Fedora Linux Support Community & Resources Center

Go Back   FedoraForum.org > Fedora Resources > Guides & Solutions (No Questions)
FedoraForum Search

Forgot Password? Join Us!

Guides & Solutions (No Questions) Post your guides here (No links to Blogs accepted). You can also append your comments/questions to a guide, but don't start a new thread to ask a question. Use another forum for that.

Closed Thread
 
Thread Tools Search this Thread Display Modes
  #1  
Old 15th January 2005, 02:09 PM
kosmosik Offline
Registered User
 
Join Date: Apr 2004
Location: Warsaw, Poland
Age: 33
Posts: 1,085
Setting permissions for FAT (and NTFS) filesystems.

Preface

Note: Fedora ships kernels without NTFS support (due to licensing/legal problems). If you wish to use this filesystem you need to perform few additional steps (install kernel module for NTFS). This issue is fully covered so I won't elaborate on that. Please refer to this document prior to asking questions on this forum.

Lot of us use so called dual boot configurations. Meaning running Windows side by side with Linux. In those cases we wish to mount these filesystems under our Linux file tree - f.e. to share files between systems. The easier way to do it is to issue mount command (as root, of course all these commands require root access):

Code:
mkdir /tmp/fatfs
mount /dev/hda1 /tmp/fatfs
The problem
But doing so leaves us with few problems.
  • We must have root access to do it.
  • Files are mounted with strict permissions (only root can modify them).
  • We want to have control over who is allowed to access these files. It is a security measure. Since f.e. if we are running web server and this server gets hacked we don't want this hacked server to be able to delete files on our FS.
  • We want this FS to be mounted on boot time.
  • We want the files and directories to look nice when browsing them (permissions).
We can achieve some of these with scripts etc. but it is not a proper way. So I'll describe the proper way here.
Brief explanation of mount options for FAT/NTFS filesystems (and some hints)
Note:Look at mount manual ("man mount") to see more detailed description.

The options we will use are auto, rw, uid, gid, showexec, quiet, umask, fmask, dmask:
  • auto - means that filesystem will be mounted on boot time.
  • rw - this implies read/write access to filesystem.
  • uid - represents the user ID (numeric). Files will be present with this user as owner when the FS will be mounted. you probably wish set this to user root (uid 0).
  • gid - represents the group ID (numeric). Files will be present owned by this group when the FS will be mounted. You will probably wish to have separate group to control who can access filesystem. More info on that below.
  • showexec - makes the system to look after DOS/Windows executable files (EXE, COM... and directories) and sets them with exec file permission.
  • quiet - means the system will not output errors when we try to change file parameter on filesystem (obviously we can't do that since FAT does not supports that).
  • umask - represents reverted octal permissions that files will get upon mount. This is tricky because it is reverted. So if you want files to be 770 (mean files fully accesible to user stated in uid and group stated as gid options and not accessible by all/others. You must revert the values so it will be 007.
  • fmask - same as umask but only for files (not directories).
  • dmask - same as umask but only for directories. Note that directories must have exec permission so you can list them (you still can read files from directories which have read permission but you need to know full path to the file).
Note: the fmask and dmask options are present only in systems running kernel 2.6 - so if you are using Fedora Core 1 (newer versions run kernel 2.6) you need to use umask parameter.
Example

To illustrate this I'll show example of such usage.

First we need to create mountpoint (directory where filesystem will be mounted) let's say "/mnt/fat" (usually we state this upon install so it should be already present, in this document I assume that we are doing everything from scratch). Don't bother with this directory permissions - they will be changed on boot. And we assume our filesystem resides on "/dev/hda1".

Then we need to add a group that will be allowed to read/write files on our filesystem. Usualy it is good to have separate group for "better" users - with more controll, access to more commands etc. if you have such - use this group. To add group we use following command:
Code:
groupadd -g 500 fat
We just created group named "fat" with ID 500. Now we add our username to this group:
Code:
usermod -G fat me
("me" is my username, you need to do it with every user you wish to be able accessing this FS)

Now we edit /etc/fstab line about our filesystem (it may be already present):
Code:
/dev/hda1 /mnt/fat auto auto,rw,uid=0,gid=500,showexec,quiet,fmask=117,dmask=007 0 0
# This forum cripples the display a little.
# It should be without spaces in options section.

Some explanations: first "auto" means that filesystem type (f.e. vfat) will be autodetected. "0 0" are options for dump program. Probably few us use this program so I won't refer to that - just leave them as is. Other options are explained above.

What it does? It mounts our filesystem (/dev/hda1) in /mnt/fat mount point. Files are set with 660 permission (but EXE and similar get 770) and directories with 770 and are present with root owner and fat group. This means that root and members of fat group have full access to this filesystem. All other users can't even get into its directory. Also there are few neat fetures as mouting automagically on boot and supressing output messages (those can be annoying as some programs often try to modify permissions - f.e. editors and file managers).
Please post any comments on this forum. Also please correct if you find some faults (repost entire corrected article). Have fun with Linux. :]

Last edited by kosmosik; 15th January 2005 at 02:15 PM.
  #2  
Old 15th January 2005, 03:10 PM
AJB2K3 Offline
Registered User
 
Join Date: Jan 2005
Location: purgatory
Posts: 118
IM dumb cus bash says no such command as groupadd
  #3  
Old 15th January 2005, 03:17 PM
kosmosik Offline
Registered User
 
Join Date: Apr 2004
Location: Warsaw, Poland
Age: 33
Posts: 1,085
try /sbin/groupadd it is not in your PATH...
  #4  
Old 24th January 2005, 04:33 PM
fryem720 Offline
Registered User
 
Join Date: May 2004
Location: Union County, New Jersey
Posts: 114
I followed your directions to the letter, but when my computer boots up I get a message saying that sda1 and sda2 (the two partitions on my external HD that I want to mount) are not valid block devices. Any suggestions?
__________________
FC5 HP Pavilion a747c desktop pc
Intel(R) Pentium(R) 4 CPU 2.80GHz (HT)
512MB RAM
82915G/GV/910GL Express Chipset Family Graphics Controller
82801FB/FBM/FR/FW/FRW (ICH6 Family) High Definition Audio Controller [Card: HDA Intel ][Chip: Realtek ALC880]

Registered Linux User #379760
  #5  
Old 31st January 2005, 03:47 PM
avfx Offline
Registered User
 
Join Date: Jan 2005
Posts: 2
didn't work for me. I could only access the drive as root, but not as user. any idea?
  #6  
Old 31st January 2005, 07:40 PM
avfx Offline
Registered User
 
Join Date: Jan 2005
Posts: 2
solved. thanks anyways
  #7  
Old 20th February 2005, 11:18 PM
fryem720 Offline
Registered User
 
Join Date: May 2004
Location: Union County, New Jersey
Posts: 114
Found my answer on another forum. My usb modules weren't yet loaded when fstab tried to mount the usb hard drive. The solution was to add the following entries to /etc/rc.local -

Code:

mount /mnt/fat1
mount /mnt/fat2

End of Code

Now both partitions on my external hd are automatically mounted and ready to go by the time my logon is complete.

Linux works. Even for a dummy like me.
__________________
FC5 HP Pavilion a747c desktop pc
Intel(R) Pentium(R) 4 CPU 2.80GHz (HT)
512MB RAM
82915G/GV/910GL Express Chipset Family Graphics Controller
82801FB/FBM/FR/FW/FRW (ICH6 Family) High Definition Audio Controller [Card: HDA Intel ][Chip: Realtek ALC880]

Registered Linux User #379760
  #8  
Old 20th August 2006, 12:19 PM
electron1948 Offline
Registered User
 
Join Date: Sep 2005
Location: Surrey, England
Age: 66
Posts: 30
Hi, I tried:

groupadd -g 500 fat

All I got was:

groupadd: GID 500 is not unique

A newbie running FC5
__________________
Bob Fearnley (electron1948), Linux newbie. Southern England.
ASUS A7N8X deluxe @ 2.8GHz, 1G RAM, FC5 on 80G IDE, XP on 120G SATA RAID, Dual monitor and lots of other stuff.
  #9  
Old 25th August 2006, 08:45 PM
sturmkim Offline
Registered User
 
Join Date: Aug 2006
Posts: 19
help helpless newbie on this ...

OK./.. i try to follow your direction..
now this is what i got so far..

my `mount` says

/dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/sda1 on /boot type ext3 (rw)
tmpfs on /dev/shm type tmpfs (rw)
/dev/hda1 on /mnt/windowXP type ntfs (rw,umask=0000)
/dev/sdb1 on /mnt/HDD_two type vfat (rw,showexec,uid=501,umask=000)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
automount(pid1952) on /net type autofs (rw,fd=4,pgrp=1952,minproto=2,maxproto=4)
/dev/sdc1 on /media/REFDISK type vfat (rw,noexec,nosuid,nodev,shortname=winnt,ui d=501)
/dev/sdb1 on /media/HDD_two type vfat (rw)


as seen above.
REFDISK(external hdd connect with usb) is working fine.
I want make a same option to sdb1 drive...(rw,noexec,nosuid,nodev,shortname=winnt,ui d=501) like this,.
Could somebody point out how to do it??

Last edited by Demz; 11th September 2008 at 07:31 AM.
Closed Thread

Tags
fat, filesystems, ntfs, permissions, setting

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
NTFS Permissions Belderan Hardware & Laptops 7 21st August 2006 01:12 PM
ntfs permissions tankcntdrv55 Hardware & Laptops 8 14th January 2006 10:21 PM
NTFS Permissions sucafish Using Fedora 1 27th July 2005 10:42 PM
NTFS Permissions in FC2 mustangfanatic EOL (End Of Life) Versions 4 16th October 2004 10:12 AM
Setting NTFS Hard Drive Permissions yuiol Using Fedora 9 29th August 2004 05:33 PM


Current GMT-time: 14:08 (Sunday, 21-09-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat