on Sun, Dec 19, 2004 at 10:39:18PM -0800, Robert G. Scofield ([EMAIL PROTECTED]) wrote: > > Recently I asked for help here because I couldn't write from Linux to my > Windows partition. After some helpful responses I blindly copied Ken Bloom's > fstab entry into my fstab, and I could write to Windows. > > At that time, however, I had just one Linux account, "bob." So someone > logged > into bob could write to Windows. Since then I've added a new account, > "research." When I log into research I have no access to the Windows > partition whatsoever. I can't even read it, much less write to it. > > Here are the permissions for the mount point /mnt/windows: > > drwx------ 10 bob root 16384 1969-12-31 16:00 windows
Right. Here's what you accomplished with the fstab recipies you implemented without understanding the last time: rather than mounting your legacy MS Windows partition as user root, you mounted it as user 'bob', with read/write/execute permissions for user bob, and nobody else. The more general way to solve this problem is to: 1. Create (or use an existing) group to have permissions for a given resource. Could be a filesystem (as the current case), modem, audio device, etc. 2. Add user(s) who should be able to access this resource to the appropriate group. 'adduser <username> <group>' should do this. Generally you'll need to log off that user and log them back in for the change to take effect. 3. Set permissions on the resources you're providing access to, if necessary, so that the assigned group can access the device. > So I decided to use chmod to give read and write access to others. > But chmod doesn't work on /mnt/windows. vfat (and other DOS-based filesystems) doesn't support permissions. So you hard-wire the entire filesystem to a specific set of user and group ownerships, and related permissions, with your mount options. > So can anybody tell me how to get read and write permission for the > new account on the Windows partition.? For what it's worth, Windows is > on another hard drive, but I don't think that has anything to do with > the problem. Following is an example from my own fstab for mounting a floppy in a multi-user accessible manner: /dev/sda /mnt/floppy vfat user,gid=floppy,umask=0007 0 0 Pulling that apart: - /dev/sda is the floppy (USB external drive, if you're wondering) - /mnt/floppy is the mount point - vfat is the filesystem - user means the device is user-mountable, and _not_ mounted by default at boot. - gid=floppy makes the effective group 'floppy'. My primary account belongs to this group. - umask=0007 gives full access to the device for either the user *or* the group, but _no_ access to 'other' users. The reason you want to use a scheme such as this is that GNU/Linux is inherently multi-user. If you're running network-accessible services or allow third-party logins to your system, you're going to want to restrict their rights to resources unless you find a compelling need to provide them. This is called the principle of least privilege, though it's got broader ramifications. Peace. -- Karsten M. Self <[EMAIL PROTECTED]> http://kmself.home.netcom.com/ What Part of "Gestalt" don't you understand? Geek for hire: http://kmself.home.netcom.com/resume.html
signature.asc
Description: Digital signature
_______________________________________________ vox-tech mailing list [EMAIL PROTECTED] http://lists.lugod.org/mailman/listinfo/vox-tech