-   Linux - Security (
-   -   Setting permissions for individual folders on external drive (

mawkernewek 07-28-2009 01:02 PM

Setting permissions for individual folders on external drive
I would like to set my external drive up so that a certain folder is available to all users, but another folder is available only to a single user.

the fstab line for the drive is currently

/dev/disk/by-id/usb-ST932032_0AS_000000000000-0:0-part1 /media/Iomega\040HDD ntfs-3g user,uid=dlrt2,gid=users,locale=en_GB.UTF-8 0 0

which mounts the drive with all files and folders having rwxrwxrwx permissions.

I have tried changing the permissions or ownership of individual folders but it doesn't work. It does not give any error but the permissions are always the same as before.

I am using OpenSUSE 11.1

David the H. 07-28-2009 01:12 PM

The permissions don't change because NTFS (and FAT as well) does not support unix-style ownership or permissions. These can only be simulated with options like uid, gid, and umask in the mount command. These options apply to the mounted filesystem as a whole, so I don't think it's possible to give separate permissions to subdirectories on NTFS or FAT. But you might check the ntfs-3g man page to be sure.

You should consider reformatting the drive to ext3 or another posix-supporting filesystem, if possible.

jschiwal 07-28-2009 03:05 PM

I agree that ntfs is a poor file system choice for windows, unless your intention is to physically share the drive with a windows machine. But you can select the permissions of a mounted ntfs filesystem using the "uid", "gid", "fmask" and "umask" mount options. Be sure to include the "x" permission of directories to allow them to be entered. I would clear the "x" permission bit of all files. Also consider "noexec,nosuid" for all mass storage drives regardless of the filesystem. Keep in mind that these permissions are for the entire filesystem. So you may need to partition and reformat the drive to do this and still use ntfs.

If you are sharing this drive, using samba, to people on the network, then you can use samba's controls on which users may access which shares. Here it is the samba permissions denying access. But a user needs permission to access the filesystem before samba can grant permission. Samba can add further restrictions.

Please see the man pages for mount and mount.ntfs for more options.

All times are GMT -5. The time now is 04:27 PM.