corinna Vinschen wrote:
> >On Oct 23 14:22, Corinna Vinschen wrote:
> >>On Oct 23 11:06, Achim Gratz wrote:
> >>>I don't have much time to test it right now (and won't have any time at all
> >>>next week), but so far things look good.  The problem with the 0.2 test
> >>>version with UID/GID mapping and not recognizing the primary domain in some
> >>>cases is gone (might have been a fluke anyway).  Correlating the output 
> >>>from
> >>>getfacl and icacls still requires some mental gymnastics, but I didn't find
> >>>any obvious errors in the mode bits and ACL so far, which means that things
> >>>like rsync (and some file tests) will now return the correct results for 
> >>>the
> >>>cases I've looked at.
> >>You won't believe how grateful I am having you testing this.  Thank you!
> >>
> >>Would you mind to read the comment at the start of sec_acl.cc?
> >https://sourceware.org/git/?p=newlib-cygwin.git;a=blob;f=winsup/cygwin/sec_acl.cc;hb=a8ec1e804ee9ba2d6f8304731e593dcf167c9836#l27
> >
> >>I'd be
> >>very interested in learning if the description is meaningful enough to
> >>other developers.  I also fear we need to have an improved documentation
> >>explaining how this works and what NOT to do, e.g., reorder ACLs :|
> Sorry for the late response...
> The description is mostly meaningful. Just the coexistence of X and X_OBJ
> entries isn't self-explanatory.

I think I don't quite understand what you mean.  As the developer I'm
working under the assumption that the posix ACL description is known
(not wanting to explain this from scratch in the sources).

- USER_OBJ refers to the owner of the file.  Only one such entry
  exists and is equivalent to the POSIX permission bits for the owner.

- GROUP_OBJ refers to the owning group of the file.  Only one such
  entry exsist, same as for USER_OBJ.

- USER is an entry for a secondary user.  There can be an arbitrary
  number up to a system-defined maximum of them.  E.g, Peter is owner of
  the file, so he's the one refered to by the USER_OBJ entry.  Paul has
  an additonal entry in the ACL with, say, rw- perms.  Paul's permissions
  are given by a USER entry  "user:paul:rw-".

- GROUP is an entry for a secondary group.  Any number up to a system-defined
  maximum entries are possible.  E.g, the owner is Paul (USER_OBJ), the
  group is Users (GROUP_OBJ), there's an additional entry for the
  Administrators group giving them Full Access.  This one is a GROUP
  entry "group:Administrators:rwx".

Does this make it clearer?  Is there still something missing in the
source comment?


Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

Attachment: signature.asc
Description: PGP signature

Reply via email to