Hello David, really thank you for your reply. I'll try to explain my needs and
all info that I can have in order to answer your questions the best way I can:
First I will explain my goal: I have always been a Windows user, but for a
while I've been thinking in changing to Linux. Last month I decided to do the
change, but as we are 2 people at home (me and my wife), I've decided to do a
dual boot while I can do all settings and familiarize myself with Debian, while
she will still be using Windows (she is not a tech woman, she only wants
something that works easily). So I want to be able to access and modify
documents on the folders on Debian and Windows, as me and my wife have
documents in common on these folders. As I stated before, the computer has 2
physical drives, one SSD with the 2 OSs and a HDD with all the data files
(documents, pictures, ...) This drive is meant to be shared between all users,
and the folders are there only for organisational purposes. For example: - HDD
----Documents --------User1 --------User2 --------Public ----Images
--------User1 --------User2 --------Public As I said, the permissions on the
subfolder are herited from the parent ones: User1, User2 and Public folder's
permissions are herited from Documents or Images. Here is a PowerShell
"Get-ACL" output from the 2 user's documents folders: > > PS
C:\Windows\system32> cd D:\Documents\User2\ > PS D:\Documents\User2> Get-Acl |
Format-Table -Wrap > > Répertoire : D:\Documents > > Path Owner Access > ----
----- ------ > User2 PC-01\Admin AUTORITE NT\Système Allow FullControl >
BUILTIN\Administrateurs Allow FullControl > PC-01\Admin Allow FullControl >
PC-01\user1 Allow FullControl > PC-01\user2 Allow FullControl > Tout le monde
Allow Write, ReadAndExecute, Synchronize > > PS D:\Documents\User2> cd
..\User1\ > PS D:\Documents\User1> Get-Acl | Format-Table -Wrap > > Répertoire
: D:\Documents > > Path Owner Access > ---- ----- ------ > User1 PC-01\Admin
AUTORITE NT\Système Allow FullControl > BUILTIN\Administrateurs Allow
FullControl > PC-01\Admin Allow FullControl > PC-01\user1 Allow FullControl >
PC-01\user2 Allow FullControl > Tout le monde Allow Write, ReadAndExecute,
Synchronize > > PS D:\Documents\User1> If I suppose that these settings are the
same, I think I could suppose that after a mount, both of these folders would
have the same permission settings on Debian, but thats not the case. I also
disable fast boot and hibernation on the Windows side: - I first went to power
button settings and disabled the fast boot - then I went to PowerShell and did
powercfg -h off - at last, I checked the group policies settings to be sure
that hibernation was forced on the system As for the tests I did with some new
folders: - first I created a "linuxTestFolder" on Debian - "sudo mkdir
/mnt/windows/Documents/linuxTestFolder": - this folder was created with
"rwxrwxrwx" permissions and I have full access on Debian. - I can also use this
folder on Windows, and it's permissions are "Everybody full control" - I can
create and edit files on both OSs - second I created a "windowsTestFolder" on
Windows, with the same inherit permissions as User1 and User2 - "Add new
folder" button on Windows explorer: - after the mount on Debian, this folder
have "rwxrwxrwx" permissions and I have full access - I can also use this
folder on Windows - I can create and edit files on both OSs This permission
history is really puzzeling me... Maybe there are other Windows settings that I
can't see with get-acl ? Bet regards, Marc Le 2021-11-28 22:14, David Wright
<deb...@lionunicorn.co.uk> a écrit : > > On Sun 28 Nov 2021 at 17:45:33
(+0100), lists.deb...@netc.eu wrote: > > Thansk for the answer. To be honest to
you, I already checked all that. Both User1 and User2 folders have have exactly
the same permission sets on Windows (they both herit them from the Documents
folder). > > Were this a windows list, we'd expect you to demonstrate this with
> some pasted output. > > NTFS permissions and their inheritance is
complicated, can be > "broken" (intentional) and corrupted (eg interrupting the
> inheritance chain updates) but mendable. So one would need > evidence of
clean, up-to-date metadata. > > > I did also tried to use the usermap file, but
I must say that I didn't managed to do it. I didn't found the Windows zip file
to download from the NTFS-3G website and the Linux one I didn't managed to
understand once I launch it. > > I drafted a reply before Chuck's arrived. I
wrote: > > You probably need to become very familiar with man ntfs-3g >
particularly with: > > "On computers which can be dual-booted into Windows or
Linux, > Windows has to be fully shut down before booting into Linux" > > and:
> > Regardless of what's shown here, have you written to the filesystem > from
linux at all? (Note that I'm not asking you to try.) Or IOW, is > the partition
listed as rw or ro by mount? > > "If either Windows is hibernated or its fast
restart is enabled, > partitions on internal disks are forced to be mounted in
read-only mode." > > Next is working your way through "Access Handling and
Security" > and then appreciating that "umask=value Set[s] the bitmask of the
file > and directory permissions /that are not present/. … The default value >
is 0 which means full access to everybody." (My emphasis.) > > In view of your
reported struggles to understand above, I would think > carefully about what
exectly you are trying to communicate between > windows and linux. > > . Are
you actually relying on permissions because User 1,2,3 are > different people
whose data needs protecting, or are they different > facets of yourself
(personal, work, financial, etc.) > > . Do the files require preservation of
windows metadata. (Eg, if you > were sharing "C:\WINDOWS", one wouldn't want to
interfere with > metadata that the OS relies upon.) > > Then I would decide on
whether your shared filesystem would really > be better served by being simple,
like exFAT (DC's choice, I've no > experience) or FAT32. > > > I did some
tests, and I think that I I can't find a way to do it this week I will end by
recreate this folders. In my tests it worked well :( > > And without
understanding what caused the problem, just touch wood and > hope it doesn't
happen again? Not the way I'd want to run a system. > For example, what tool
would you use to check it and preen it? > (Disclaimer: we have no idea what
these "tests" were.) > > Cheers, > David. > > > Le 2021-11-27 19:39, Chuck
Zmudzinski <brchu...@netscape.net> a écrit : > > Read the ntfs-3 man page. > >
Take a look at the man page for ntfs-3g, the section on > Access Handling and
Security: > > From the ntfs-3g man page: >
------------------------------------------------------------ > Access Handling
and Security > By default, files and directories are owned by the effective >
user and group of the mounting process, and ev‐ > erybody has full read, write,
execution and directory browsing > permissions. You can also assign permissions
> to a single user by using the uid and/or the gid options > together with the
umask, or fmask and dmask options. > > Doing so, Windows users have full access
to the files created by > ntfs-3g. > > But, by setting the permissions option,
you can benefit from the > full ownership and permissions features as > defined
by POSIX. Moreover, by defining a Windows-to-Linux > user mapping, the
ownerships and permissions are > even applied to Windows users and conversely.
> > If ntfs-3g is set setuid-root then non-root users will be also > able to
mount volumes. > ------------------------------------------------------------ >
> You use the defaults option when mounting. I do not know how that > affects
access and security for ntfs-3g. I would suggest either using > uid and gid
options when mounting instead, or using the > usermapping file that maps
Windows users to Debian users. > > You need to check which user under Windows
owns those folders, which Windows > users have write access to those folders,
etc. > > As mentioned in the man page, there is a way to map Windows users to >
Debian 11 users using the default .NTFS-3G/UserMapping file or a > custom
usermapping file with the usermapping mount option. > > I used this feature a
long time ago, and the format for the usermapping > file is documented in the
ntfs-3g man page. > > As is said at the beginning of this reply, read the
ntfs-3g man page! > > HTH, > > Chuck > > On 11/26/2021 3:29 AM,
lists.deb...@netc.eu wrote: > > Hello to all, > > I have a dual boot PC with
Windows 10 and Debian 11 > > This PC has 2 drives, one SSD that has both
operating systems and a > > HDD where I store all other files (documents,
music, images, ...) > > The goal is to share this HDD between Windows and
Debian. To do it, I > > added the following line to the fstab file: > > > >
UUID=ACB23705B236D414 /mnt/windows ntfs-3g defaults,umask=000 > > 0 0 > > > >
the folders lount without any problem to /mnt/windows, all with the > > correct
permission settings (rwx) : > > > > $ ls -l /mnt/windows/ > > total 80 > >
drwxrwxrwx 1 root root 4096 14 nov. 20:20 '$RECYCLE.BIN' > > drwxrwxrwx 1 root
root 4096 24 nov. 15:59 CloudStation > > drwxrwxrwx 1 root root 4096 21 nov.
11:44 Documents > > -rwxrwxrwx 1 root root 8192 25 juin 08:15 DumpStack.log.tmp
> > drwxrwxrwx 1 root root 4096 22 nov. 20:41 Images > > drwxrwxrwx 1 root root
4096 24 nov. 11:53 Music > > drwxrwxrwx 1 root root 8192 23 nov. 06:21 'System
Volume Information' > > drwxrwxrwx 1 root root 40960 21 nov. 22:22 Downloads >
> drwxrwxrwx 1 root root 4096 21 nov. 19:44 Videos > > > > My problem is that
in some sub folders, I'm not getting the write > > ("w") permission. For
example on the "Documents" one: > > > > $ ls -l /mnt/windows/Documents/ > >
total 117 > > drwxrwxrwx 1 root root 16384 24 nov. 15:59 User1 > > -rwxrwxrwx 1
root root 0 26 nov. 2020 Default.rdp > > -rwxrwxrwx 1 root root 432 11 mars
2021 desktop.ini > > dr-xr-xr-x 1 root root 40960 24 nov. 15:59 User2 > >
drwxrwxrwx 1 root root 16384 24 nov. 16:00 Public > > drwxrwxrwx 1 root root
4096 24 nov. 15:59 User3 > > dr-xr-xr-x 1 root root 20480 21 nov. 12:05 Scan >
> -rwxrwxrwx 1 root root 18432 4 déc. 2016 Thumbs.db > > drwxrwxrwx 1 root root
0 16 nov. 23:13 'Unified Remote' > > > > Most of the folders are OK, but I ave
User2 and San that doesn't have > > the write ("w") permission... > > Do you
have any idea on whats going on? > > Thanks in advance for all the help, > >
Berst regards, > > Marc > > > >
