PDA

View Full Version : How to configure NTFS-3G to always be in read only mode



leonardpowers
23-Apr-2016, 07:14
Hi All,

Firstly I'm not really a Linux expert by any stretch but SUSE Studio has made my life easier. I'm using it to build a recovery CD. Every is working perfectly except the servers that I need to recover from will always be in a crash persistent state. NTFS-3G complains when accessing these partitions saying it can only access them in read only mode. Since I'm accessing these NTFS formatted drives via Dolphin file manager everything is pretty much automatic. How can I make changes so that NTFS-3G is always accessing these drives in read only mode. Ideally I'd like to be in read only mode as the default which the option to change it to Read/Write if needed. Since the end users are likely to be non technical, these has to be as simple as possible. From what I've seen it looks like I need to make changes to the udisks policy?

Many thanks for any help you can give.

Regards

deano_ferrari
23-Apr-2016, 10:26
First, welcome to the openSUSE Forums. The udisks2 mount options are
hard-coded, leaving your only real options to override the mounting
options by using entries in /etc/fstab or perhaps systemd mount units.

It may be possible to use a udev rule with suitable match attributes and
setting the environment variable 'ENV{UDISKS_MOUNT_OPTIONS}="ro"' eg

Code:
--------------------
ENV{ID_FS_TYPE}=="ntfs" , ENV{UDISKS_MOUNT_OPTIONS}="ro"
--------------------

however I don't have experience with doing this so uncharted territory.

http://tinyurl.com/lgyobwy


--
deano_ferrari
------------------------------------------------------------------------
deano_ferrari's Profile: http://forums.opensuse.org/member.php?userid=122
View this thread: http://forums.opensuse.org/showthread.php?t=517328

tsu2
23-Apr-2016, 20:16
From an Administration and solution architecture perspective,
Managing access permissions on every individual client machine is both
extra unnecessary work and subject to mistakes, possibly leading to an
eventual real problem.

It's standard "Best Practice" to configure access permissions on the
Server, and leave the clients in their default configuration unless
absolutely necessary.

I'm guessing that your remote files are being served from a Windows
machine, and that you're using Windows File Sharing?

If that is the case, then depending on whether you are implementing
Network Security like Active Directory (I'm to guess you're not) or
simple Workgroup File Sharing,

The simplest solution to set no restrictions at the file level and set
your permissions <only> at the file sharing level. You can configure
combinations of file level and Share permissions, but that's not
advisable in more than 95% of all scenarios I've dealt with.

At the Share permissions level, set and existing or create a new User
Group that has read only permissions. All ordinary Users who need only
read only access will use a User Account that is made a member of this
User Group.

Create another or assign an existing User Group with Full Control, ie
Read/Write access. User Accounts that will upload and manage (write,
delete, change, etc) files are made members of this Group.

When you have the above set up, you won't have to change a thing when
configuring access by any User on any machine in your network.

Also, note that Share permissions only apply to Users who access your
Shares and files from another machine. Anyone who can logon to the
Windows machine itself will not be affected by the Share permissions and
will have access determined only by the File level permissions.

HTH,
TSU


--
*Beginner Wiki Quickstart *-
https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
Solved a problem recently? Create a wiki page for future personal
reference!
Learn something new?
Attended a computing event?
*Post and Share!*
------------------------------------------------------------------------
tsu2's Profile: http://forums.opensuse.org/member.php?userid=2578
View this thread: http://forums.opensuse.org/showthread.php?t=517328