Change NTFS partition files permission (make them not executing)

naive2021 · February 18, 2023, 2:09pm

OS: openSUSE Leap 15.4
cinnamon version: 4.6.7
kernal: 5.14.21-150400.24.46-default

I have an NTFS partition all files on it auto set to “Allow executing file as program”, and even if if try change the permission manual (using right click - properties - permission - uncheck) it back again in same second.

next are my hard disk partitions:

is there’s way to change the permission of all files on the NTFS partition to NOT executing and any files add in the feature?

please note
1- there’s data stored on the partition, so i search for non destructive method.
2- the partition mount manually (need click on it to mount it), am OK with that and want keep as it. just mention in case it help.
thanks in advance

hcvv · February 18, 2023, 2:17pm

As NTFS has no concept of permissions, you can not change them with e.g. chmod (or desktop equivalents). What you see are fake permissions and they are created at the mount.

So, it is important to know how you did the mounting, because that is the place where you can change this.

Please show your /etc/fstab entry for this file system.

arvidjaar · February 18, 2023, 2:26pm

No, there is not. UNIX permissions on NTFS are emulated, you cannot store them. You can use fmask=111 mount option to mask executable bit though.

naive2021 · February 18, 2023, 4:11pm

UUID=65s58492-e390-4e20-9ed7-ff7768a0c801  /      ext4  defaults      0  1
UUID=c615ab08-2a61-43da-9f7f-1c8584bbc33c  /home  ext4  data=ordered  0  2
UUID=1fe2584c-5054-4baf-8870-dd5843f306ec  swap   swap  defaults      0  0
UUID=b858485f-7acd-4062-a70c-939585842145  /boot  ext4  data=ordered  0  2

naive2021 · February 18, 2023, 4:22pm

What you see are fake permissions
when try open text file from ntfs partitions it ask me if i want run it in terminal or just display it. so i afraid if i run some video (or any other file) that come with embed command (shall, virus, etc) it effect the system. when you say “fake permissions”, is that mean it can not infect the OS?

hcvv · February 18, 2023, 4:32pm

naive2021:

UUID=65s58492-e390-4e20-9ed7-ff7768a0c801  /      ext4  defaults      0  1
UUID=c615ab08-2a61-43da-9f7f-1c8584bbc33c  /home  ext4  data=ordered  0  2
UUID=1fe2584c-5054-4baf-8870-dd5843f306ec  swap   swap  defaults      0  0
UUID=b858485f-7acd-4062-a70c-939585842145  /boot  ext4  data=ordered  0  2

Please always include the line with the prompt and the command. Not only the output. We should also see what you did, not only what you got.
Now I assume that thi is the complete and unabridged contents of your /etc/fstab.
There is no entry for your NTFS file sytem. Thus I assume that it is mounted through the desktop. That wonders me a bit, because my impression is that mounting through the desktop is always done without execute permission.

So please let us start from the beginning. How is it mounted:
mount -a

Andshow us at least the ownership and permissions of one of the files in there:
ls -l <path to a file>
where you should replace of course by the name of a file within the NTFS file system (e.g. one of those videos?)

hcvv · February 18, 2023, 4:36pm

I also tried to interpret that awfull picture in your first post above.

It looks that you mean with the NTFS file system, one that is on partition sda7 of your disk.
It also looks that you have only openSUSE on the system. Then why that NTFS file system???

hcvv · February 18, 2023, 4:40pm

What do you mean with that. When it is a text file, you can e.g. list it with cat or vim or whatever text tool/program.

Or, when you are in a desktop environment, you can open it with any text editor, etc. of your desktop.

“Try open” is a vague statement, You must always tell exactly what you do. Do not assume that others have the same workflow as you have.

naive2021 · February 18, 2023, 6:14pm

1- i use >nano /etc/fstab
2- i run the nano command twice, one before mount the NTFS and other after mount it. and it give same above results.
3- >mount -a did not return any results and the NTFS did not mount (i run it without and with sudo).
4- >

ls -l /run/media/noha/data
total 445732
drwxrwxrwx 1 noha users     4096 Jan 25 18:34 audio
-rwxrwxrwx 1 noha users    73408 Nov 27 12:17 3169.jpg
-rwxrwxrwx 1 noha users    32615 Sep 21 21:17 testcode.pdf
-rwxrwxrwx 1 noha users        0 Feb 18 18:16 Document.txt

naive2021 · February 18, 2023, 6:27pm

1- when i click on the image it pop up and be more bigger and clear, i upload it with 1168*337 pixels.
2- yes the NTFS partitions called data and it’s sda7.
3- yes i use only opensuse. i use NTFS partitions for storing data, that do not need it in current time. also it’s very rear find one use linux in my country (in my area all use win.) so in case some problem happens and need restore the data from the hard the ntfs can read on my friends windows devices.

naive2021 · February 18, 2023, 6:32pm

1- open it using double click (in a desktop environment), using “gedit”.

hcvv · February 18, 2023, 6:44pm

Better use then
cat /etc/fstab
that is the most simple command to list a text file.
There is no use to do that twice. mounting something may look into the fstab, but it does not change anything there. And how did you mount it? Again, do not assume that just telling stories is clear enough. We need exact commands, or other descriptions.
Sorry, my fault. That mount command should have been just
mount
without the -a option.
Again sorry, but I am still interested in it. It will show the mount options used.
I see you indeed have x bits on the normal files. Which BTW does not do much when they are not real executables like JPEG images, PDF documents, etc.

Again, the exact way of mounting and what options used may tell us why you have those x-bits.

================

And I do not quite understand your fear of “executing videos”. A program may read the video and show it in a window on your screen. That is it.

==================

And about the “fake” or “emulated” permissions. As NTFS is NOT LInux and does not have the ownership (by user and group) and the permission bits that Linux needs, the software designed to nevertheless let Linux use these non-Linux file system, simulates, emulates, fakes those. But they are not on the file system in reality. And thus you can not change them.
And how they are faked (in your case with user noha, group users and permisions 777) is done with the mount options. That is why we are trying to find out which ones are used and where.

======================

Try to avoid using non-Linux file system as much as possible (you see the problems now). Only use them for direct exchange with non-Linux operating systems.
My advice is thus: you can put a video on it to exchange with a friend that uses a MS system. Or the other way around. But never use the video from the non-Linux file system to play it. Or do not edit documents there. You should do that when they are on your Linux system. After all you (at least partly) have Linux because of security. Do not throw that away by using non-Linux file systems for day to day work.

naive2021 · February 18, 2023, 7:23pm

1- i use nemo file manager, it come with cinnamon environment.
2- i click on nemo short cut(in menu or panel), when open find in the left side places"main folders", the NFTS, and any attached device (flash memory). i click on the NFTS partition then small windows appear"popup" ask enter password for root. when write it the NFTS mounted “open and can browse inside”.

naive2021 · February 18, 2023, 7:24pm

> mount
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
devtmpfs on /dev type devtmpfs (rw,nosuid,size=4096k,nr_inodes=1048576,mode=755,inode64)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,inode64)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,size=1598116k,nr_inodes=819200,mode=755,inode64)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,size=4096k,nr_inodes=1024,mode=755,inode64)
cgroup2 on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
none on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)
cgroup on /sys/fs/cgroup/misc type cgroup (rw,nosuid,nodev,noexec,relatime,misc)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/rdma type cgroup (rw,nosuid,nodev,noexec,relatime,rdma)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
/dev/sda2 on / type ext4 (rw,relatime)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=30,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=15551)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,pagesize=2M)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime)
tracefs on /sys/kernel/tracing type tracefs (rw,nosuid,nodev,noexec,relatime)
fusectl on /sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatime)
configfs on /sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime)
/dev/sda1 on /boot type ext4 (rw,relatime,data=ordered)
/dev/sda6 on /home type ext4 (rw,relatime,data=ordered)
tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=799056k,nr_inodes=199764,mode=700,uid=1000,gid=100,inode64)
gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)
tracefs on /sys/kernel/debug/tracing type tracefs (rw,nosuid,nodev,noexec,relatime)
portal on /run/user/1000/doc type fuse.portal (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)

hcvv · February 18, 2023, 7:59pm

These are the options used. So there is no option to mask the x-bits.

I am used to KDE and that will not set the x-bits (I do seldom mount a USB stick with a non-Linux file system, but that is what I remember).

Also, I find it strange that you have to enter the root password. As end-user, you should not know that (and when you happen to be the same human as the system manager, you should at least do as if you do not know that). Maybe a Cinnamon trick.

Maybe someone with Cinnamon knowledge can help you. Or create an entry in /etc/fstab with the correct option.

But you should not worry to much. As long as there are no Linux executable files there (and it seems that you have only all sorts of documents, images and videos) nothing will be executed, because there isn’t.

hcvv · February 18, 2023, 8:08pm

When this is about gvfsd-fuse, that would be the option to use. But I do not know where that is to be put with gvfsd.

naive2021 · February 19, 2023, 2:30am

many thanks for you
1- when i run “mount command” last time the NFTS was not mounted.
2- when i run the command again after manually mount the NFTS, it give extra line of information about /dev/sda7 (it’s the last line in next code).
3- as there’s no reason to worry too much am ok, i just add this update in case this line continue valuable information could help understand and learn more.

again many thanks for you

>mount
tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=799056k,nr_inodes=199764,mode=700,uid=1000,gid=100,inode64)
gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)
tracefs on /sys/kernel/debug/tracing type tracefs (rw,nosuid,nodev,noexec,relatime)
portal on /run/user/1000/doc type fuse.portal (rw,nosuid,nodev,relatime,user_id=1000,group_id=100)

/dev/sda7 on /run/media/noha/data type fuseblk (rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other,blksize=4096,uhelper=udisks2)

arvidjaar · February 19, 2023, 5:48am

It is about ntfs-3g.

hcvv · February 19, 2023, 10:31am

It is now mounted different, with a different NTFS handler and now the owner is root:root (and thus not 1000:100 (noha:users) and the permissions may be different because of default_permissions, of which I do not know what they are (but you can check for yourself).

And I can only repeat: do not tell stories like “after manual mount”, always SHOW the command you use.
When you do not use this as a general rule in future posts on future questions, there will be a lot of time and energy consuming asking aigain and again, but people may simply stop reading your posts because the get tired of reading no real information.

naive2021 · February 19, 2023, 11:54pm

i really appreciate your help, many thanks.