FAT/VFAT/FAT32 (and FAT32X and so on...) does not support UNIX-style permissions such as the ones we use on the common Linux filesystems. To circumvent this you can mount the FAT partition with special options to indicate what permissions should be given to all files and directories on the drive.
Let's do this Linux style.
First we add a group to which we then will add users that should be able to read (and optionally write) to the Windows partition. I call this group "winread" but you can call it whatever you want. As root (type
su to become root, and type
exit when done to become your old boring self again) type the following to add a group called "winread":
groupadd winread
Very painless, don't you think?
Now open up the file /etc/group (still as root) with a text editor. At the bottom of the file you should see your newly created group, something like this:
I'm not going to do Linux 101 here so let's just skip to what's important: The first field is the name of the group and the third field, with a number in it, is the group id, or gid. This is important so remember it. The fourth field, after the last colon, is empty right now. Here is where we put a list of usernames that we want to have access to the Windows partitions. The list is comma-separated (no spaces!), so I'm adding myself and you:
Code:
windisk:x:408:hw,lifix
Save the file and exit the editor.
Now we will change the way we mount our Windows partitions. Open up the file /etc/fstab in a text editor, but make a backup copy first! I keep files like this one in /root/backups/conffiles/ so I know I can roll back if I mess up (and with these files you really can mess up!). Find the line referring to your FAT32 partition that you want to have write access to. Linux calls FAT32 "vfat", so that's what you should be looking for. I assume you can find it since you're talking about weird permissions on it, and it wouldn't be mounted automatically if it wasn't in this file. Here's the one I want to mount nicely:
Code:
/dev/hda1 /mnt/win_e vfat defaults 0 0
The first line is the device (you can type
fdisk -l /dev/hda to get a list of partitions on a disk, in this example I use /dev/hda but yours could be anything), the second is the mountpoint (where the contents of the partition will appear when mounted), the third is the filesystem type and the fourth is the mount options. The last two digits are for fsck and it doesn't matter to us in this case - use "0 0" for that.
Anyway, we want better permission, right? I will only touch the options part here since I feel the others are OK. Instead of defaults we add this:
Code:
noatime,user,gid=408,umask=007
"noatime" means the files shouldn't get their access times updated (Windows can get confused by this), "user" means users should be able to mount the partition, and here's the important two parts: "gid" is the group is of our group. Refer to your /etc/group file if you're uncertain. "umask" is the file mask for files and directories. 007 indicates that the owner (root) and group members (you and me in my example) can read, write and execute files and directories. Execute permission is needed on directories, otherwise you cannot list their contents. Users who are not root and who are not members of our winread group will have no acccess at all - they will not even be able to read files from the partition.
So, now our fstab line looks like this:
Code:
/dev/hda1 /mnt/win_e vfat noatime,user,gid=408,umask=007 0 0
Save the file and exit your editor. If the partition is mounted, unmount it by typing
umount /dev/hda1 (replace /dev/hda1 with your actual device). In order for the group membership changes you need to log out and then log in again (no need to reboot, this isn't Windows
). You can type
groups as yourself (not root) before logging out and after logging in again and you should see that when you're in again you are indeed a member of the winread group. Now you should have full access to your FAT32 drive.
I realize this is all kind of long winded and may appear a bit tricky but once you get used to group permissions it's very very usable and an effective way of granting or restricting access to services, files and so on.
Håkan