UbuntuHelp:VolumePermissions
来自Ubuntu中文
点击翻译: |
English |
请不要直接编辑翻译本页,本页将定期与来源同步。 |
目录
Understanding and Using Volume, Mount and File System Permissions
Volume, Mount and File System Permissions are different than FilePermissions.
Changing Permissions For Volumes With umask
New users attempting to change permissions for certain volumes will find that changes made with chmod or a sudo/kdesu filebrowser window will not be applied. This is often because the umask modifier in the volume's fstab entry is overriding the changes they are attempting to make. A common example of this situation is a user attempting to add write permissions to a FAT volume on their dual-boot ubuntu/windows box. Permissions for volumes are most easily changed by adding a umask modifier to their fstab entries. Here is a sample fstab entry:
# # <file system> <mount point> <type> <options> <dump> <pass> proc /proc proc defaults 0 0 /dev/hdb2 / ext3 defaults,errors=remount-ro 0 1 /dev/hda1 /media/hda1 vfat umask=000 0 0 /dev/hdb1 none swap sw 0 0 /dev/hdc /media/cdrom0 udf,iso9660 user,noauto 0 0 /dev/fd0 /media/floppy0 auto rw,user,noauto 0 0 /dev/hda2 /media/windows ntfs ro,nls=utf8,umask=0222 0 0 /dev/hdd1 /media/storage ntfs ro,nls=utf8,umask=0222 0 0 /dev/hdd5 /media/fat vfat umask=000 0 0
The umask modifier sets the permissions for all users of the volume. The umask modifier cannot be overridden by changing permissions through your file browser (not even using a root window,) so it is a good way to set relatively tamper-proof permissions. A umask entry of 0222 allows read access to all users and write access to root only, so it is good for NTFS partitions. A umask entry of 000 allows read and write access to all users.
There are analogous options called fmask and dmask. fmask applies to files and dmask applies to directories. They work in the same way as umask, but offer finer grained control. For example, you usually want directories to executable (i.e. listable), but most files don't need to be executable.
Changing permissions for a FAT volume with umask
To change permissions for a FAT volume, it must first be unmounted with the command
user@host:/home/user$ sudo umount /dev/xxxx
Where xxxx is the FAT volume you wish to modify. Begin by backing up the file /etc/fstab
user@host:/home/user$ sudo cp /etc/fstab /etc/fstab_backup1
Next, edit the fstab file with gedit, using the command
user@host:/home/user$ gksudo gedit /etc/fstab
Modify the line detailing the FAT volume, changing
/dev/xxxx /media/xxxx vfat defaults 0 0
to
/dev/xxxx /media/xxxx vfat umask=000 0 0
Save and exit gedit. This will allow ALL users read and write access to the drive. (I am a home user who is willing to take his chances. A more knowledgeable contributor will clarify this section.)
To finish, mount your volumes as per the specifications of the fstab file by using the command
user@host:/home/user$ sudo mount -a
Voila! Your FAT partition now allows read and write access to all users.
For more information
- man mount
ToDo
- umask (re-write and clarify umask section, with specific focus on security)
- Mount Permissions
- File System Permissions