Weird issue with file permissions

Lavrentiev, Anton (NIH/NLM/NCBI) [C] via Cygwin Thu, 30 Jun 2022 22:48:11 -0700

Hi all,

I am having an issue with socket file permissions...


So here's a mockup of code that shows the problem:

$ cat sun.c
#include <stdio.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/un.h>


#define SOCKET "./.socket"

int main()
{
    struct sockaddr_un addr;
    struct stat st;
    mode_t u;
    int s;

    /* create a UNIX socket */
    if ((s = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) {
        perror("socket");
        return 1;
    }

    memset(&addr, 0, sizeof(addr));
    addr.sun_family = PF_UNIX;
    strcpy(addr.sun_path, SOCKET);
    unlink(SOCKET);

    u = umask(0);
    if (bind(s, (struct sockaddr*) &addr, sizeof(addr)) != 0) {
        perror("bind");
        return 1;
    }

    umask(u);
    if (fchmod(s, 0666) < 0)
        printf("fchmod: %m\n");

    if (fstat(s, &st) < 0) {
        perror("fstat");
        return 1;
    }

    printf("fstat mode = %03o\n", st.st_mode);


    if (stat(SOCKET, &st) < 0) {
        perror("stat");
        return 1;
    }

    printf("stat mode = %03o\n", st.st_mode);

    return 0;
}

$ gcc -Wall -o sun sun.c

Now, if I run this code in my Cygwin home directory (and any directory that I 
create using "mkdir..." under it),
I am getting the expected results:

$ ~/sun
fstat mode = 140666
stat mode = 140666

$ ls -l .socket
srw-rw-rw-+ 1 ANTON None 0 Jul  1 01:19 .socket=

However, if I run it elsewhere (different drive "cd /cygdrive/g/cygwin" -- it's 
NOT where Cygwin is installed,
just a folder that keeps files for Cygwin development, the installation is on 
C:\Cygwin64), I cannot predict
the results.  What's weird is that fstat and stat report different file modes.

$ pwd
/cygdrive/g/cygwin
$ ~/sun
fstat mode = 140666
stat mode = 140666
$ ls -l .socket
srw-rw-rw-+ 1 ANTON None 0 Jul  1 01:24 .socket=

So all's good here, BUT:

$ mkdir subdir
$ cd subdir
$ pwd
/cygdrive/g/cygwin/subdir
$ ~/sun
fstat mode = 140666
stat mode = 140664
$ ls -l .socket
srw-rw-r--+ 1 ANTON None 0 Jul  1 01:25 .socket=

Note that fstat lied!

For some reason getfacl returns "Not supported", so I could not investigate 
with that, but I'm showing below
the icacls outputs for both /cygwin/g/cygwin and /cygdrive/g/cygwin/subdir with 
their .socket files, respectively.

At any rate, it looks like fstat, despite reporting the mode, wasn't actually 
able to bake it on disk
using those insanely complicated Windows permissions.

What's more insane, is that using the chmod command from shell, I'm able to 
change the permissions to 0666,
and it sticks:

$ pwd 
/cygdrive/g/cygwin/subdir
$ chmod 0666 .socket
$ ls -l .socket
srw-rw-rw-+ 1 ANTON None 0 Jul  1 01:25 .socket=

Any insights will be highly appreciated!
Thanks.

$ pwd
/cygdrive/g/cygwin

$ icacls .
. BUILTIN\Administrators:(I)(F)
  BUILTIN\Administrators:(I)(OI)(CI)(IO)(F)
  NT AUTHORITY\SYSTEM:(I)(F)
  NT AUTHORITY\SYSTEM:(I)(OI)(CI)(IO)(F)
  NT AUTHORITY\Authenticated Users:(I)(M)
  NT AUTHORITY\Authenticated Users:(I)(OI)(CI)(IO)(M)
  BUILTIN\Users:(I)(RX)
  BUILTIN\Users:(I)(OI)(CI)(IO)(GR,GE)

$ icacls .socket
.socket NULL SID:(DENY)(Rc,S,WEA,X,DC)
        ANTON\ANTON:(R,W,D,WDAC,WO)
        ANTON\None:(DENY)(S,X)
        NT AUTHORITY\Authenticated Users:(DENY)(S,X)
        NT AUTHORITY\SYSTEM:(DENY)(S,X)
        BUILTIN\Administrators:(DENY)(S,X)
        BUILTIN\Users:(DENY)(S,X)
        ANTON\None:(RX,W)
        NT AUTHORITY\Authenticated Users:(RX,W)
        NT AUTHORITY\SYSTEM:(RX,W)
        BUILTIN\Administrators:(RX,W)
        BUILTIN\Users:(RX,W)
        Everyone:(R,W)

$ cd subdir

$ icacls .
. NULL SID:(DENY)(Rc,S,REA,WEA,X,DC)
  ANTON\ANTON:(F)
  ANTON\None:(RX)
  NT AUTHORITY\Authenticated Users:(RX,W,DC)
  NT AUTHORITY\SYSTEM:(RX,W,DC)
  BUILTIN\Administrators:(RX,W,DC)
  BUILTIN\Users:(RX)
  Everyone:(RX)
  NULL SID:(OI)(CI)(IO)(DENY)(Rc,S,REA,WEA,X,DC)
  CREATOR OWNER:(OI)(CI)(IO)(F)
  CREATOR GROUP:(OI)(CI)(IO)(RX)
  NT AUTHORITY\Authenticated Users:(OI)(CI)(IO)(RX,W,DC)
  NT AUTHORITY\SYSTEM:(OI)(CI)(IO)(RX,W,DC)
  BUILTIN\Administrators:(OI)(CI)(IO)(RX,W,DC)
  BUILTIN\Users:(OI)(CI)(IO)(RX)
  Everyone:(OI)(CI)(IO)(RX)

As created by the program:

$ icacls .socket
.socket NULL SID:(DENY)(Rc,S,WEA,X,DC)
        ANTON\ANTON:(R,W,D,WDAC,WO)
        ANTON\None:(DENY)(S,X)
        NT AUTHORITY\Authenticated Users:(DENY)(S,X)
        NT AUTHORITY\SYSTEM:(DENY)(S,X)
        BUILTIN\Administrators:(DENY)(S,X)
        BUILTIN\Users:(DENY)(S,X)
        ANTON\None:(RX)
        NT AUTHORITY\Authenticated Users:(RX,W)
        NT AUTHORITY\SYSTEM:(RX,W)
        BUILTIN\Administrators:(RX,W)
        BUILTIN\Users:(RX)
        Everyone:(R)

After chmod:

$ icacls .socket
.socket NULL SID:(DENY)(Rc,S,WEA,X,DC)
        ANTON\ANTON:(R,W,D,WDAC,WO)
        ANTON\None:(DENY)(S,X)
        NT AUTHORITY\Authenticated Users:(DENY)(S,X)
        NT AUTHORITY\SYSTEM:(DENY)(S,X)
        BUILTIN\Administrators:(DENY)(S,X)
        BUILTIN\Users:(DENY)(S,X)
        ANTON\None:(RX)
        NT AUTHORITY\Authenticated Users:(RX,W)
        NT AUTHORITY\SYSTEM:(RX,W)
        BUILTIN\Administrators:(RX,W)
        BUILTIN\Users:(RX)
        ANTON\None:(DENY)(W,DC)
        BUILTIN\Users:(DENY)(W,DC)
        Everyone:(R,W)

Anton Lavrentiev
Contractor NIH/NLM/NCBI


-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

Weird issue with file permissions

Reply via email to