Home / ubuntu / Questions / 587247
Accepted
mcExchange
Asked: 2015-02-20 00:45:36 +0800 CST

How to create a ext4 partition for all users?

  • 772

I know it sound like a dublicate questions but I tried the following and it didn't help:

My drive is mounted under 

/media/data

so I entered

sudo chown -R :users /media/data

However I still cannot write to that partition as a user. I also tried to make an entry in the /etc/fstab

UUID=... /media/data ext4 rw,suid,dev,exec,auto,user,async 0 0

but after that my computer could not boot anymore because he could not find the disk.

I have Ubuntu 14.04 Server installed. The partition is listed under /dev/nvmeOn1p1 and does not appear in the /etc/fstab (see pics below).

(the device is a "Intel DC P3700" 800GB SSD)

Additional Remark: Since the partition is empty i could also format it and recreate it using gparted for example. Is there a way in gparted or other gui programs to specify that the partition should be usable by all users?

partitioning

4 Answers

  1. Maybe you're doing the things in the wrong order. When you create a file system with mkfs.ext4, everything inside it is owned by user root and group root with your system default permissions set.

    When you mount that file system on a directory, you see file system permissions and owner, regardless of the original owner and permissions on that directory.

    So doing something like this won't work:

    sudo mkfs.ext4 /dev/some/data
sudo mkdir /media/data
sudo chown -R :users /media/data
sudo chmod -R g+rw /media/data
sudo mount /dev/some/data /media/data

    The right thing to do is create the file system, mount it, and then change permissions and ownership on it. It doesn't matter what you do in /etc/fstab.

    The right way to do it is this:

    sudo mkfs.ext4 /dev/some/data
sudo mkdir /media/data
sudo mount /dev/some/data /media/data
sudo chown -R :users /media/data
sudo chmod -R g+rw /media/data

    This should answer your question. If you need more details, read on.

    To better understand what happens, let's experiment a little with an image file

    Create an empty file to format and mount using fallocate -l 100MB /tmp/filesystem.img. Then format it as an ext4 file system with sudo mkfs.ext4 /tmp/filesystem.img (it's not a block device, but if you answer yes you can put a working ext4 file system on it anyway) and create a directory to use as mount point mkdir /tmp/experiment.

    Now try to change the owner and permissions on that directoy with sudo chown -R :users /tmp/experiment and sudo chmod -R g+rw /tmp/experiment, and check permissions with ls -la /tmp/experiment. You'll get something like this:

     ls -la /tmp/experiment/
 total 0
 drwxrwx--x 2 gerlos users  40 feb 19 10:37 .
 drwxrwxrwt 8 root   root  180 feb 19 10:38 ..

    This tells you that /tmp/experiment is owned by user gerlos and group users, and group members can read, write and execute on it. You can put files in it, for example with touch /tmp/experiment/somefile.

    Now mount the file system on that directory with sudo mount /mnt/filesystem.img /tmp/experiment, and look again at ls output:

    $ ls -la /tmp/experiment/
total 13
drwxr-xr-x 3 root root  1024 feb 19 10:41 .
drwxrwxrwt 8 root root   180 feb 19 10:41 ..
drwx------ 2 root root 12288 feb 19 10:41 lost+found

    As you can see, now /tmp/experiment seems owned by root, with different permissions! Why? Because we are not looking at /tmp/experiment itself, but at the root directory of the file system contained in /mnt/filesystem.img, mounted on /mnt/experiment.

    Additionally, your normal user won't be able to put files there with touch /tmp/experiment/anotherfile.

    If you now try again to run chown and chmod as above, you will change owner and permissions not on the mount point, but on the mounted file system, and your users will be able to use the file system. To confirm this look at ls output one last time:

    $ ls -la /tmp/experiment/
total 13
drwxrwxr-x 3 root users  1024 feb 19 10:41 .
drwxrwxrwt 8 root root    180 feb 19 10:45 ..
drwxrw---- 2 root users 12288 feb 19 10:41 lost+found

    As you can see, now members of users group can put files on the file system! In fact, nothing prevents your normal user from creating a new file there with touch /tmp/experiment/myfile:

    $ ls -la /tmp/experiment/
total 13
drwxrwxr-x 3 root   users   1024 feb 19 11:05 .
drwxrwxrwt 8 root   root     180 feb 19 11:02 ..
drwxrw---- 2 root   users  12288 feb 19 10:41 lost+found
-rw-rw---- 1 gerlos gerlos     0 feb 19 11:02 myfile

    Mission accomplished! :-)

    • 12
  2. Best Answer

    I finally solved the problem. I found out that I had a typo in my UUID. So my final entry in fstab was:

    UUID=... /media/data ext4 defaults 0 0

    or even better:

    /dev/sdb1 /media/data ext4 defaults 0 0

    I checked it before rebooting by simply calling:

    sudo umount /media/data
sudo mount -a

    If the fstab entry is correct everything will mount ok and every user of the computer will have access to the partition (At least to the folders he created himself which is the correct behaviour).

    One cat do

    sudo chown -R UserNameOfSudo:users /media/data 
sudo chmod -R g+rw /media/data

    while the partition is still mounted to ensure everybody can access the partition.

    If you do the ´chown´ ensure the specific user is part of the group "users" by typing:

    sudo adduser yourSpecificUsername users

    and logout and login again!

    Edit
    The partition after mounting by default is owned by root. This seems to prevent anyone from writing to the partition. Changing the owner to "UserNameOfSudo" after mounting as shown above yields the desired behaviour.

    Edit2
    In the case of sharing the computer between local users and LDAP users a solution is to give all rights to everyone: 

    sudo chmod 777 /media/data

    and then to set a 'sticky bit', which means only the user that created a folder / file is allowed to delete it. Which adds some sensible security: 

    sudo chmod o+t /media/data/
    • 1

  3. A solution that gives default permissions to all, also for newly created files, is with a default access control list.

    It is described for full in this unix.stackexchange.com answer -- the short parts:

    mkfs.ext4 /dev/<device>
tune2fs -o acl /dev/<device>
mount /dev/<device> /mnt/<mountpoint>
chown <username>:<groupname> /mnt/<mountpoint> # Optional; try to use the name of the user who is most commonly using this filesystem
chmod 777 /mnt/<mountpoint>
setfacl -m d:u::rwx,d:g::rwx,d:o::rwx /mnt/<mountpoint>
umount /mnt/<mountpoint>

    Problems might occur if you copy files with their set attributes; permissions might be preserved and other users might not edit or overwrite the files (but usually still read). But since the upper level directories are world-writeable, any user can rename or delete the files (and thus (via copying) also create new files owned by oneself and set permissions to 777). See the above mentioned stackexchange answer.

    • 0

  4. It`s manual - "How create EXT4 partition" https://superuser.com/questions/643765/creating-ext4-partition-from-console

    After you can add it on FSTAB. Add next text in end of file /etc/fstab:

    /dev/nvme0n1p1    /media/data    ext4    defaults    0    2

    Where /dev/nvme0n1p1 - your physical device, /media/data - your mountpoint.

    After use command mount -a for mounting all partition in FSTAB.

    • -1