From the ntfs-3g faq:
Unprivileged block device mounts work only if all the below requirements are met:
- ntfs-3g is compiled with integrated FUSE support
- the ntfs-3g binary is at least version 1.2506
ntfs-3g: No device is specified.
ntfs-3g 2021.8.22 integrated FUSE 28 - Third Generation NTFS Driver
Configuration type 7, XATTRS are on, POSIX ACLS are on
Copyright (C) 2005-2007 Yura Pakhuchiy
Copyright (C) 2006-2009 Szabolcs Szakacsits
Copyright (C) 2007-2021 Jean-Pierre Andre
Copyright (C) 2009-2020 Erik Larsson
Usage: ntfs-3g [-o option[,...]] <device|image_file> <mount_point>
Options: ro (read-only mount), windows_names, uid=, gid=,
umask=, fmask=, dmask=, streams_interface=.
Please see the details in the manual (type: man ntfs-3g).
Example: ntfs-3g /dev/sda1 /mnt/windows
Plugin path: /usr/lib64/ntfs-3g
News, support and information: http://tuxera.com
- the ntfs-3g binary is set to setuid-root
rwxr-xr-x. 1 root root 121176 Jan 20 22:38 lowntfs-3g
rwsr-s---. 1 root ntfsuser 166888 Jan 20 22:38 ntfs-3g
rwxr-xr-x. 1 root root 16248 Jan 20 22:38 ntfs-3g.probe
lrwxrwxrwx. 1 root root 7 Jan 20 22:38 ntfsmount -> ntfs-3g
- the user has access right to the volume
$ groups nox
nox : nox wheel ntfsuser
- the user has access right to the mount point
$ ls -l /mnt/ | grep win
drwxr-xr-x. 1 nox nox 0 May 25 17:40 windows
LABEL=windows /mnt/windows ntfs-3g defaults,users,noauto 0 0
(I did not set uid,gid,umask,fmask and dmask because their default value are sufficient)
I’m kind of stumped. Any help would be appreciated !
I was trying to do the same thing and actually your post helped me to achieve this! Not sure what failed in your case, though.
In my situation the windows ntfs partition was
ls -l /dev/sda3
brw-rw----. 1 root disk 8, 3 May 30 13:39 /dev/sda3
and (aside from adding the ntfsuser group and configuring the ntfs-3g as per the faq instructions) I had to assign the group disk to the user
sudo usermod -a -G disk giuliohome
then I rebooted to make the groups current and eventually from a terminal I issued
ntfs-3g /dev/sda3 /run/media/giuliohome/Acer
which worked fine for me, afaics
I’m very happy that my post helped you !
By doing the same as you did, I managed to mount the partition via terminal (as an unpriviledged user) while being part of the disk group.
I think that to security minded people adding a regular user to the disk group is a nightmare.
So, now I can mount my partition as an unpriviledged user via the terminal but still not in my graphical file explorers (dolphin or krusader)
I’ll mark the thread as solved and I’ll update my post if I find the culprit (probably udisks2).
After some research I found that on other distros, udisksctl has suid root. Mine didn’t have it so I added it in the same manner as described in the ntfs 3g faq
[N] ~ ❯❯❯ ls -l $(which udisksctl)
-rwxr-xr-x. 1 root root 62368 Mar 3 16:41 /usr/bin/udisksctl*
[I] ~ ❯❯❯ sudo groupadd udisksmount
[I] ~ ❯❯❯ sudo chown root:udisksmount $(which udisksctl)
[I] ~ ❯❯❯ sudo chmod 4750 $(which udisksctl)
[I] ~ ❯❯❯ sudo usermod -aG udisksmount nox
[I] ~ ❯❯❯ ls -l $(which udisksctl)
-rwsr-x---. 1 root udisksmount 62368 Mar 3 16:41 /usr/bin/udisksctl*
After which I could mount my partition using udisksctl.
[I] ~ ❯❯❯ udisksctl mount -b /dev/sdb4 /mnt/windows/
Mounted /dev/sdb4 at /mnt/windows
Using my graphical file explorer, the password still gets asked.
I will mark this thread as solved since I can mount ntfs partitions as an unprivileged user.
Upon hitting the “details” button when I get asked for authentification, I can see that the x-udisks-auth option is specified in my fstab (even if I didn’t!). This is the problem.
You can follow my new thread in the udisks project github issues
Out of my curiosity, I’m not sure why you don’t find good - for security reasons - to be asked a password (* see note below about password-less mount), but anyway, more importantly, if I follow the suid root instructions as above then my partition is mounted with root as owner, which is not what I want in my situation, likely because we have different “desiderata” (for me it is acceptable to be asked a password, when mounting the partition from the terminal or from nautilus, but it’s important to be the owner of the mounted folders, e.g. to
npm -i there, etc…).
BTW thank you for sharing the github issue you opened I also subscribed it, just to be informed.
* Note about password-less mount
See this answer and this example
As explained above I’m able to do the following without being asked for a password.
[giuliohome@localhost ~]$ sudo vim /etc/polkit-1/rules.d/10-udisks2.rules
[giuliohome@localhost ~]$ udisksctl mount -b /dev/sda3
Mounted /dev/sda3 at /run/media/giuliohome/Acer
[giuliohome@localhost ~]$ ls /run/media/giuliohome/Acer/dev/git/ -l
drwxrwxrwx. 1 giuliohome giuliohome 4096 May 30 13:29 fe-react-01
notice that it works the same from nautilus gui as well, so now it’s also not asking for a password when mounting the partition, if such a rule is present.