How to use ntfs-3g as a simple user (not root)

[olivier]

Hi all,

I'm trying to mount a NTFS formatted USB drive,
then I've installed /usr/ports/sysutils/fusefs-ntfs and start fusefs.
I've followed the instructions in:

• /usr/local/share/doc/ntfs-3g/README.FreeBSD
• /usr/local/share/doc/hal-0.5.11/README.fuse

But when I plug the NTFS drive I've got the error "operation not permit", and testing ntfs on a terminal with my user (member of the operator group) I've got this problem:

Error opening '/dev/da0s1': Permission denied
Failed to mount '/dev/da0s1': Permission denied
Please check '/dev/da0s1' and the ntfs-3g binary permissions,
and the mounting user ID. More explanation is provided at
http://ntfs-3g.org/support.html#unprivileged

Then, I've try a

chmod 4577 /usr/local/bin/ntfs-3g

, but now the error message is:

Mount is denied because setuid and setgid root ntfs-3g is insecure with the
external FUSE library. Either remove the setuid/setgid bit from the binary
or rebuild NTFS-3G with integrated FUSE support and make it setuid root.
Please see more information at http://ntfs-3g.org/support.html#unprivileged

On the ntfs-3g.org support page, the instructions for a normal user too use ntfs-3g are:

   1. ntfs-3g is compiled with integrated FUSE support
   2. the ntfs-3g binary is at least version 1.2506
   3. the ntfs-3g binary is set to setuid-root
   4. the user has access right to the volume
   5. the user has access right to the mount point

I think that the problem came for the compilation option «use integrated FUSE». But when I look on /usr/ports/sysutils/fusefs-ntfs I didn't find how to change it.

Does someone know to use ntfs-3g with a simple user ?

Thanks

 

[ale]

Output of $ sysctl vfs.usermount ?
Is the user mounting the devices on a mountpoint he owns?

 

[olivier]

The output of sysctl is:

[olivier@d630]~>[B]sysctl vfs.usermount[/B]
vfs.usermount: 1

And it doesn't works even if I own the mount point:

[olivier@d630]~>[B]mkdir usbkey[/B]
[olivier@d630]~>[B]ls -alh usbkey/[/B]
total 4
drwxr-xr-x   2 olivier  olivier   512B 24 fév 23:44 .
drwxr-xr-x  39 olivier  olivier   2,0K 24 fév 23:44 ..
[olivier@d630]~>[B]ntfs-3g /dev/ntfs/PHOTOS usbkey/[/B]
Error opening '/dev/ntfs/PHOTOS': Permission denied
Failed to mount '/dev/ntfs/PHOTOS': Permission denied
Please check '/dev/ntfs/PHOTOS' and the ntfs-3g binary permissions,
and the mounting user ID. More explanation is provided at
http://ntfs-3g.org/support.html#unprivileged

But with root it's works:

[olivier@d630]~>[B]sudo ntfs-3g /dev/ntfs/PHOTOS usbkey/[/B]
[olivier@d630]~>[B]mount | grep usbkey[/B]
/dev/fuse2 on /usr/home/olivier/usbkey (fusefs, local, synchronous)

 

[alvaro]

Perhaps if you change the permissions of devices. In my case I have the umass in /dev/da0s1 with permissions 660 owned by root:operator.

 

[miniqq]

In devfs.rules define:

add path 'da*' mode 0660 group usb

and your user id is a member of the usb group.

 

[JanBessai]

I ran into similar problems, but I could solve them. Here is the complete guide:

1. Install ntfs-3g, e.g. by:
   
   pkg_add -r fusefs-ntfs
   
   Note that ntfs-progs may not be installed, since ntfs-3g replaces them.
   
2. Activate the fuse deamon in /etc/rc.conf
   

   fusefs_enable="YES"

   and start it
   
   /usr/local/etc/rc.d/fusefs start
   
   The appropriate kernel modules will be loaded automatically.
   
3. Fix your drive permissions by creating or editing /etc/devfs.rules to contain:
   

   [system=10]
   add path 'da*' mode 0660 group operator

   The devfs deamon needs to be configured to include this file, so add to /etc/rc.conf:
   

   devfs_system_ruleset="system"

   This will allow all users in the group operator to read and write access the devices /dev/da* (e.g. for the first partition on the first usb-stick /dev/da0s1).
   
4. Add your self to the operator group:
   
   pw groupmod operator -m `whoami`
   
   Be aware, that you have to logout and login for this to take effect.
   
5. Allow normal users to mount in /etc/sysctl.conf:
   

   vfs.usermount=1

   and for the current session by executing
   
   sysctl vfs.usermount=1
   
6. You can now mount the ntfs device as user by running:
   
   /usr/sbin/mount_fusefs auto MOUNTPOINT ntfs-3g /dev/DEVICE MOUNTPOINT
   
   where MOUNTPOINT and DEVICE need to be replace appropriately, e.g.:
   
   /usr/sbin/mount_fusefs auto /usr/home/you/usbstick ntfs-3g /dev/ad0s1 /usr/home/you/usbstick
   
   to mount /dev/ad0s1 to the folder /usr/home/you/usbstick.
   
7. Unmounting can be done as usual
   
   /sbin/umount MOUNTPOINT

Notes:

• /usr/sbin for mount_fusefs and /sbin for umount are not in the default path of normal users.
  
• The mountpoint has to be an existing rwx-accessible directory.
  
• Just running
  
  mount -t ntfs-3g DEVICE MOUNTPOINT
  
  or
  
  ntfs-3g DEVICE MOUNTPOINT
  
  as user is NOT sufficient and will fail with permission errors.
  
• Modifying the permissions of ntfs-3g by setting the SUID-Flag as found in some old tutorials is not necessary and will even be prevented with a mount failure.
  
• Compiling fusefs-kmod via ports will require the kernel sources to be installed.
  
• Some Linux tutorials describe fusermount and udisks which do not exist on FreeBSD.

 

[bozzy]

I ran into similar problems, but I could solve them. Here is the complete guide:

etc,etc

Jan - this was driving me NUTS. Your concise roadmap was clear and with localisation it allowed me to deal with a mirror which was refusing to mount at all, and some other ntfs volumes which were mounted ro. May I ask where you sourced your ideas? I had scoured Archlinux, FreeBSD and so on without success, and had begun to believe the tales of "persistent stuffed up metadata and superblocks from previous incarnations of the ICH10 driver" (as on my mainboard).

I think this will be a short term solution for me as I shall migrate to RAIDZ soon, but I need to retain this mirror so I can see it from Arch and W7 as well as BSD, at least for the time being.

Thank you once again.

 

[JanBessai]

Glad, I could help. This was driving me crazy as well. The installation part was trial and error + knowing that I needed fuse to get ntfs support. The devfs part was from this thread and manual reading (man devfs.rules). The rest was painful trial and error

 

[bozzy]

+ knowing that I needed fuse to get ntfs support. The devfs part was from this thread and manual reading (man devfs.rules). The rest was painful trial and error

And after all that - now with a better idea where to look I am using fusefs-ntfs which seems more complete, and plays a little nicer with the other stuff.

 

[bozzy]

And after all that - now with a better idea where to look I am using fusefs-ntfs which seems more complete, and plays a little nicer with the other stuff.

Just ignore - what I was actually trying to sa

 

[bozzy]

Just ignore - what I was actually trying to sa

I need sleep - third time mucky - I was trying to say that the simple: -

% ntfs-3g ntfsvol mountpoint

is working just fine.