[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Only root can write on USB disk

Hash: SHA1

On Fri, May 05, 2017 at 10:55:58AM +0000, Curt wrote:
> On 2017-05-05, <tomas@tuxteam.de> <tomas@tuxteam.de> wrote:
> >
> > On Fri, May 05, 2017 at 09:17:51AM +0000, Curt wrote:
> >> On 2017-05-02, Greg Wooledge <wooledg@eeg.ccf.org> wrote:
> >> > On Tue, May 02, 2017 at 07:16:57PM +0430, Mostafa Shahverdy wrote:
> >> >> I have a very annoying problem. I can't write to my usb drives (fat32,
> >> >> ntfs, etc.) without root permissions. How can I fix this?
> >> >
> >> > Mount the file system with "-o uid=youruser" to have the files presented
> >> > by the kernel as being "owned" by that user.
> >> >
> >> >
> >> 
> >> I don't understand that advice entirely.
> >> 
> >> Isn't there a difference between mounting the device as a regular user
> >> and writing to the device as a regular user (which you might be
> >> prevented from doing if the filesystem had root-only write permissions,
> >> thus Brian's ls -l suggestion to eliminate that possibility)?
> >
> > There is a difference. The "-o=foo" advice is betting on the file system
> > being one without ownership info (i.e. a lower life form ;-)
> The OP does mention FAT32, and FAT32 doesn't have permissions, I hear,
> so in the case of a FAT32 file system on a usb stick any user at all
> should be able to write to it (given the appropriate mount options)?

There is an option "umask" (and specifically "dmask" and "fmask" for
directories and files) which has the usual umask semantics. It defaults
to the "current process's umask", so no, typically you won't get 0777.

The mountpoint permissions should be irrelevant (except that you might
fail traversing the path if you haven't read access to it or one of
its parents).

Look at this little session

  # Make empty disk, 4M:
  tomas@rasputin:~$ dd if=/dev/zero of=dose bs=4096 count=1024
  1024+0 records in
  1024+0 records out
  4194304 bytes (4.2 MB) copied, 0.0153837 s, 273 MB/s

  # Put vfat file system on that:
  tomas@rasputin:~$ /sbin/mkfs.vfat dose
  mkfs.fat 3.0.27 (2014-11-12)

  # Mount. Gotta be boss for that (usually):
  tomas@rasputin:~$ sudo mount dose /mnt
  [sudo] password for tomas: 

  # Empty. Mere mortals seem to have read access:
  tomas@rasputin:~$ ls -l /mnt
  total 0

  # but no write access:
  tomas@rasputin:~$ touch /mnt/file
  touch: cannot touch ‘/mnt/file’: Permission denied

  # Boss can do:
  tomas@rasputin:~$ sudo touch /mnt/file
  tomas@rasputin:~$ ls -l /mnt
  total 0
  -rwxr-xr-x 1 root root 0 May  5 13:29 file

  # A-hah. Boss umask seems to be 022 by default

- -- tomás
Version: GnuPG v1.4.12 (GNU/Linux)


Reply to: