On 2023-04-07 14:36, Thomas Schweikle via Cygwin wrote:
How can C:\cygwin ACL be fixed after a backup/restore (file by file, not image).
The program seems to force canonical ACL while restoring.
How do i get back ACL as they are right after installing cygwin?
Docs did not help here. They discussed Windows-ACL to POSIX-ACL or simple
rwxrwxrwx POSIX rights used on most *nix machines, but at no point where
concrete ACL shown as they are supposed to be applied to the installed C:\cygwin
tree.
Any idea? Any script? Any existing command to recreate recommended ACLs?
For the Cygwin root directory, normal u+rwx,go+rx perms are sufficient.
For other Cygwin files where perms are significant, you should use Cygwin
backup/restore utilities e.g. rsync, tar, cpio, etc.
Without some image of Cygwin ACLs, you can not restore them as they were, as in
the setfacl(1) example:
$ getfacl source_file | setfacl -f - target_file
or an equivalent en masse.
For user created files and scripts, use relevant normal permissions.
For installed files, if you have a complete and current package cache directory,
you can compare the installation to the latest archive of each package under
<MIRROR>/{x86_64,noarch}/release/ looping thru:
tar -d -C / -f
<MIRROR>/{x86_64,noarch}/release/<PKG>/.../...-<VER>-<REL>.tar.*z*
e.g.
$ tar -d -C / -f ~/mirror/x86_64/release/bash/bash-4.4.12-3.tar.xz
/bin/tar: etc/postinstall/bash.sh: Warning: Cannot stat: No such file or
directory
usr/bin/bash.exe: Uid differs
usr/bin/bash.exe: Gid differs
usr/bin/bashbug: Mode differs
usr/bin/bashbug: Uid differs
usr/bin/sh.exe: Not linked to usr/bin/bash.exe
usr/include/bash/alias.h: Uid differs
...
which is very verbose, or do your own perms comparison vs the outputs from
looping thru:
tar -tv -C / -f
<MIRROR>/{x86_64,noarch}/release/<PKG>/.../...-<VER>-<REL>.tar.*z*
(*always remembering that all Cygwin installation tar file paths are relative to
the Cygwin root directory / and need adjusted for use*) sort and group the files
and directories which differ by tar permissions, and feed the lists of files and
directories in a loop to e.g.:
/bin/xargs -P `nproc` -a <PERMS>.lst /bin/chmod <PERMS>
to safely batch and parallelize the changes, or background each <PERMS> command
in the loop:
/bin/xargs -a <PERMS>.lst /bin/chmod <PERMS> &
to parallelize the workload.
The Windows directory cache will buffer the changes, and it might be good to:
$ sync -f /usr /etc
to flush updates to disk: the second arg, if to the same file system, may have
to wait until the first has completed, unless the command detects that.
--
Take care. Thanks, Brian Inglis Calgary, Alberta, Canada
La perfection est atteinte Perfection is achieved
non pas lorsqu'il n'y a plus rien à ajouter not when there is no more to add
mais lorsqu'il n'y a plus rien à retirer but when there is no more to cut
-- Antoine de Saint-Exupéry
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
