Home | Docs | Forums | Lists | Bugs | Planet | Store | GMN | Get Gentoo!
Not eligible to see or edit group visibility for this bug.
View Bug Activity | Format For Printing | XML | Clone This Bug
I've installed the stable version of ntfs3g 1.2310 and enabled the flag use SUID ... but when i try to mount the ntfs partition the message box return to me "permission denied" Reproducible: Always
As a new version is out there, try to upgrade it first and see if the things work, ive already use ntfs3g 1.2412, n dont find a trouble to mount an ntfs3g as user
i've installed the last version but without changes..... every times i read this one "Error opening '/dev/sdb5': Permission denied Failed to mount '/dev/sdb5': Permission denied Please check '/dev/sdb5' and the ntfs-3g binary permissions, and the mounting user ID. More explanation is provided at http://ntfs-3g.org/support.html#unprivileged" i've installed with suid and kernel's fuse
my emerge --info Portage 2.1.4.4 (default-linux/x86/2007.0/desktop, gcc-4.1.2, glibc-2.6.1-r0, 2.6.24-gentoo-r4 i686) ================================================================= System uname: 2.6.24-gentoo-r4 i686 Intel(R) Pentium(R) M processor 1.86GHz Timestamp of tree: Fri, 18 Apr 2008 12:00:01 +0000 ccache version 2.4 [enabled] app-shells/bash: 3.2_p17-r1 dev-java/java-config: 1.3.7, 2.1.4 dev-lang/python: 2.4.4-r9 dev-python/pycrypto: 2.0.1-r6 dev-util/ccache: 2.4-r7 sys-apps/baselayout: 1.12.11.1 sys-apps/sandbox: 1.2.18.1-r2 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.1 sys-devel/binutils: 2.18-r1 sys-devel/gcc-config: 1.4.0-r4 sys-devel/libtool: 1.5.26 virtual/os-headers: 2.6.23-r3 ACCEPT_KEYWORDS="x86" CBUILD="i686-pc-linux-gnu" CFLAGS="-march=pentium-m -O3 -pipe" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-march=pentium-m -O3 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="ccache distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://mirror.ing.unibo.it/gentoo/ http://ftp.gentoo.bg/ http://ftp.uni-erlangen.de/pub/mirrors/gentoo" LANG="it_IT" LC_ALL="it_IT" LINGUAS="it" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/secondlife /usr/portage/local/layman/science /usr/portage/local/layman/enlightenment /usr/portage/local/layman/pro-audio /usr/portage/local/layman/java-binary /usr/portage/local/layman/desktop-effects /usr/portage/local/layman/games /usr/portage/local/layman/secondlife /usr/portage/local/layman/science /usr/portage/local/layman/pro-audio /usr/portage/local/layman/enlightenment /usr/portage/local/layman/java-binary /usr/portage/local/layman/desktop-effects /usr/portage/local/layman/games" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X aac aalib acl acpi alsa arts audiofile berkdb bzip2 cairo cdparanoia cdr cli cpudetection cracklib crypt cups dbus dri dts dv dvd dvdr dvdread eds emboss encode esd evo fam flac fortran gdbm gif gpm gstreamer gtk hal i8x0 iconv innodb isdnlog java jpeg kde kerberos ldap mad midi mikmod mmx mmxext mod_php mp3 mpeg mudflap musepack ncurses nls nptl nptlonly ogg opengl openmp oss pam pcre pdf perl png pppd python qt3 qt3support qt4 quicktime readline reflection sdl session spell spl sse sse2 ssl svg tcpd threads tiff timidity truetype vorbis wifi win32codecs wmf x86 xine xml xml2 xorg xv xvid zlib" ALSA_CARDS="intel8x0" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="mouse keyboard synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="it" USERLAND="GNU" VIDEO_CARDS="fglrx" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
You must use 1.2412 and SUID. It's in testing. If it still doesn't work then you really don't have permission to access /dev/sdb5. Yes, it worked in the past but that was a major security hole.
now I use the 1.2410 version end SUid use flag enabled......but without success. for the permission : with version 1.1120 I've not problem to mount and work with this partition.I dont know why now I've this problem and not with the old version what must I do?
> I dont know why now I've this problem and not with the old version Because the old version had a security hole (local root exploit) but not the latest one. > what must I do? You must give access right to the partition for the user mounting user.
the fstab line for the ntfs3g patition is the follow /dev/sdb5 /mnt/ntfs ntfs-3g users,uid=1000,gid=100,noauto 0 0 what is wrong?what must I do in fact to adjust the situation?
if I mount the partition with root and see the partition right i see "user andrea (my normal user)...group "users" " I don't understand why the normal user can't mount but no problem for unmounting...
(In reply to comment #8) > I don't understand why the normal user can't mount but no problem for > unmounting... http://ntfs-3g.org/support.html#useroption2
(In reply to comment #2) > i've installed the last version but without changes..... > every times i read this one > > "Error opening '/dev/sdb5': Permission denied > Failed to mount '/dev/sdb5': Permission denied > Please check '/dev/sdb5' and the ntfs-3g binary permissions, > and the mounting user ID. More explanation is provided at > http://ntfs-3g.org/support.html#unprivileged" > > i've installed with suid and kernel's fuse > I can confirm this. The device node /dev/hda1 is brw-r----- root disk and mount point drwxrwx--- root disk Dev-node changed to group readonly due to a udev-update. I got the same error as above. So i did chmod g+w /dev/hda*, but again it does not work. And yes, i am in the group disk. I also tried different versions of ntfs3g: 1.2310 and 1.2412
Don't even try 1.2310, only 1.2412. What are the outputs of the below? ls /dev/<device> id ntfs-3g /dev/<device> <mountpoint>
(In reply to comment #11) > Don't even try 1.2310, only 1.2412. > > What are the outputs of the below? > > ls /dev/<device> ls -la /dev/hda1 is "brw-r----- 1 root disk 3, 1 2008-04-21 10:40 /dev/hda1" > id id is "uid=1000(philipp) gid=100(users) groups=5(tty),6(disk),7(lp),10(wheel),14(uucp),18(audio),19(cdrom),27(video), 35(games),80(cdrw),85(usb),100(users),441(plugdev),444(shutdown),1006(wireshark), 1007(lighttpd),1008(vboxusers),1009(qemu) > ntfs-3g /dev/<device> <mountpoint> ntfs-3g /dev/hda1 /mnt/laufw_C is "Error opening '/dev/hda1': Permission denied Failed to mount '/dev/hda1': Permission denied Please check '/dev/hda1' and the ntfs-3g binary permissions, and the mounting user ID. More explanation is provided at http://ntfs-3g.org/support.html#unprivileged" ls -la /bin/ntfs-3g is "-rws--x--x 1 root root 38724 2008-04-21 09:41 /bin/ntfs-3g"
(In reply to comment #12) > > > ls /dev/<device> > ls -la /dev/hda1 is "brw-r----- 1 root disk 3, 1 2008-04-21 10:40 /dev/hda1" The disk group has no write access, hereby ntfs-3g is correct giving "Permission denied".
Philipp: if you do a chmod g+w /dev/hda1 does it work? CAUTION: this will cause all members of the "disk" group to essentially have root access to anything on /dev/hda1
(In reply to comment #14) > Philipp: if you do a chmod g+w /dev/hda1 does it work? > Already tried that: No difference. But when i do chmod go+rw /dev/hda1 i get a different error. "ntfs-3g-mount: failed to chdir to mountpoint: Permission denied" But i think even if that works it is not a good solution to give the world write access on that partition.
(In reply to comment #15) > (In reply to comment #14) > > Philipp: if you do a chmod g+w /dev/hda1 does it work? > > Already tried that: No difference. Sorry but I don't believe you tried that with the latest version of NTFS-3G. Only that one supports the scenario we are discussing. So, please send the full output of the below commands: ntfs-3g -h ls -l /dev/<device> id ntfs-3g /dev/<device> <mountpoint>
(In reply to comment #16) > > Sorry but I don't believe you tried that with the latest version of NTFS-3G. > Only that one supports the scenario we are discussing. > I must apologize to you. You are definitly right. Sorry for any inconvenience. Now i have tried chmod g+rw /dev/hda1 with ntfs3g-1.2412 and it worked like it did before. But i have one more question. What has caused this disfunction? Were all local HDDs and Partitions always 640 in Gentoo? Was it an update in ntfs3g which caused it to not work anymore with this permissions? And if i want this permission to be permanently set to 660, what do i have to do? Writing an own udev-rule for this? Thanks in advance.
(In reply to comment #17) > > I must apologize to you. You are definitly right. Sorry for any inconvenience. No problem :) > But i have one more question. What has caused this disfunction? Were all local > HDDs and Partitions always 640 in Gentoo? Was it an update in ntfs3g which > caused it to not work anymore with this permissions? Ntfs-3g 1.2129 and earlier versions had a local root exploit. It's explained here: http://article.gmane.org/gmane.comp.file-systems.ntfs-3g.devel/418 Ntfs-3g 1.2216 (intentionally) made the security too paranoid and the safe cases were relaxed in the recent versions (1.2310 and 1.2412). There is only one known case which still doesn't work. But that needs fixing the mount(8) utilities (unfortunately there are many different ones): http://ntfs-3g.org/support.html#useroption2
(In reply to comment #18) > There is only one known case which still doesn't work. But that needs > fixing the mount(8) utilities (unfortunately there are many different ones): > http://ntfs-3g.org/support.html#useroption2 > Thanks for your reply and explanation. As a temporary workaround i created a custom udev rule to ensure the device /dev/hda1 is group writeable. If anyone experienced the same problem as i did, one can place the following content in /etc/udev/rules.d/99-special-perms.rules: KERNEL=="hda1", SUBSYSTEM=="block", GROUP="disk", MODE="0660" Substituting hda1 with the appropriate device name.
*** Bug 220078 has been marked as a duplicate of this bug. ***
Current stable ntfs3g has fix for this now.
