通过 Cygwin(调用 shell 脚本)创建的文件没有正确的 Windows 权限
我目前正在目标 Windows Server 2003 计算机上运行 Cygwin,以启动 shell 脚本,该脚本除其他外,还会在光盘上创建一堆文件。但是,创建文件后,我不再有通过 Windows 操作它们的权限。
创建文件时,所有者将设置为“系统”,并且管理员/创建者组/创建者所有者/系统的权限仅设置为“特殊权限”,没有其他权限。 每个人和用户的权限都具有读取和读取权限。执行、列出文件夹内容并读取。
我的问题是我现在无法通过 Windows 删除/修改文件。我希望在我的脚本中内置一些内容(shell 脚本或在 Cygwin 中调用的内容),以允许管理员完全控制文件夹和所有内容。
我当前的解决方法是通过 Cygwin 进行文件修改,但这并不可取。我还使用 setfacl -r -m default:other:rwx 为“用户”组添加写入权限,但它似乎没有递归选项,并且仍然没有给出“完整” 有没有
更好的方法来使用setfacl?我可以使用不同/提升的权限调用 shell 脚本吗?
新创建的目录上的 getfacl 结果:
$ getfacl Directory/
# file: Directory/
# owner: SYSTEM
# group: root
user::rwx
group::r-x
group:Users:rwx
mask:rwx
other:r-x
default:user::rwx
default:group::r-x
default:group:Users:rwx
default:mask:rwx
default:other:r-x
I am currently running Cygwin on a target Windows Server 2003 machine to fire off a shell script that, among other things, creates a bunch of files on disc. However after the files are created I no longer have permissions to manipulate them through Windows.
When the files are created the owner is getting set to 'SYSTEM' and the permissions for Administrators/Creator Group/Creator Owner/system are set to only 'special permissions' and nothing else.
The permissions for Everyone and Users have Read & Execute, List folder contents and Read.
My problem is that I cannot delete/modify the files now through Windows. I would prefer to have something built into my scripts (either the shell script or something to call in Cygwin) that would allow Administrators full control on the folder and all contents.
My current workaround has been to either do file modifications through Cygwin but this is not preferable. I have also used setfacl -r -m default:other:rwx to add write permissions for the 'Users' group but it doesn't appear to have a recursive option and still doesn't give 'full control'
Is there a better way to use setfacl? Can I call the shell script using different/elevated permissions?
Results of getfacl on a newly created directory:
$ getfacl Directory/
# file: Directory/
# owner: SYSTEM
# group: root
user::rwx
group::r-x
group:Users:rwx
mask:rwx
other:r-x
default:user::rwx
default:group::r-x
default:group:Users:rwx
default:mask:rwx
default:other:r-x
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您可以尝试设置 umask:
这应该为用户、组和其他人提供对任何新创建的目录的读/写/执行权限。
如果您只想永久修改
umask,则可以将其添加到您的.bash_profile编辑 - 在之前/之后添加 mkdir 的示例umask。
这是在设置
umask之前创建的目录上getfacl的输出:这是在创建的目录上
getfacl的输出我设置后umask:You can try setting
umask:That should give user, group, and other read/write/execute on any newly created dirs.
If you only want the modified
umaskpermanently, you can add it to your.bash_profileEdit - Added example of mkdir before/after umask.
Here's the output of
getfaclon a directory created before I setumask:Here's the output of
getfaclon a directory created after I setumask: