You are not logged in.

Pages: 1

#1 2009-09-04 13:33:01

darkbeanies
Member
Registered: 2009-01-14
Posts: 142

Yet another NTFS Mount Problem Thread

Hello, I'm trying to make an NTFS partition mountable, unmountable, readable and writable by a user without sudo.  Here's what I've tried so far...


setuid on the mount, umount and ntfs-3g binaries as root:

# chmod u+s /bin/mount
# chmod u+s /bin/umount
# chmod u+s /bin/ntfs-3g

I also tried this method on the ntfs-3g website, don't know if this makes any difference (it didn't for me)

# chown root $(which ntfs-3g)
# chmod 4755 $(which ntfs-3g)

And, when that didn't work, I tried this:  (also on the ntfs-3g website)

# chown root.users $(which ntfs-3g)
# chmod 4750 $(which ntfs-3g)


Here is the relevant line from fstab:

/dev/sdb1  /media/data  ntfs-3g  users,uid=1000,gid=100,fmask=0113,dmask=0002  0 0

And, strangely enough, this partition can be UNMOUNTED with no hassle, and mounts/unmounts sucessfully with sudo.

As a side note, my ext3 partition is mountable and unmountable by user all the time with no problems, with this line:

/dev/sda3  /media/downloads ext3 users,defaults  0 0


I chowned /media to the user recursively.  I'd chown the entire filesystem if I thought it would work.

# chown username:users -R /media


I modified policykit.conf and created a "polkitparser" as per this guide: 

http://bbs.archlinux.org/viewtopic.php?id=65070


I edited sudoers to add:

username ALL=(ALL) NOPASSWD: /bin/ntfs-3g
username ALL=(ALL) NOPASSWD: /bin/mount
username ALL=(ALL) NOPASSWD: /bin/umount


The user is a member of the following groups:  wheel video audio optical storage scanner power users policykit hal and dbus.


I think the problem is related to the ntfs-3g binary somehow , but I can't quite see what's wrong.

Edit: solved!  I'll write it tomorrow when I'm not so tired.

Last edited by darkbeanies (2009-09-06 01:23:27)

Offline

#2 2009-09-06 05:14:36

darkbeanies
Member
Registered: 2009-01-14
Posts: 142

Re: Yet another NTFS Mount Problem Thread

Okay, I got it, I wrote it out again here so at least it will still exist somewhere when I destroy all the data on my disks with my newly escalated privileges... smile

1. Make a new /etc/PolicyKit/PolicyKit.conf containing this...

<?xml version="1.0" encoding="UTF-8"?> <!-- -*- XML -*- -->

<!DOCTYPE pkconfig PUBLIC "-//freedesktop//DTD PolicyKit Configuration 1.0//EN"
"http://hal.freedesktop.org/releases/Pol … config.dtd">

<!-- See the manual page PolicyKit.conf(5) for file format -->

<config version="0.1">
        <define_admin_auth user="NAME_OF_USER"/>
</config>

2. Create /etc/rc.d/polkitparser, made it executable and add it to daemons in rc.conf:

#!/bin/bash

# general config
. /etc/rc.conf
. /etc/rc.d/functions

        stat_busy "Parsing groups for policykit handling"
    export storage_users=$(cat /etc/group | grep -i storage | cut -d ':' -f 4 | sed 's/,/|/')
    export power_users=$(cat /etc/group | grep -i power | cut -d ':' -f 4 | sed 's/,/|/')
    stat_done
exit 0

3. My .xinitrc now starts with exec ck-launch-session (insert name of WindowManager), though I have no idea what this does, or whether it makes any difference.

4.   Issued the following commands as root:

      chown root.storage $(which ntfs-3g)

      chmod 4750 $(which ntfs-3g)

5.  User is member of wheel video audio optical storage power users policykit hal and dbus.  I have no clue which of these are relevant.

6.  Created this symbolic link, which I think makes all NTFS volumes writable.  Or something.  Obviously you need ntfs-3g.

     ln -s /sbin/mount.ntfs-3g /sbin/mount.ntfs

7.  Added this to hal.conf:

<policy group="power">
   <allow send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"/>
   <allow send_interface="org.freedesktop.Hal.Device.LaptopPanel"/>
</policy>

<policy group="storage">
   <allow send_interface="org.freedesktop.Hal.Device.Volume"/>
   <allow send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/>
</policy>

</busconfig>

8. Setuid as root on the /bin/mount and bin/umount commands.

9.  Delete all the entries from fstab and folders in /media which might clash with hal's behaviour.  I removed everything from fstab except for the / partition and an ext3 data partition that seems to behave properly.  The only thing in media is a folder for mounting the data partition.

10. /media was chowned  to (USER_NAME)

11. Sudoers contains this:

  username ALL=(ALL) NOPASSWD: /bin/ntfs-3g
  username ALL=(ALL) NOPASSWD: /bin/mount
  username ALL=(ALL) NOPASSWD: /bin/umount

12.  Hoorah!  Everything you plug into your computer can successfully be mounted and unmounted by (YOUR_USER_NAME), whether it be NTFS, USB, EXT3, CD or DVD!  Well, maybe not a CD, but you could install thunar andthe  thunar-volman package, for example, and then cd and dvd can be set to autoplay!  Just like on a Bill Gates system!

13.  Hopefully, some Linux veteran will see this and be so offended by the steps above that they will rewrite it with the pointless stuff removed.  I wasn't taking any chances though!

14.  I am ashamed to say, I spent at least ten minutes after I had done this just mounting and unmounting drives.......

Offline

Pages: 1

Board footer

Powered by FluxBB