Mounting and setting permissions for FAT and NTFS partitions

If you want to use an NTFS partition, you will need to go through a few additional steps (installing the NTFS module for the kernel) (Fedora may ship the kernel without NTFS support due to legal / licensing issues). Please read this document carefully before asking questions about NTFS. Also, keep in mind that NTFS support is limited to read-only permissions (take this into account when setting permissions).

Many of you use dual boot configurations, which means installing both a Linux distribution and a Windows version on the same computer. In these cases, there are many who want to access Windows partitions under Linux (the opposite is not possible) - in other words to share files between systems. The simplest method is to use the mount command (of course, authenticated as root; all the following commands require root access):

# mkdir /tmp/fatfs
# mount /dev/hda1 /tmp/fatfs

(I assume you already know which device in the / dev directory is the Windows partition you are looking for; in this example it is / dev / hda1.)

In doing so, however, some problems arise:

We must have root access to be able to mount the partition.
The files are mounted with very strict permissions (only root can modify them).
We want some control over those who are allowed to access these files, for security reasons. For example, if we run a web server on the Linux distribution, and this web server is broken, we will not want to access the partition through the hacked web server.
We want to mount this boot partition.
We want directories and files to look good when browsing (permissions).

All of this can be achieved through various scripts, but this is not the best way. I will describe below how to do it.

Brief explanation of the options

Note: For more details, follow the mount (man mount) command manual.
The options we will use are auto, rw, uid, gid, showexec, quiet, umask, fmask, dmask:

auto - means that the partition will be mounted at boot.
rw - this involves read / write access to the partition.
uid - represents the user ID. Files must appear with this user as the owner at the time of installation. Most likely you will want this user to be root (uid 0).
gid - represents the group ID. The files will appear to be in the possession of this mounting group. You will most likely want a separate group to control access to the partition. You still have more details.
showexec - makes the system look for DOS / Windows executables (EXE, COM etc.) and set the execution permissions accordingly.
quiet - means that the system will not display errors when trying to change the file parameters on the partition (obviously, on FAT partitions it is not possible, as they do not have support for such a thing).
umask - represents the permissions reversed in the octal system that the files will receive during mounting. This parameter is a bit strange, as soon as it is reversed. So, if you want a file to have 770 permissions (meaning files totally accessible by the owner indicated by uid and the group indicated by gid and respectively inaccessible by anyone else) you have to reverse the values ??and put 007.
fmask - similar to umask but only for files (without directories).
dmask - similar to umask but only for directories. Note that directories must have execution permissions in order to open them (you can read files from directories with read-only permissions, but you must know exactly the path to the file).

Note: fmask and dmask options are only present on systems running kernel 2.6 - so if you are running Fedora Core 1 (newer versions are running kernel 2.6) you can only use the umask option (which is sufficient along with the showexec option).

Example
To illustrate these, I will exemplify below.
First we need to create a mount point (a directory where the partition will be mounted) and let's call it / mnt / fet. Don't bother with the permissions for this directory - they will be changed anyway at the time of installation. And we also assume that our partition is on / dev / hda1.
Next we need to add a group that will have read / write permissions on our partition files. It's usually a good habit to have a separate group for "better" users - with extra control over the system, access to commands, etc. If you have such a thing, use this group. To add the group, run the following command:

# groupadd -g 500 fat

We created the group called fat with ID 500. We add our own username:

# usermod -G fat eu

(You will need to resume the command for each user who must have access to the partition.)

Now we will edit the / etc / fstab file (the line may already be present):

/dev/hda1 /mnt/fat auto auto,rw,uid=0,gid=500,showexec,quiet,fmask=117,dmask=007 0 0
# aceasta linie este lunga, si poate apare impartita pe ecran - trebuie sa fie o singura linie.

the first car means that the partition type will be auto-detected. 0 0 are the numbers for the dump program. Very few of you use this program, so I will not refer to it - leave the data as it is. The other options are explained above.

What is he doing?
Makes the system mount our FAT / dev / hda1 partition at the / mnt / fat mount point. The files have the permissions set to 660 (but the EXE and similar files receive 770) and the directories receive the 770 permissions. The files in this partition are owned by the root user and the fet group. This means that the root user and the members of the fet group have full access to the files of this partition. Other users cannot even enter this directory. There are also some measures to mount 'automagically' on boot, as well as suppressing error messages (they can become very unpleasant in some programs that try to change permissions - eg editors and file managers).
Note: This is just an example - you will need to experiment with your own settings to get the desired effects. For NTFS you will probably need to change some of the options. Also, the partition device and mount point may vary.