Let's consider the following scenario: [--- cut ---] C:\Work\test-facl>setfacl -s u::rwx,g::rwx,m:rwx,o:rwx .
C:\Work\test-facl>getfacl . # file: . # owner: Administrators # group: None user::rwx group::rwx mask:rwx other:rwx C:\Work\test-facl>setfacl -m d:u::rwx,d:g::rwx,d:m:rwx,d:o:rwx . C:\Work\test-facl>getfacl . # file: . # owner: Administrators # group: None user::rwx group::rwx mask:rwx other:--- default:user::rwx default:group::rwx default:other:rwx [--- cut ---] Note the "other" entry access rights! I think the problem is the following: second setfacl should analyse existing ACE's AceFlags and decide if it has to modify the existing ACE (if INHERIT_ONLY_ACE is set) or add the new one. It seems that it does not do that (although I did not look into the sources). So the Everyone's ACE (other: entry) is replaced with INHERIT_ONLY_ACE (default:other entry) which effectively prohibits any access. BTW, setfacl -s u::rwx,g::rwx,m:rwx,o:rwx,d:u::rwx,d:g::rwx,d:m:rwx,d:o:rwx . leads just to the same result (no access to the directory for "other" group) If my analysis is correct, could you fix this? - Dmitry Bely -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/