1

I tried to follow some descriptions on Wikipedia regarding the structure of /etc/fstab. I would like specific users to be able to mount windows partitions. I begun with all users eligible to mount and added the user option. My fstab for particular partition looks like this:

/dev/sdb1   /mnt/data   ntfs-3g
    noauto,user,uid=1000,gid=1000,dmask=003,fmask=007,noexec     0 0

I expected non-root users would mount this partitions but when I try to do so, I still get the error:

Error opening '/dev/sdb1': Permission denied
Failed to mount '/dev/sdb1': Permission denied
Please check '/dev/sdb1' and the ntfs-3g binary permissions, and the mounting user ID. More explanation is provided at http://tuxera.com/community/ntfs-3g-faq/#unprivileged

I can't figure out what it is.

Improve this question
1
  • fair enough, I put it in as an answer anyway, so I'd might as well delete my comment (and this one later too)
    – Xen2050
    Commented Apr 28, 2017 at 12:45

1 Answer 1

Reset to default
2

One answer appears to be in the faq you linked to, apparently ntfs-3g needs setuid to do as you ask:

chown root $(which ntfs-3g)
chmod 4755 $(which ntfs-3g)

Please note that using setuid-root can result unforeseen privilege escalation and its usage is discouraged. Only the absolutely trusted users must be granted such access. Below is an example how this can be done for users in the ntfsuser group to be able to mount any NTFS volume if they have also the needed volume access rights.

addgroup ntfsuser
chown root:ntfsuser $(which ntfs-3g)
chmod 4750 $(which ntfs-3g)
usermod -aG ntfsuser allowed-user

The setuid-root ntfs-3g driver applies the principle of least privilege during its lifetime as a safety measure.

Improve this answer
1
  • It took me some time to digest it. I had to read about what setuid bit is for! I have got it now. Thanks.
    – Celdor
    Commented Apr 28, 2017 at 12:44

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .