Question

5

Mount directory for non-admin users on a dual boot setup

rated 0 times [ 5] [ 0] / answers: 1 / hits: 735 / 3 Years ago, thu, october 21, 2021, 5:53:01

I have a dual boot PC (Ubuntu 12.04 with gnome, windows Vista) and admin uses all drives, including the C drive of windows.

I would like to allow standard-privileged users to be able to read (not write, only access a document) a single subdirectory named A from the drive C.

So, in /etc/fstab file, /media/123.../A (C:A in windows) should be linked to the users' documents/A directory (/home/user/Documents/A), only for standard users (not admins).

This should include the subdirectories of A too and all files.
Is there a way to do it?

Thank you in advance!

Answers

Only authorized users can answer the question. Please sign in first, or register a free account.

istmasted

Add To Favorites

Follow

Total Points: 287

Total Questions: 130

Total Answers: 153

Location: Burkina Faso

Member since Thu, Dec 23, 2021

2 Years ago

istmasted questions

1 Is it possible to hide the workspaces thumbnails in the application launcher?

Sat, May 28, 22, 17:36, 2 Years ago

1 How do I make a Markdown table of two columns out of a list whose items alternate to each column?

Sat, Dec 24, 22, 17:24, 1 Year ago

1 Bash script file extension

Sat, Jun 19, 21, 16:54, 3 Years ago

1 I'm trying to understand these partitions

Tue, Mar 1, 22, 22:36, 2 Years ago

1 Internet stops working after installing ProtonVPN

Mon, Jan 31, 22, 22:55, 2 Years ago

View All

answered 3 Years ago suspengn · Accepted Answer

You can set permissions for a Windows partition, but you can't set permissions to individual files/folders under the partition; at the time of mounting, you set the permissions to the whole drive.

In your question, you have not mentioned whether the standard-privileged users need to have "read-only access to the subdirectory A and write access to the rest of the Windows partition", or "read-only access to subdirectory A and no access to the rest of the partition". Unfortunately though, both of these scenarios cannot be exactly accomplished, due to the opening sentence of this answer.

If you want to give a user read-only access to a specific folder under the Windows partition, that user will have read-only access to the whole partition. If this is okay with you, then here's an explanation on how to do this:

First, create a group for the users that will have read-only access. For the sake of this example, we'll use WindowsRO. So, the command to create the group is:
```
sudo groupadd WindowsRO
```

Second, we'll add the users (that we want to give read-only access to) to the group. Assuming that a user is called notadmin, this is the command:
```
sudo usermod -a -G WindowsRO notadmin
```
Repeat this command for all the required users.

Now, we need to get the GID (group ID) of the group, because we'll use it when mounting the drive. To do that, execute the following:
```
grep WindowsRO /etc/group | cut -d: -f3
```
Note down the number that's outputted, because we'll need that in step 5. For this example, I'll assume the output is 1003.

Now, we need to get the UID (user ID) of the admin account, because we'll use it when mounting the drive. This example will assume that the admin account is bob. To do that, execute the following:
```
grep bob /etc/passwd | cut -d: -f3
```
Note down the number that's outputted, because we'll need that in step 5. For this example, I'll assume the output is 1000.

We will now edit the /etc/fstab file. I'll assume that the Windows partition in question is /dev/sda2, that you're mounting it on /media/123, and that it's an ntfs partition. This is the line that you should have:
```
/dev/sda2    /media/123    ntfs    rw,gid=1003,uid=1000,dmask=027,fmask=037,#AnyOtherOptions#
```
- gid=1003 is the number we got from step 3 (the GID of the group).
- uid=1000 is the number we got from step 4 (the UID of the admin account).
- dmask=027 sets the permissions on folders to be: -rwxr-x---, which means that the owner (the admin account) will have full access (rwx), and the group will only have read access (r-x), and anyone else will not have access at all (---).
- fmask=037 sets the permissions on files to be: -rwxr-----. This is similar to dmask; the group will only have read access to files.
- You should substitute #AnyOtherOptions# with whatever other options you have. For example, you might have auto which automatically mounts the partition on startup.

Once the above is done, do sudo mount -a to apply the changes we did to the fstab file. Hopefully, you shouldn't get any errors.

You should now test that the users can access the partition. If yes, move on the the next step to add that A link to their Documents folder.

Assuming that the home directory for our notadmin account is /home/notadmin, and that this A folder is at /media/123/some/folder/A, do the following:
```
ln -s /media/123/some/folder/A /home/notadmin/Documents/A
```
You should now see a link under notadmin's Documents, pointing to A. He will only have read access to it (and its subdirectories, since he has read-only access to the whole partition). Follow the same thing for other users.

All of the above should meet your requirements, except for the point I mentioned at the beginning: what kind of access should the user have to the rest of the partition? The above will give them read-only access to the whole partition, and not just the A partition; we're not able to set permissions to specific files/folders when mounting Windows partitions.