On Feb 26 16:27, Bryan Berns wrote: > > You just have to enable the SeBackupName and SeRestoreName privs. > > Try in Cygwin. It does that automatically. > > > > For cases where you need to stick to the Windows ACLs, use noacl > > mounts. > > Understood --- I can probably set SeBackupPrivilege / > SeRestorePrivilege as 'RequiredPriveleges' for the services that > depend on the system account having access via the ACLs. Not being > used quite in the spirit of those privileges (i.e. for > backup/restore), but doable. We'll also have to revise our > permissions model on our network filers since before running 'chmod > 700' on a file wouldn't blow away our various administrative groups. > > Like I said originally, just wanted to verify it was desired behavior > and it sounds like it is. Thanks!
Having discussed this, I can understand that it may be desirable to skip the permissions of the SYSTEM account in these circumstances: - Computing the POSIX ACL mask and default mask value and thus in the permission mask as printed by `ls -l'. - Changing SYSTEM permissions when calling chmod, unless SYSTEM is the file's owning group. Changing this in the code is pretty straightforward. but I'm not willing to add another mount option for this behaviour. Either Cygwin ignores SYSTEM in the aforementioned circumstances or it doesn't. Crucial vote starting... now. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Maintainer cygwin AT cygwin DOT com Red Hat
pgpXZfoG8YirD.pgp
Description: PGP signature
