* fhandler.cc (fhandler_base::open): Accomodate query_write_control

query_state.
	(fhandler_base::fchown): New method.
	* fhandler.h: Declare fchown method in fhandler_base,
	fhandler_disk_file and fhandler_virtual.
	(enum query_state): Add query_write_control.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Set query_state
	to query_write_control.  Only remove FILE_ATTRIBUTE_READONLY if not
	setting security descriptor.
	(fhandler_disk_file::fchown): New method.
	* fhandler_virtual.cc (fhandler_virtual::fchown): New method.
	* sec_acl.cc (setacl): Call write_sd with additional handle attribute.
	* security.cc (write_sd): Take handle argument.  Only request owner
	if getting SE_RESTORE_NAME privilege failed.  Only open file if
	NtSetSecurityObject failed or handle is NULL.
	(set_nt_attribute): Call write_sd with additional handle attribute.
	* security.h (write_sd): Declare with additional handle argument.

winsup/cygwin/fhandler_disk_file.cc

@@ -377,14 +377,18 @@ fhandler_disk_file::fchmod (mode_t mode)
   if (pc.is_fs_special ())
     return chmod_device (pc, mode);
 
-  query_open (query_read_control);
-  if (!get_io_handle () && !(oret = open_fs (O_BINARY, 0)))
-    return -1;
+  if (!get_io_handle ())
+    {
+      query_open (query_write_control);
+      if (!(oret = open_fs (O_BINARY, 0)))
+	return -1;
+    }
 
-  SetFileAttributes (get_win32_name (), (DWORD) pc & ~FILE_ATTRIBUTE_READONLY);
+  if (!allow_ntsec && allow_ntea) /* Not necessary when manipulating SD. */
+    SetFileAttributes (pc, (DWORD) pc & ~FILE_ATTRIBUTE_READONLY);
   if (pc.isdir ())
     mode |= S_IFDIR;
-  if (!set_file_attribute (pc.has_acls (), get_io_handle (), get_win32_name (),
+  if (!set_file_attribute (pc.has_acls (), get_io_handle (), pc,
 			   ILLEGAL_UID, ILLEGAL_GID, mode)
       && allow_ntsec)
     res = 0;
@@ -410,6 +414,37 @@ fhandler_disk_file::fchmod (mode_t mode)
   return res;
 }
 
+int __stdcall
+fhandler_disk_file::fchown (__uid32_t uid, __gid32_t gid)
+{
+  int oret = 0;
+  if (!get_io_handle ())
+    {
+      query_open (query_write_control);
+      if (!(oret = open_fs (O_BINARY, 0)))
+	return -1;
+    }
+
+  mode_t attrib = 0;
+  if (pc.isdir ())
+    attrib |= S_IFDIR;
+  int res = get_file_attribute (pc.has_acls (), get_io_handle (), pc, &attrib);
+  if (!res)
+    res = set_file_attribute (pc.has_acls (), get_io_handle (), pc,
+			      uid, gid, attrib);
+  if (res && (!pc.has_acls () || !allow_ntsec))
+    {
+      /* fake - if not supported, pretend we're like win95
+         where it just works */
+      res = 0;
+    }
+
+  if (oret)
+    close_fs ();
+
+  return res;
+}
+
 fhandler_disk_file::fhandler_disk_file () :
   fhandler_base ()
 {