[vox-tech] good reference source for fstab permissions

[Ken Bloom]

--3V7upXqbjpZ4EhLz
Content-Type: text/plain; format=flowed; charset=ISO-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable


On 2003.07.03 09:18, Jonathan Stickel wrote:
> Donald Childs wrote:
>> Thanks for all the assistance . I'm able to write to the vfat=20
>> partition
>> now, using:
>>=20
>> /dev/hdf4    /mnt/fat    vfat user,rw,uid=3D[user],gid=3D[workgroup] 0 0
>>=20
>> but will go back and add the showexec attribute.
>=20
> This is different from what I use for my fat32 partition(s).  I have=20
> in my fstab:
>=20
> /dev/hda5  /Documents  vfat  defaults,quiet,umask=3D0000  0 0
>=20
> I'd like to learn a little more about these mount options, if someone=20
> cares to enlighten me:
>=20
> My method mounts on bootup, allows all users read/write permission,=20
> and quiets failed attempts to change file ownership/permissions. =20
> Reading a little of the man page, I get the impression that=20
> "umask=3D0000" and "quiet" essentially overrides the "suid" implied by=20
> using the "default" option.  Is this about right?

It appears that this umask is in agreement with the suid option.=20
Setting umask=3D7000 would seem to be in disagreement the suid option but=
=20
would seem to be in consonance with the nosuid option.

> It seems to me Donald's fstab entry only gives read/write permission=20
> to [user] and [workgroup].  Also, it is not clear to me whether the=20
> partition would mount on startup or with "mount -a" ("auto" option is=20
> not specified).  But I can see the ownership/permission problems of=20
> fat is solved by assigning the entire partition to just one user. =20
> How am I here?

I believe it follows the default umask of 022, so only the owner can=20
write, but everyone else can read and execute. By saying user, anybody=20
can mount and unmount the partition (I'd bet that this isn't Donald's=20
intended effect). It appears that it is mounted automatically (like my=20
vfat partition).

My vfat partition:
/dev/hda6  /home/bloom/mydocs   vfat    umask=3D073,uid=3D1000,gid=3D1000,
noexec,showexec  0 0

> I am also curious about the "showexec" option.  If I used it, would=20
> it make "quiet" unnecessary?

No. Showexec just sets the default permissions differently. If you list=20
your vfat drive now, then you will notice that all directories and=20
*all* files are rwxrwxrwx. You would probably prefer to have your files=20
rw-rw-rw- (I found the execute bits especially annoying when working=20
with xftree, and when burning CD-ROMs) This is what showexec does.

Kernel 2.5.43 and later (according to mount(8)) replace this with fmask=20
and dmask which set umasks for files and directories, respectively. I=20
haven't used 2.5.x kernels, so I don't know for sure whether showexec=20
will be removed, or merely deprecated. It took me a while to discover=20
showexec because I had been hoping to find something more like fmask=20
and dmask to begin with.

Quiet prevents chmods and chowns from returning errors. It can be used=20
with showexec the only difference is the exact set of permissions that=20
cannot be changed.

Also note that the write bits can actually be changed permenantly (at=20
least without the quiet option) if all three are the same they affect=20
the native FAT read-only bit that can also be set from and has an=20
effect in Windows (if they're not all the same, see your kernel source=20
to see who wins). And I found that (again, without quiet) other file=20
permissions (like execute) can be changed temporarly and Linux will=20
remember the permissions until the operations involving file dates=20
would fail though (I don't know whether they do with quiet).

--=20
I usually have a GPG digital signature included as an attachment.
If you don't know what it is, either ignore it or visit www.gnupg.org
My PGP key was last signed 6/10/2003 please download my key again if
it is more recent than your copy. If you use GPG, *please* talk to
me to sign it. The key is keyID E2B2CAD1 on pgp.mit.edu
--3V7upXqbjpZ4EhLz
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQA/BG6alHapveKyytERAugVAJ41VOTvG03cLIkhvcCRBJU1mwNxQgCeJISU
elc8LPMP1I7L7en1doE3i5o=
=8Ps7
-----END PGP SIGNATURE-----

--3V7upXqbjpZ4EhLz--