tuxera / ntfs-3g

NTFS-3G Safe Read/Write NTFS Driver
https://www.tuxera.com/company/open-source
GNU General Public License v2.0
984 stars 149 forks source link

issue when configuring windows behavior in file creation parameters #90

Open maenpaa24 opened 1 year ago

maenpaa24 commented 1 year ago

Hello,

From the ntfs-3g wiki (https://github.com/tuxera/ntfs-3g/wiki/File-Ownership-and-Permissions#mount-options), one can read that for "New files are owned by creator and inherit their permissions from parent directory (Windows behavior)" the conditions are:

If I am not mistaken, that means that an option for this to work is mounting with the following command:

sudo mount -t ntfs-3g -o permissions,inherit /mnt

where /mnt can be any mount point.

However, when I create a file it does not inherit the permissions from the parent folder. The permissions are set to "Everyone".

What am I missing?

jpandre commented 1 year ago

There is a bug when using Windows inheritance with no user mapping. I can provide you with a fix, but I would suggest you define the user mapping as a workaround.

Please however note that the use of Windows inheritance does not play well with Linux/Unix rules, so its usage is discouraged.

maenpaa24 commented 1 year ago

Thank you very much for your comment. Having the patch would be great. I bear in mind the caveats.

By the way, when udisks2 mounts an ntfs volume using ntfs-3g, it seems to apply inheritance.

jpandre commented 1 year ago

Below is the patch for you to try.

Inheritance applies to permissions, not to ownership, because the owner of the created file should be the owner of the current process, so when user mapping is not defined, ntfs-3g has to make guesses, and this is not always correct.

634 Fixed Windows inheritance when no user mapping is defined
--- src/lowntfs-3g.c.ref    2023-08-10 10:14:05.485679800 +0200
+++ src/lowntfs-3g.c    2023-08-10 10:14:05.539318100 +0200
@@ -2780,7 +2780,7 @@
             * This is not possible for NTFS 1.x, and we will
             * have to build a security attribute later.
             */
-       if (!ctx->security.mapping[MAPUSERS])
+       if (!ctx->security.mapping[MAPUSERS] && !ctx->inherit)
            securid = const_cpu_to_le32(0);
        else
            if (ctx->inherit)
--- src/ntfs-3g.c.ref   2023-08-10 10:14:05.476174500 +0200
+++ src/ntfs-3g.c   2023-08-10 10:14:05.530331900 +0200
@@ -2255,7 +2255,7 @@
             * This is not possible for NTFS 1.x, and we will
             * have to build a security attribute later.
             */
-       if (!ctx->security.mapping[MAPUSERS])
+       if (!ctx->security.mapping[MAPUSERS] && !ctx->inherit)
            securid = const_cpu_to_le32(0);
        else
            if (ctx->inherit)
ge9 commented 5 months ago

Hi,

How about adding some option to inherit both permissions and ownership of the parent directory? I want file creation in Linux to be Windows-compatible, but don't feel like creating UserMapping with unreadable numeric SIDs. When no UserMapping is provided, we can assume the only one owner in Linux side, so may be able to set arbitrary owner under the hood.