Forcing Cygwin to create sane permissions on Windows

If you use Cygwin to mainly manipulate files in your regular Windows filesystem, under /cygdrive/…, you have probably seen this message more than a few times:

“The permissions on <node> are incorrectly ordered, which may cause some entries to be ineffective”

You have also likely seen “NULL SID” as the top entry in permission lists.

The Cygwin website has a page about filemodes, which explains why this happens.

In short, you have to edit /etc/fstab in Cygwin, and add “noacl” to the mount options for /cygdrive. Here is my /etc/fstab, for reference:

# /etc/fstab
#    This file is read once by the first process in a Cygwin process tree.
#    To pick up changes, restart all Cygwin processes.  For a description
#    see

# This is default anyway:
#none /cygdrive cygdrive binary,posix=0,user 0 0
none /cygdrive cygdrive binary,noacl,posix=0,user 0 0

After editing this option, you have to stop every single Cygwin process for it to take effect. The easy way out is to reboot your system.


  • Jon Storch says:

    I have found a side effect of this is cygwin does not recognize the the execute bit on a file after setting it as executable in ‘chmod +x [FILENAME]’. They also do not appear as executable in ‘ls’ nor do they complete when trying to run. It’s a little confusing.

    • bolt says:

      Interesting. Yes, you probably can’t use cygwin permissions outside of the native file system if you don’t allow cygwin to set its own permissions. That makes sense.

      You’d have to keep your executables in your home directory, or within the native cygwin file system. I always do that for my use cases, so I’ve never run into the issue, but thanks for the heads up!

  • SkyLeach says:

    If you do this then you’re going to have a great many problems with things like ssh or bind/w3c apps that depend on specific file permissions under POSIX/Linux.

    By default your best bet is to add ACL to the flags ASAP and then use the find command to set important permissions (ex: ~/.ssh /etc/passwd /etc/fstab)

    You’re also going to want to set the CYGWIN environment variable so that windows symlinks are used or else they will not work under windows: `CYGWIN=”winsymlinks:nativestrict”`

    • bolt says:

      It’s probably not a good idea to apply this to /
      Keep it within /cygdrive/c and the likes, and you won’t mess up fstab, passwd or ~/.ssh

      I thought that was kind of the point, but I see I never wrote it anywhere.

1 Trackback

Leave a Reply

Your email address will not be published. Required fields are marked *