This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

NTFS permissons bug?


I'm having a problem with openssh on cygwin. When I'm logged into windows, things are fine, even in a cygwin64 window:

dbeusee2@lan /e
$ cd ppscvsroot/

dbeusee2@lan /e/ppscvsroot
$ id
uid=1049863(dbeusee2) gid=1049089(Domain Users) groups=1049089(Domain Users),545(Users),4(INTERACTIVE),66049(CONSOLE LOGON),11(Authenticated Users),15(This Organization),66048(LOCAL),1050040(vpn-demo),1050138(CVS-PPS users),1049743(PPUser),1050137(CVS Users),1049741(Sharepoint AllUsers),401408(Medium Mandatory Level)

dbeusee2@lan /e/ppscvsroot
$ getfacl /e/ppscvsroot/
# file: /e/ppscvsroot/
# owner: Administrators
# group: Domain Users <--------- where is this coming from? I have removed this from the permissions! Is this cached somewhere?
user::rwx
group::---
group:SYSTEM:rwx
group:CVS-PPS users:rwx
mask:rwx
other:---
default:user::rwx
default:group::---
default:group:SYSTEM:rwx
default:group:CVS-PPS users:rwx
default:mask:rwx
default:other:---


dbeusee2@lan /e/ppscvsroot
$ ls -ld /e/ppscvsroot/
drwxrwx---+ 1 Administrators Domain Users 0 Mar  9 19:02 /e/ppscvsroot/

dbeusee2@lan /e/ppscvsroot
$


But when I ssh into it, things are not fine:

dbeusee@pp165 ~/.ssh
$ ssh dbeusee2@lan
Last login: Thu Mar  9 20:30:05 2017 from 192.168.104.74

dbeusee2@lan ~
$ id
uid=1049863(dbeusee2) gid=1049089(Domain Users) groups=1049089(Domain Users),11(Authenticated Users),66048(LOCAL),66049(CONSOLE LOGON),4(INTERACTIVE),15(This Organization),545(Users),1050040(vpn-demo),1049743(PPUser),1050137(CVS Users),1049741(Sharepoint AllUsers),401408(Medium Mandatory Level)

dbeusee2@lan ~
$ cd /e/ppscvsroot/
-bash: cd: /e/ppscvsroot/: Permission denied

dbeusee2@lan ~
$ ls -ld /e/ppscvsroot/
drwxr-x--- 1 Unknown+User Unknown+Group 0 Mar  9 19:02 /e/ppscvsroot/

dbeusee2@lan ~
$

I noticed in the "id" output in the problem ssh session, this group is missing: "1050138(CVS-PPS users)". Could this be the reason? Is sshd not doing group recursion? The dbeusee2 username is a member of CVS Users, which has access to more CVS repositories than CVS-PPS Users.

And what's up with the Unknown+User and Unknown+Group in the ssh session's ls command output?

This system (lan) is running WS 2016 STD. CVS Users group is a member of CVS-PPS group in AD (WS Enterprise 2003 R2). The ppscvsroot folder is given access to CVS-PPS Users group. Domain Users used to be granted to ppscvsroot, but I removed that so that CVS-PPS Users would control the access. Why am I not able to access the folder from the ssh session?

How do I solve this problem?

Version of OpenSSH (from cygwin) is:

dbeusee2@lan ~
$ ssh -V
OpenSSH_7.4p1, OpenSSL 1.0.2k  26 Jan 2017

Version of cygwin:

dbeusee2@lan ~
$ uname -a
CYGWIN_NT-10.0 lan 2.7.0(0.306/5/3) 2017-02-12 13:18 x86_64 Cygwin

Please advise.

-Don




--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]