That's what I get for digging up a man page. I misread the mode requirement as calling for open(3) vs using the status flags in open(2). It did seem unlikely that it would be working so universally if that were the case.
To Aaron's original question to get permissions other than 600: changing the flags in recording.c and recompiling guacd should give you whatever permissions you're looking for. Alternatively, Docker on Windows is much more generous with default permissions, at least in a shared volume mounted inside the container. -Ryan Sent from my Android phone using TouchDown (www.symantec.com) -----Original Message----- From: Mike Jumper [mike.jum...@guac-dev.org] Received: Tuesday, 16 Jan 2018, 12:02AM To: user@guacamole.apache.org [user@guacamole.apache.org] Subject: Re: Permissions on screen capture recordings On Mon, Jan 15, 2018 at 11:59 AM, Ryan Underwood <r...@greymarketlabs.com<mailto:r...@greymarketlabs.com>> wrote: Aaron and Mike, This may be an issue in the source for recording.c (line 83 and again for the naming retries): /* Attempt to open recording */ int fd = open(basename, O_CREAT | O_EXCL | O_WRONLY, S_IRUSR | S_IWUSR); man(2) for open states that if you use O_CREAT you must supply the mode parameter which will set the permissions. However, the fd that is returned may still work as a r/w—so the program functions but the permissions may not be correct. For reference: http://man7.org/linux/man-pages/man2/open.2.html Perhaps this should be changed to open(3) with the intended mode_t supplied. I hesitate to even suggest this because I would have expected it to be a problem for more people if it’s actually the case. The mode is specified there, actually. Things probably blur together a bit, but there are indeed three parameters there. That last parameter, S_IRUSR | S_IWUSR, is the symbolic way to represent mode 0600. Using docker on windows they get created as rwxr-xr-x but that is a docker/windows concern (I think) so I’m unable to reproduce this behavior. My suspicion is that Windows is ignoring the specified value, that the underlying filesystem doesn't support UNIX-style file permissions, or that something else at the system level is overriding things back to 0755. - Mike
