Arch Linux

odror

Member

Registered: 2015-03-17

Posts: 153

[SOLVED]Unable to change permission to /boot

It must be something new, but a non root user cannot even view the /boot directory.

chmod 755

does not correct that. Is there anyway to disable it, so that I can view this directory without sudo.

Last edited by odror (2025-05-06 00:35:08)

dakota

Member

Registered: 2016-05-20

Posts: 372

Re: [SOLVED]Unable to change permission to /boot

What was the exact command that you used? And what was the exact error message?

Also,

ls -al /

Cheers,

(FWIW, I can access /boot on my system as a non-root user.)

---

"Before Enlightenment chop wood, carry water. After Enlightenment chop wood, carry water." -- Zen proverb

cryptearth

Member

Registered: 2024-02-03

Posts: 1,418

Re: [SOLVED]Unable to change permission to /boot

my bet here is /boot is a mount point and your mount options make it 600 (or you did that when /boot was mounted so it re-does this everytime its mounted)
hence a post of your fstab could be useful

V1del

Forum Moderator

Registered: 2012-10-16

Posts: 24,378

Re: [SOLVED]Unable to change permission to /boot

If you let your /boot directory get automounted by systemd-gpt-generator it mounts it with rights so that only root can access it, to protect a potential random seed file systemd-boot generates from being read willy nilly.

You can override this behaviour by simply creating a corresponding fstab entry.

If this is an ESP and that's FAT formatted, a FAT filesystem doesn't have permissions on the file level, so a chmod not working is expected.

odror

Member

Registered: 2015-03-17

Posts: 153

Re: [SOLVED]Unable to change permission to /boot

I think it is an fstab issue. I have the following  line

PARTUUID=(parduid)   /boot           vfat rw,x-systemd.idle-timeout=1min,x-systemd.automount,noauto,nofail,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro 0 2

I am not sure how I got this line. I probably copied it from somewhere.  Do I need to change fmask and dmask to 0022 ? This is an NVMI SSD. Do I need all these options?

It  is a FAT32 partition since it is the boot partition.

cryptearth

Member

Registered: 2024-02-03

Posts: 1,418

Re: [SOLVED]Unable to change permission to /boot

masking some random uuid doesn't give you anything - it's just a few bytes anyway
here's mine as generated by genfstab back in 2022:

UUID=B053-F0B4          /efi            vfat            rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro   0 2

tekstryder

Member

Registered: 2013-02-14

Posts: 298

Re: [SOLVED]Unable to change permission to /boot

Do I need to change fmask and dmask to 0022 ? This is an NVMI SSD.

man mount

Do I need all these options?

Here's what mount options will be used by the kernel when simply specifying "default" for a vfat.

/dev/nvme0n1p1 on /boot type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro)

Only change options when you have a specific reason to do so.

I no longer have any need for non-default options with modern kernels.

$ cat /etc/fstab
# Static information about the filesystems.
# See fstab(5) for details.
# <file system>                             <dir>                <type> <options> <dump> <pass>
# 
UUID=F280-E596                              /boot                vfat   defaults   0   2
UUID=d475ae3e-f8c5-4e02-9c23-541d4667d78e   /                    ext4   defaults   0   1
/dev/mapper/crypt-data                      /mnt/Data            ext4   defaults   0   2
UUID=77b732ef-e9e8-45e9-bac1-f8686bb6e1d9   /mnt/Virtual-Disks   ext4   defaults   0   2

See also @V1del's note on automount in #4.