[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#29455: backup-by-copying ACL Operation not permitted with Windows 7

From: Shuguang Sun
Subject: bug#29455: backup-by-copying ACL Operation not permitted with Windows 7 and Samba
Date: Tue, 28 Nov 2017 23:23:34 +0800

(set-file-acl "subtitle.txt" "O:S-1-5-21-1213861250-xx-xx-207145G:DUD:P(A;;0x1e01ff;;;S-1-22-1-79077)(A;;FR;;;S-1-22-2-108)(A;;FR;;;WD)")
return t.
It changes the group or user of the file subtitle.txt, and keep only "Everyone" (read), "S-1-22-1-79077"(r+w+x), and "S-1-22-2-108" (read). The Windows doesn't know "S-1-22-1-79077", and "S-1-22-2-108" which comes from the mapped network drive (users or groups in ther linux server).
The user, me, can't modify the file (permission denied).

On Tue, Nov 28, 2017 at 6:43 PM, Shuguang Sun <shuguang@gmail.com> wrote:

On Mon, Nov 27, 2017 at 11:52 PM, Eli Zaretskii <eliz@gnu.org> wrote:
> From: Shuguang Sun <shuguang@gmail.com>
> Date: Mon, 27 Nov 2017 14:29:18 +0800
> Cc: 29455@debbugs.gnu.org
> The debug-on-error is set to t. If setq it to nil, it just raise and error warning, and will not stop backup.

May I ask why do you have it set to t?  The default is nil, and for a
good reason.

> The ACE for a local file looks like:
> "O:S-1-5-21-1213861250-xx-xx-207145G:DUD:AI(A;ID;FA;;;SY)(A;ID;FA;;;BA)
> (A;ID;FA;;;S-1-5-21-1213861250-xx-xx-207145)(A;ID;FA;;;LA)"
> (xx masks some numbers)
> (S-1-5-21 is SECURITY_NT_NON_UNIQUE, SIDS are not unique.)

Thanks, but that's not what I asked.  I asked you to create a local
file (which I call "SOME-FILE" below, replace that with the actual
name of the file), and then type this inside Emacs:

  M-: (set-file-acl "SOME-FILE" "O:S-1-22-1-79077G:S-1-22-2-108D:P(A;;0x1e01ff;;;S-1-22-1-79077)(A;;FR;;;S-1-22-2-108)(A;;FR;;;WD)") RET

It raises the same error message:
(file-error "Setting ACL" "Operation not permitted" "c:/Users/username/Documents/base/subtitle.txt")

eval: Setting ACL: Operation not permitted, c:/Users/username/HOME/.emacs.d/autosave/.bashrc.~1~

(set-file-acl "subtitle.txt" "O:S-1-22-1-79077G:S-1-22-2-108D:AI(A;ID;FA;;;SY)(A;ID;FA;;;BA)(A;ID;FA;;;S-1-5-21-1213861250-xx-207145)(A;ID;FA;;;LA)")
returns nil
In this case, "O:S-1-22-1-79077G:S-1-22-2-108" is from DACL in network drive; "D:AI(A;ID;FA;;;SY)(A;ID;FA;;;BA)(A;ID;FA;;;S-1-5-21-1213861250-xx-207145)(A;ID;FA;;;LA)" is from local drive where I have full read/write access.


(This is one long line.)  Then tell me if this succeeded or signaled
an error.

If the above succeeds for an arbitrary file, then please try the same
for a file under the c:/Users/username/HOME/.emacs.d/ directory, maybe
the problem is with the permissions of that directory.

The "Operation not permitted" error seems to indicate that your user
is unable to acquire the privileges needed for setting the DACL of a
file on your local disk.  Or it could mean some other problem.  The
above test might give a hint about the reason for the failure.

> I searched online and find that O:S-1-22 is a unix/linux mapped to windows by samba. And actually in my
> situation is that I have files in a linux server, and mapped it as network driver in Windows 7 (maybe by
> Samba). All such kind of files (what I can edit) have ACL/SDDL O:S-1-22-1-79077G:S-1-22-2-108D:P
> (A;;0x1e01ff;;;S-1-22-1-79077)(A;;FR;;;S-1-22-2-108)(A;;FR;;;WD).

I don't think this is related to the networked drive, because the
failure happens when Emacs tries to set the DACL of the backup file,
which is stored on your local disk drive.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]