Microsoft KB Archive/246427

From BetaArchive Wiki
Knowledge Base


System Administration - Using the chown Command with INTERIX and Microsoft Windows NT

Article ID: 246427

Article Last Modified on 10/30/2006



APPLIES TO

  • Microsoft Interix 2.2 Standard Edition
  • Microsoft Interix 2.2 Standard Edition
  • Microsoft Interix 2.2 Standard Edition
  • Microsoft Interix 2.2 Standard Edition



This article was previously published under Q246427

SUMMARY

This article describes use of the chown command with INTERIX and Microsoft Windows NT.

MORE INFORMATION

Using the chown command is an area where the Microsoft Windows NT security model conflicts with traditional behavior. First of all, it is not possible to give the ownership of a file away, due to Windows NT security restrictions. If your username is "terry" and you want to transfer ownership of a file to "jim", you cannot do so in the following way:

$ chown jim filename

However, a user can take ownership of a file, under certain circumstances.

Windows NT includes a special permission called Take Ownership. A user with that permission for the file can take ownership of the file.

You can use the Cacls.exe program to set Full Control permission (which includes Take Ownership) on a file you own. Assuming you have set the cacls command to be an alias or link for Cacls.exe, you can edit the Access Control List (ACL) for the file or directory to include an access control entry for the user you want to take ownership of the file.

Edit the permission list on the file, adding Full Control for the other user. Because this is actually a Win32 program, the command uses Win32 syntax to separate the domain and username; in this example, we have escaped the backslash with another backslash:

$ cacls filename /e /g DEV\\terry:f

The /e option causes Cacls.exe to edit the ACL rather than replacing it with a single entry for "terry"; the /g grants terry the Full Control permission. Once that permission is set, the owner-to-be ("terry" in this example) can use the chown command to take possession of the file:

$ chown terry filename

NOTE: The INTERIX chmod command removes the extra access control entries from the ACL. In this case, if terry runs the chmod command on the file before taking ownership with chown, he removes his permission to take ownership.

For additional information, see http://www.interix.com/.

Keywords: kbinfo KB246427