access, ownership and permissions for external "drives"
 

I need to configure external storage for use across several workstations without connect-time tinkering or admin operations.

Is there a desktop application to manage access and permissions and such for external storage?

Are there differences between how USB connected flash-media storage and rotating storage use permissions and ownership to grant file and folder access and how this happens for the $HOME folder and other internal storage?

Most flash-media uses FAT32 (vfat) file system type that has simplistic sense of permissions and no concept of ownership. See Micro$oft(tm) ATTRIB command and FAT32 File System and FAT File System and Linux.

Most rotating storage file systems have both ownership and permissions that depend on the filesystem type. These are typically NTFS for win-dose and EXT2 or EXT3 or EXT4 for Linux variants. (yes, I know there are others.)

I'd like "any user" to be able to create folders and write files into the external drive. How do I "chown" and "chmod" an external storage drive? Is there something special I do when I create these file systems?

Since external storage is "removable" storage and that gets handled by udev do I need to configure UDEV is special ways so that this just works? ASIDE -- I would like some of my external storage mounts other than "/media" as they are not music, pix, or video.

I know:
Which user and group should own things?

Is there a already designated "group" for external drives or do I create one for my environment? This requires that all of my desktop users need to belong to this "group." (NOTE -- There is potential trouble moving the external drive between workstations unless they all respect the same groups.)

Do I name the "drive" or the "mount point" as the path?

and also:
If I grant access to "other" users, that is every process on my workstation regardless of their user+group.

Again, which "path" am I supposed to use for this command?

Thanks in advance,
~~~ 0;-Dan

A windows filesystem won't have Linux attributes. They are determined by the mount options, and apply to all files & directories. You can't use chmod or chown with a Windows file system.

For a Linux filesystem, you can use chmod and chown on the _mounted_ filesystem. The path is the mountpoint, but the permissions of the filesystem itself is affected. In other words, if you mounted the same filesystem somewhere else, the ownership and permissions of the mount point change after mounting.

PolicyKit rules will determine if a removable device is mountable by a regular user. In KDE4, the device notifier is the most convenient way of mounting removable devices. I think Gnome puts the device on the desktop instead. In KDE4's device notifier, you can add attributes that need to match.

One thing I've tried is using the user or owner mount option, along with uid= and gid= options in /etc/fstab to control who can mount a pendrive on a particular device. The device field in the first column would be UUID=<uuid #>. Now this file system would be mounted with a particular user and permissions. All the hosts would have to have the same /etc/fstab entry to prevent mounting on another system. This may be more useful when 2 or more people use the same workstation.

Here is an example where I added an /etc/fstab entry for a particular SD card. I can mount it as a regular user, either from the shell or the device notifier. It mounts over /mnt/disk instead of /media/.
I had let it automount, and took the options from the current /etc/mtab. I added the owner,user options.

Later I edited the device notifier settings so it would auto-mount. Now it will mount when inserted, provided I am the logged in user.

Hi there,

that means you have to set up the external media with no particular access restriction.

Not really. Access control is always a matter of the operating system. And if you exchange an external storage media across different PCs, you can't use the inherent mechanisms of today's operating systems.

No. It all depends on how you format these media. Technically, they're all the same, that is, they all announce themselves to the host system as "USB Mass Storage Device". It is impossible for the host system to distinguish whether an attached 4GB media is a little USB pen drive, a Compact Flash card, or an old hard disk.

Actually, FAT has no means at all of access control. From a technical POV, the file attributes are nothing but decoration.

That contradicts to my own experience. Most external USB hard disks are formatted using FAT32, too, when you purchase them - even if they are 1TB or bigger. Very rarely, they come pre-formatted with NTFS, and I've never encountered one that was pre-formatted to ext2 or ext3.
But that's totally meaningless, because the first thing I do (and what I recommend to anybody else) is to reformat these units using a file systems that meets one's own requirements. And that can be just anything: FAT32, NTFS, ext3, ...

You shouldn't bother about file ownership on external media. The reason is that both Windows and Linux store the owner/user as a number, not in clear text. And "User #1043" on one system may be someone else than "User #1043" on another system. It just wouldn't work.

On Linux, udev can be configured to use a particular mount point for a particular device; on Windows, you can do the same by not having a drive letter assigned to the external media, but have it mounted to a directory.

If you really need to have private, protected data on removable media, you should consider TrueCrypt containers.

[X] Doc CPU

External Drive Ownership
 

Can we cut to the chase? I have this problem with all USB devices, large Memory sticks or back-up harddisks.
Is there a "bash" script that will make work on all my Linux (mint) configs?
Please dont bash the question, if you dont have a knowledgeable answer, just dont.

I am sure people will rush to serve you, after being so polite.:rolleyes: