NTFS partitions and read write access

Herve49 · May 18, 2015, 4:57pm

Hello

I’m not sure if this question has his place in this section, but …

I have created 2 NTFS partitions to have my documents, videos, musics, … if i’m on Win7 or Opensuse, or …

Mounting the NTFS partitions is OK, but the user (me) can only read, not write any thing, not create anything on it.
I can’t change the permissions on these : root:users.
Have used the command line chown -R me:me /Documents and the same for /Sauvegarde

NTFS-3G is installed.
In mtab, the access is defined by RW and allows_other. That’s correct. But why give me the system not the access to write ?

Perhaps is one thing not clear for me ?

I had think if the files or directories are on a NTFS partition, the permissions in Dolphin (or with ls -al) are always root:root

If you have an idea that give me the possibility to create and modify files and directories, that will be fine

Thanks in advance

Herve49

I_A · May 18, 2015, 5:14pm

I believe the current kernel has full read/write ntfs capabilities (I have created/deleted files on a win7 partition)
if you are on 7 make sure hibernation is off and windows is properly shut down.
external partitions always need root access, how are you mounting them with dolphin or the mount command, try and open partitions with dolphin and after you give the root password you will be able to create files there.

edit as ntfs is not a native Linux file system the permissions will always be set for root, the only way around it is to use ext2/3/4 xfs or btrfs

Herve49 · May 18, 2015, 5:20pm

If we must give the root password at each time i access the NTFS partition, it’s not very usefull but …

On another distro, no root password must be given for this.

Very thanks

Herve49

I_A · May 18, 2015, 5:27pm

there are ways around it, this is the one I use
create the file 10-udisks2.rules
kdesu kate /etc/polkit-1/rules.d/10-udisks2.rules
paste this text into it

// See the polkit(8) man page for more information
// about configuring polkit.

// Allow udisks2 to mount devices without authentication
// for users in the "storage" group.
polkit.addRule(function(action, subject) {
    if ((action.id == "org.freedesktop.udisks2.filesystem-mount-system" ||
         action.id == "org.freedesktop.udisks2.filesystem-mount") &&
    subject.isInGroup("storage")) {
        return polkit.Result.YES;
    }
});

save it
with yast create storage user group and add your self to it

I_A · May 18, 2015, 5:31pm

I really don’t know what is that other distro that alows ordinary users root access, but the above works, and by creating a new user group **storage **not everyone can get root access to ntfs partitions

gogalthorp · May 18, 2015, 5:44pm

Note that if a NTFS system is corrupt or not been shutdown properly it should not be writable.

Also you can add user to the the mount in fstab to allow user writing. .

Herve49 · May 18, 2015, 6:15pm

Noted your advices and will apply your recommandations.

The distro that allows this : PCLINUXOS

I had ask them about the permissions on a NTFS partition and the answer was :
Windows has it’s own permissions rules and Linux another. That’s why a Linux distro see always the files/directories on NTS as root:root.
What allows to read/write on NTFS partition is the rule in mtab with RW and ALLOWS_OTHER : i have verify this and it works.
No necessity to create a new user group.
No necessity to create new rule.

On Opensuse, mtab give the same info as below :
/dev/sda8 /Documents fuseblk **rw,**nosuid,nodev,noexec,relatime,user_id=0,group_id=0,default_permissions,allow_other,blksize=4096 0 0
/dev/sda9 /Sauvegarde fuseblk rw,nosuid,nodev,noexec,relatime,user_id=0,group_id=0,default_permissions,allow_other,blksize=4096 0 0
/dev/sdb6 /home xfs rw,relatime,attr2,inode64,noquota 0 0
gvfsd-fuse /run/user/500/gvfs fuse.gvfsd-fuse rw,nosuid,nodev,relatime,user_id=500,group_id=17 0 0

The only line that is NOT in PCLinuxOS’s mtab is : gvfsd …

If you have comments, you are welcome.

Thanks again for your help

Herve49

tsu2 · May 18, 2015, 6:27pm

Another possible option I setup long ago was to simply access the NTFS partitions from a Windows machine and apply everybody/everybody full control permissions, essentially eliminating all Windows read/write/modify permissions.

After that, anything could read or write to the partition.
Of course, you should be careful exposing that kind of access outside of a very restricted scenario.

TSU

Herve49 · May 18, 2015, 7:02pm

For Busy_pinguin

Have apply your recommendations :
created 10-udisks2.rules and have copy/paste your command lines
have created a new user group storage and have added me to them.

But anything seems wrong : i can’t create or modify any file or directory after this. Only open/close/view.
Perhaps is a reboot needed ?

For TSU2 : i will use your option if after reboot i have no change.
I don’t like (as you) to give all permissions to the world ! lol!

Herve49

Herve49 · May 18, 2015, 7:07pm

Busy_pinguin

Sorry, but no success after reboot.
Nothing has changed

Herve49

robin_listas · May 18, 2015, 7:44pm

On 2015-05-18 19:16, Herve49 wrote:
>
> Busy_pinguin
>
> Sorry, but no success after reboot.
> Nothing has changed

How are you mounting those partitions? Via desktop, or via a line in
fstab (that is not mtab)?

The answer is different.

If it is a line in fstab, please post it here.

–
Cheers / Saludos,

Carlos E. R.

(from 13.1 x86_64 “Bottle” (Minas Tirith))

Herve49 · May 18, 2015, 9:44pm

Hi Robin_Listas

I have mounted the NTFS partition with Yast/Partition engine.
That have give me the list of the existing partitions on my machine.
I have so modify the partitions (mount + unformate). NTFS was selected by default by the system.

I have speak of mtab : this file is (i suppose) generated automatically by the system at startup.
If i go to the other root partition (PCLOS), mtab exist bu as this distro is not running, the file is not completed with normal lines.

Are installed :
WIN7 on /dev/sda1 + /dev/sda2
Swap on /dev/sda5
PCLOS : root on /dev/sda6 and home on /dev/sda7
Documents : on /dev/sda8
Sauvegarde : on /dev/sda9

Opensuse : root on /dev/sdb5 and home on /dev/sdb6 (+ 3 partitions TMPFS created automatically by Opensuse without agreement request at the install)

The mounted NTFS partitions are on 2 last lines below.

Here is my actually fstab in Opensuse :

herve@Zlinux:~> cat /etc/fstab
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 / btrfs defaults 0 0
UUID=b899750e-4b4b-493a-bd28-ce3e67a3e74b /home xfs defaults 1 2
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /boot/grub2/i386-pc btrfs subvol=boot/grub2/i386-pc 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /boot/grub2/x86_64-efi btrfs subvol=boot/grub2/x86_64-efi 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /opt btrfs subvol=opt 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /srv btrfs subvol=srv 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /tmp btrfs subvol=tmp 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /usr/local btrfs subvol=usr/local 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /var/crash btrfs subvol=var/crash 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /var/lib/mailman btrfs subvol=var/lib/mailman 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /var/lib/named btrfs subvol=var/lib/named 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /var/lib/pgsql btrfs subvol=var/lib/pgsql 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /var/log btrfs subvol=var/log 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /var/opt btrfs subvol=var/opt 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /var/spool btrfs subvol=var/spool 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /var/tmp btrfs subvol=var/tmp 0 0
UUID=a9c80d56-5083-477d-b1b2-41a16d64c670 swap swap defaults 0 0
UUID=02543b6e-26dc-4937-890b-bf72b6629c98 /.snapshots btrfs subvol=.snapshots 0 0
UUID=795D6CC311F678A1 /Documents ntfs-3g users,gid=users,fmask=133,dmask=022,locale=fr_FR.UTF-8 0 0
UUID=351D5FD82DE1D23A /Sauvegarde ntfs-3g users,gid=users,fmask=133,dmask=022,locale=fr_FR.UTF-8 0 0
herve@Zlinux:~>

Herve49

Fraser_Bell · May 18, 2015, 11:11pm

Change the red text above to:

users,gid=users,fmask=0117,dmask=0007,

robin_listas · May 19, 2015, 1:04am

On 2015-05-18 21:46, Herve49 wrote:
>
> Hi Robin_Listas
>
> I have mounted the NTFS partition with Yast/Partition engine.

Ok, so it is via fstab.

> I have speak of mtab : this file is (i suppose) generated automatically
> by the system at startup.

No.
It is generated automatically and continuously, any time a device is
mounted or umounted.

Its contents are of no interest for your problem at the moment.

> Here is my actually fstab in Opensuse :

I forgot to say that you have to post text as that inside a code tags
block. Forum web editor, ‘#’ button.


> UUID=795D6CC311F678A1 /Documents           ntfs-3g    users,gid=users,fmask=133,dmask=022,locale=fr_FR.UTF-8 0 0
> UUID=351D5FD82DE1D23A /Sauvegarde          ntfs-3g    users,gid=users,fmask=133,dmask=022,locale=fr_FR.UTF-8 0 0

You have to use “fmask=0117,dmask=0007”. Alternatively, use
“uid=yourusername”.

No need to reboot.
First umount the devices, edit the fstab file, mount them again.
Done.

–
Cheers / Saludos,

Carlos E. R.

(from 13.1 x86_64 “Bottle” (Minas Tirith))

Herve49 · May 19, 2015, 2:46pm

Hello

Have make the corrections you have indicated : works fine !

The change of fmask and dmask is for me new.
I don’t understand what these are and what these provide.

Fstab writing by the system was for me correct at the origin.
I note the dmask and fmask was on 3 numbers (022 and 133).

Your changes are on 4 numbers (0117 and 0007).
I wish not that you give me a lesson of Linux, but if you can explain the differences, that would great. (or if you have a link that explain that as simply as possible)

Very thanks for your help, i appreciate.

Herve49

I_A · May 19, 2015, 4:55pm

a bit late with my response but for completeness sake
the polkit option I suggested works with on-demand mounting with a file-manager like dolphin or nautilus, for on-logiin there is a nice gui in kde config center that lets you chose partitions to be mounted, I prefer to mount them as needed not always.

Fraser_Bell · May 19, 2015, 10:46pm

Read this:

man ntfs-3g

robin_listas · May 20, 2015, 1:58am

On 2015-05-19 14:56, Herve49 wrote:

> Your changes are on 4 numbers (0117 and 0007).
> I wish not that you give me a lesson of Linux, but if you can explain
> the differences, that would great. (or if you have a link that explain
> that as simply as possible)

The meaning of the four digits (in octal, base 8 numbers) you can
decrypt from this table:

Octal permissions (man chmod):

UserID * 4 + GroupID * 2 + sticky * 1

Read * 4 + Write * 2 + Execute * 1 ( owner )

Read * 4 + Write * 2 + Execute * 1 ( group )

Read * 4 + Write * 2 + Execute * 1 ( rest )

The “0117” decodes as “-rw-rw----”, or owner and group have read and
write permission, while the rest have no access. That’s for files.

dmask=0007 decodes as “drwxrwx—”, meaning that directories get
read/write permissions, plus “execute”, which on a directory has a
different meaning. The rest have no access.

Windows filesystems, like FAT or NTFS, are not compatible with Linux
permissions. Instead, all the files get the same permissions, defined as
options in the mount command line or fstab. That’s why chmod does not
work on ntfs.

Likewise, the options uid and gid define who is the owner (and group)
for all the files in the mount.

–
Cheers / Saludos,

Carlos E. R.

(from 13.1 x86_64 “Bottle” (Minas Tirith))