At 10:19 PM 8/10/2004, you wrote: > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >(Ref: original "Cygwin permissions problem" and related threads) > >FYI: I managed to resolve my issue by completely re-installing Cygwin >from scratch after having added (and allowing to propagate) the >"Everyone" group (Read and Execute only) to my set of permissions >[for all of my partitions]. > >What I find odd(?) about this whole episode is that the "Everyone" >group should apparently be required [by Cygwin] like that. Could >someone explain that to me? > >The reason I personally find it to be somewhat "odd" is simply >because my Windows system behaves perfectly (just fine) without it. > >Now I know that Cygwin (i.e. *nix) is NOT Windows and vice versa, but >why does Cygwin (*nix?) apparently choke whenever none of the (its?) >files are given any type of "public" access? (Which is what the >"Everyone" group is for, yes?) > >It seems to me one *should* be able to do what I was doing (i.e. only >assigning explicit "private" (i.e. no public) permissions/access to >all of my files/folders) without any serious side effects, but >apparently not. > >Could some kind soul out there help me to understand why *SOME* type >of "public" permissions set is [apparently] required by Cygwin? >(*nix?) > >Thanks.
I thought Pierre did a rather good (good? I mean excellent! ;-) ) job of explaining the issue with his last email to you on this subject: <http://cygwin.com/ml/cygwin/2004-08/msg00280.html> The key part is that 'setup.exe' is not a Cygwin program (it can't be) so it's largely bound by Windows security semantics. These don't map well into the Cygwin emulation of POSIX permissions. So, if neither you, nor standard groups, nor "Everyone" owns the file, there will be a mismatch of the permissions on the files and directories in the Windows view (ACLs) and the POSIX view (owner, group, world). As Pierre pointed out, POSIX tools like 'cp' only operate on POSIX permissions. If those are '---------', then you get no permissions on that copied file. So one solution is to do what you did. Make sure that 'Everyone' owns the files in the Windows ACL. You do that by creating the directory you want to install Cygwin to and setting the permissions, via Windows, before Cygwin installation, making sure to set the permissions so they are inherited. For the case of 'Everyone', that maps to the 'world'. Another alternative is to create a CYGWIN environment variable with 'nontsec' set before installation. That will make Cygwin use Windows ACLs, following those rules exclusively. If you're still having trouble understanding what's going on here, I suggest you read the NT security chapter of the User's Guide: <http://cygwin.com/cygwin-ug-net/ntsec.html> If you read it already, read it again. I'm serious. This is complicated stuff giving the partial mapping of ACLs to POSIX permissions. It takes some real thought to understand it all and it's limitations. Reading this more than once can make things click where they didn't before. When you get so you understand it, feel free to offer patches to make Cygwin and 'setup.exe' better in this area. You can save the next person who has tight permissions some trouble. :-) -- Larry Hall http://www.rfk.com RFK Partners, Inc. (508) 893-9779 - RFK Office 838 Washington Street (508) 893-9889 - FAX Holliston, MA 01746 -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
