FAQ SearchLogin
Tuxera Home
View unanswered posts | View active topics It is currently Sun Nov 19, 2017 05:22



Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 9 posts ] 
Tuxera NTFS & permissions management 
Author Message

Joined: Mon Feb 06, 2017 21:38
Posts: 5
Post Tuxera NTFS & permissions management
I'm having a problem getting unix permissions to work on my Mac with Tuxera for Mac demo on an external SSD. I'd like to be able to use chmod and the like, but currently they have no effect. Here's what I've tried so far

First, I created "/Volumes/MyDrive/.NTFS-3G/UserMapping":

Code:
501::S-1-5-21-498645241-3243144141-3602080151-1000
:20:S-1-5-21-498645241-3243144141-3602080151-1000


The last parts both are the SID that's set to my user profile on Windows 7. The profile was originally an admin profile if that matters, but was later changed to a regular user (SID didn't change though).

The UserMapping file was clearly recognized since it made root the owner of the files on my drive, as opposed to staff as it was without the UserMapping. However, chmod still doesn't work. All files are still 777 (executable), as opposed to 664.

I also tried mounting manually with parameters for static permissions and whatnot, but I couldn't get the mount command to work on Mac. "mount -t ntfs-3g /dev/disk2s1 /Volumes/MyDrive" gave an error "No such file or directory", although I positively did create "/Volumes/MyDrive", and "/dev/disk2s1" is the drive's NTFS partition. I read diskutil is the preferred way to mount things on Mac, but it doesn't support ntfs-3g parameters AFAIK. So I haven't been able to try non-default mount options either.

Any ideas?


Tue Feb 07, 2017 20:44
Profile
NTFS-3G Lead Developer

Joined: Tue Sep 04, 2007 17:22
Posts: 1284
Post Re: Tuxera NTFS & permissions management
Hi,

Quote:
The last parts both are the SID that's set to my user profile on Windows 7.

Are you sure ? The last number in group SID on Windows 7 is usually 513. The quoted SID looks more like a SID for Windows 8 or 10.
Quote:
The UserMapping file was clearly recognized since it made root the owner of the files on my drive, as opposed to staff as it was without the UserMapping.

It should have been user 501, not root, nevertheless this proves the UserMapping is taken into account. When owner appears as root, this generally means that there is no matching SID in the UserMapping file, so this is the first thing to check.

The main point here is that I do not know what has been ported to the Mac. Maybe chmod and chown have not been implemented. Please use Windows 7 on a user account and create a new file in an inner directory of that user, then check the SIDs of that file. Create another new file from the Mac into the same directory, with an active UserMapping and compare the SIDs.

Regards

Jean-Pierre


Wed Feb 08, 2017 09:40
Profile

Joined: Mon Feb 06, 2017 21:38
Posts: 5
Post Re: Tuxera NTFS & permissions management
Thanks for the reply!

Quote:
Are you sure ? The last number in group SID on Windows 7 is usually 513. The quoted SID looks more like a SID for Windows 8 or 10.

I think this has been an error on my part since I used the SID of my user for both the first and second line. I ran
Code:
whoami /groups
on Windows to find out all the group SIDs on the PC and then tried replacing the second line's SID with each of the results. The ownerships of the files on my drive actually went right with some of the group SIDs - for instance when I used the SID for the group "BUILTIN\Users", the files on my mounted drive were correctly owned by my account and the group "staff". However, permissions are still messed up - 777 for new files, and chmod still doesn't work.

Also tried creating a new user account. The SID was identical to my previous account, except the last part was 1003 instead of 1000. Trying this SID on the UserMapping didn't change anything.

Quote:
The main point here is that I do not know what has been ported to the Mac. Maybe chmod and chown have not been implemented. Please use Windows 7 on a user account and create a new file in an inner directory of that user, then check the SIDs of that file. Create another new file from the Mac into the same directory, with an active UserMapping and compare the SIDs.

I wasn't too sure about this, but I created two directories on Windows, and a .txt inside them, and on the other directory and file I set my account explicitly as having only read&write permissions. Then created a .txt into both directories, and both .txt's showed up as the "Everybody" group having full permissions on Windows. It kinda looks like it's just chmod that isn't supported on mac.


Wed Feb 08, 2017 12:58
Profile

Joined: Mon Feb 06, 2017 21:38
Posts: 5
Post Re: Tuxera NTFS & permissions management
^ Forgot to mention, some of the group SIDs I used that gave the right ownerships (not root) were
Code:
BUILTIN\Users                    = S-1-5-32-545
NT AUTHORITY\Authenticated Users = S-1-5-11
NT AUTHORITY\Local account       = S-1-5-113


Wed Feb 08, 2017 13:12
Profile
NTFS-3G Lead Developer

Joined: Tue Sep 04, 2007 17:22
Posts: 1284
Post Re: Tuxera NTFS & permissions management
Hi,

Quote:
on Windows to find out all the group SIDs on the PC and then tried replacing the second line's SID with each of the results.

Please forget about the group SID until the owner SID is correctly interpreted (if this is possible). For now, use the same SID for owner and group (ending >= 1000).
Quote:
Then created a .txt into both directories, and both .txt's showed up as the "Everybody" group having full permissions on Windows.

Please post the owner SID of that file (or post all the SIDs which appear in the Windows security tab for that file).
Quote:
It kinda looks like it's just chmod that isn't supported on mac.

That is a possibility, but creating a new file does not imply using chmod, that is why I insist on creating new user files both by Windows and by Mac before trying further (new and user are important).

Regards

Jean-Pierre


Wed Feb 08, 2017 14:49
Profile

Joined: Mon Feb 06, 2017 21:38
Posts: 5
Post Re: Tuxera NTFS & permissions management
Hi again

I now created the dir "win-test" on the drive on Windows, and "win-test.txt.txt" (oops) under it. Then created the file "mac-test.txt" on MacOS. Attached are the permissions/ownerships on each OS, and the UserMapping file's contents


Attachments:
windows-ownerships.png
windows-ownerships.png [ 76.93 KiB | Viewed 3488 times ]
usermapping.png
usermapping.png [ 29.84 KiB | Viewed 3488 times ]
mac-permissions.png
mac-permissions.png [ 24.73 KiB | Viewed 3488 times ]
Wed Feb 08, 2017 15:47
Profile
NTFS-3G Lead Developer

Joined: Tue Sep 04, 2007 17:22
Posts: 1284
Post Re: Tuxera NTFS & permissions management
Hi,

This is unexpected. To get the uid/gid on the Mac, please post the outputs of :
Code:
id sampo
id wheel
id 20

If no clue there, better give up...

Regards

Jean-Pierre


Wed Feb 08, 2017 17:22
Profile

Joined: Mon Feb 06, 2017 21:38
Posts: 5
Post Re: Tuxera NTFS & permissions management
Here's the result of "id sampo", others don't work

uid=501(sampo) gid=20(staff) groups=20(staff),12(everyone),61(localaccounts),79(_appserverusr),80(admin),81(_appserveradm),98(_lpadmin),701(com.apple.sharepoint.group.1),33(_appstore),100(_lpoperator),204(_developer),395(com.apple.access_ftp),398(com.apple.access_screensharing),399(com.apple.access_ssh)

UID and GID are the same I've been using earlier. Can't say I see anything wrong there

It seems to me the permissions problem might be a separate problem from user mappings. Either way this is starting to look like a hopeless effort for me so I'm gonna have to find some way to work around this unless somebody can shed more light on the matter.

Thanks for all the help!


Wed Feb 08, 2017 17:57
Profile
NTFS-3G Lead Developer

Joined: Tue Sep 04, 2007 17:22
Posts: 1284
Post Re: Tuxera NTFS & permissions management
Hi,

I do not see anything you did wrong. Looks like something has not been adapted to the Mac.

Regards

Jean-Pierre


Wed Feb 08, 2017 22:20
Profile
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 9 posts ] 


Who is online

Users browsing this forum: Google [Bot] and 9 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Original forum style by Vjacheslav Trushkin.