"Paul W. Abrahams"
Eilert Brinkmann wrote:
Using the options `uid=...' and/or `gid=...', too, it is also possible to restrict access to the vfat partition to a specific user or group. E.g., the options `gid=100,umask=002' will permit write access for owner (still root) and group (100=users), while others may only read.
That could be useful, but it's not the same thing as per-file or per-directory control.
Correct, but with this options it's at least possible to permit only specific users to access data on a vfat partition. Maybe there are situations where this is desirable.
I think it's possible to change read/write permissions on individual files, but I'm not sure about that.
Not when a partition is mounted as vfat. There is this ums-dos file system which uses extra files to store Linux permissions on FAT partitions. I've never tried it. Maybe it's usefull in some cases, but it seems to be an ugly hack.
I wish there was some way of publicizing the `umask=0' incantation so that people wouldn't have to keep asking about it. I certainly don't blame you for not knowing about it.
Well, this options are documented in the man page for mount (section "Mount options for fat"). Unfortunately this is a place where many people don't find this information. (I had to answer questions concerning this problem more than once...) As many users want to mount vfat partitions, this issue should also be described in the printed manual. (I don't know if the SuSE manual mentions it.)
I chose the word `publicizing' carefully. Yes, it is documented, and probably even documented in more than one place. The problem is that it's not documented in the places where people look for the information when they discover that their vfat partitions aren't writable.
Agreed.
By the way, why do you prefer `umask=007' over `umask=0'? You're a James Bond fan, perhaps?
1. Such restrictions can be used to ensure that some services not running as a normal user (e.g., a web server) are unable to access the windows partition, even if an user does something like `ln -s /vfat/WINDOWS ~/www/windows'. (Ok, most web servers will not run on dual boot systems, though.) 2. It was just an example to show that it is possible to restrict permissions to a single group. 3. In my example I used `umask=002'. The `umask=007' example was in tabanna's posting. 4. But, yes, I like (most) James Bond movies :) Eilert -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Eilert Brinkmann -- Universitaet Bremen -- FB 3, Informatik eilert@informatik.uni-bremen.de - eilert@tzi.org - eilert@linuxfreak.com http://www.informatik.uni-bremen.de/~eilert/ -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/