udisks and exfat

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

udisks and exfat

William Kenworthy
How does one execute a file on an exfat formatted usb key?

I have an encryption app that must be executed from the drive to work
(secure-stick).  Works great in windows, linux is a real pain because I
think udisks is forcing execute off and I cant overide it.


help!

BillK



Reply | Threaded
Open this post in threaded view
|

Re: udisks and exfat

Jack
On 2019.04.29 21:19, Bill Kenworthy wrote:

> How does one execute a file on an exfat formatted usb key?
>
> I have an encryption app that must be executed from the drive to work
> (secure-stick).  Works great in windows, linux is a real pain because  
> I
> think udisks is forcing execute off and I cant overide it.
>
>
> help!
>
> BillK
At least show us the output of "ls -l" on the file in question.  Does  
"chown +x file" have any effect?  Why do you think you can't execute  
such a file?  What happens when you try?  How have you tried?

Jack
Reply | Threaded
Open this post in threaded view
|

Re: udisks and exfat

Mick-10
On Tuesday, 30 April 2019 04:07:23 BST Jack wrote:

> On 2019.04.29 21:19, Bill Kenworthy wrote:
> > How does one execute a file on an exfat formatted usb key?
> >
> > I have an encryption app that must be executed from the drive to work
> > (secure-stick).  Works great in windows, linux is a real pain because
> > I
> > think udisks is forcing execute off and I cant overide it.
> >
> >
> > help!
> >
> > BillK
>
> At least show us the output of "ls -l" on the file in question.  Does
> "chown +x file" have any effect?  Why do you think you can't execute
> such a file?  What happens when you try?  How have you tried?
>
> Jack
I just mounted a USB stick which has been formatted with exFAT and the files
and directories are executable:

# ls -la /run/media/michael/VERBATIM32G/
total 10672960
drwxrwxrwx  1 michael michael      32768 Jan  1  1970  .
drwxr-x---+ 3 root    root            60 Apr 30 11:40  ..

I tested running a bash script by passing the full path to the terminal and it
works as expected.
--
Regards,
Mick

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: udisks and exfat

William Kenworthy
On 30/4/19 6:51 pm, Mick wrote:

> On Tuesday, 30 April 2019 04:07:23 BST Jack wrote:
>> On 2019.04.29 21:19, Bill Kenworthy wrote:
>>> How does one execute a file on an exfat formatted usb key?
>>>
>>> I have an encryption app that must be executed from the drive to work
>>> (secure-stick).  Works great in windows, linux is a real pain because
>>> I
>>> think udisks is forcing execute off and I cant overide it.
>>>
>>>
>>> help!
>>>
>>> BillK
>> At least show us the output of "ls -l" on the file in question.  Does
>> "chown +x file" have any effect?  Why do you think you can't execute
>> such a file?  What happens when you try?  How have you tried?
>>
>> Jack
> I just mounted a USB stick which has been formatted with exFAT and the files
> and directories are executable:
>
> # ls -la /run/media/michael/VERBATIM32G/
> total 10672960
> drwxrwxrwx  1 michael michael      32768 Jan  1  1970  .
> drwxr-x---+ 3 root    root            60 Apr 30 11:40  ..
>
> I tested running a bash script by passing the full path to the terminal and it
> works as expected.

I will grab the info tomorrow.  I was hoping there is a guide somewhere
as it happens on multiple systems and from what I have read its by
design.  There is so much old info on the net on how to fix the problem
with it appearing to be implemented differently on each major distro,
and none of the work arounds/fixes work on gentoo.


BillK



Reply | Threaded
Open this post in threaded view
|

Re: udisks and exfat

Walter Dnes
In reply to this post by William Kenworthy
On Tue, Apr 30, 2019 at 09:19:55AM +0800, Bill Kenworthy wrote
> How does one execute a file on an exfat formatted usb key?
>
> I have an encryption app that must be executed from the drive to work
> (secure-stick).  Works great in windows, linux is a real pain because I
> think udisks is forcing execute off and I cant overide it.

  This is a security measure.  If I try to execute a bash script on
/dev/shm I get a "Permission denied" error.  This can be overriden by
manually remounting.  According to "man mount"...

> mount(8)  since v2.27 allows to change the mount options by passing
> the relevant options along with --bind.  For example:
>
>        mount -o bind,ro foo foo
>
> This feature is not supported by the Linux kernel; it is implemented
> in userspace by an additional mount(2) remounting system call.  This
> solution is not atomic.

  Can you manually remount it after it has been mounted by udisks?

--
Walter Dnes <[hidden email]>
I don't run "desktop environments"; I run useful applications

Reply | Threaded
Open this post in threaded view
|

Re: udisks and exfat

William Kenworthy
In reply to this post by Mick-10
Got sidetracked - turns out fuse and exfat on usb do not play well with
mounts as a user due to changes late last year.  It can now only be
mounted/unmounted by root.

The second part (also due to fuse) is that to stop fuse (silently as ls
still showed the execute bit set) from interfering with execution of
files on the mounted device) it must be mounted as the user under a user
owned directory such as /home/user (mount cannot deal with this - it did
in the past, but something has changed).  So the solution is to mount
via root as the user you want (via sudo) under a mount point in the
users home.  This may all be unique to fuse-exfat, and which versions of
everything involved as I saw one email on the mechanics of the changes
saying fat is handled a little differently due to a different use
scenario.  And ext2/3/4 etc don't have the problem at all.  Auto-mount
on device plugin still doesn't happen so thats next on my list.

/etc/fstab:

/dev/sda1               /home/myuser/mnt           auto           
rw,auto,exec,uid=1000,gid=1000,users,user=myuser                   0 0


BillK



On 4/30/19 6:51 PM, Mick wrote:

> On Tuesday, 30 April 2019 04:07:23 BST Jack wrote:
>> On 2019.04.29 21:19, Bill Kenworthy wrote:
>>> How does one execute a file on an exfat formatted usb key?
>>>
>>> I have an encryption app that must be executed from the drive to work
>>> (secure-stick).  Works great in windows, linux is a real pain because
>>> I
>>> think udisks is forcing execute off and I cant overide it.
>>>
>>>
>>> help!
>>>
>>> BillK
>> At least show us the output of "ls -l" on the file in question.  Does
>> "chown +x file" have any effect?  Why do you think you can't execute
>> such a file?  What happens when you try?  How have you tried?
>>
>> Jack
> I just mounted a USB stick which has been formatted with exFAT and the files
> and directories are executable:
>
> # ls -la /run/media/michael/VERBATIM32G/
> total 10672960
> drwxrwxrwx  1 michael michael      32768 Jan  1  1970  .
> drwxr-x---+ 3 root    root            60 Apr 30 11:40  ..
>
> I tested running a bash script by passing the full path to the terminal and it
> works as expected.

Reply | Threaded
Open this post in threaded view
|

Re: udisks and exfat

Mick-10
On Wednesday, 1 May 2019 03:32:21 BST Bill Kenworthy wrote:

> Got sidetracked - turns out fuse and exfat on usb do not play well with
> mounts as a user due to changes late last year.  It can now only be
> mounted/unmounted by root.
>
> The second part (also due to fuse) is that to stop fuse (silently as ls
> still showed the execute bit set) from interfering with execution of
> files on the mounted device) it must be mounted as the user under a user
> owned directory such as /home/user (mount cannot deal with this - it did
> in the past, but something has changed).  So the solution is to mount
> via root as the user you want (via sudo) under a mount point in the
> users home.  This may all be unique to fuse-exfat, and which versions of
> everything involved as I saw one email on the mechanics of the changes
> saying fat is handled a little differently due to a different use
> scenario.  And ext2/3/4 etc don't have the problem at all.  Auto-mount
> on device plugin still doesn't happen so thats next on my list.
>
> /etc/fstab:
>
> /dev/sda1               /home/myuser/mnt           auto          
> rw,auto,exec,uid=1000,gid=1000,users,user=myuser                   0 0
>
>
> BillK
exFAT and VFAT are mounted with different permissions by udisks, without
overriding options in fstab or command line.

A random file in exFAT:

$ stat /run/media/michael/VERBATIM32G/blah
  File: /run/media/michael/VERBATIM32G/blah
  Size: 32768     Blocks: 64         IO Block: 4096   regular file
Device: 811h/2065d Inode: 19          Links: 1
Access: (0777/-rwxrwxrwx)  Uid: ( 1000/ michael)   Gid: ( 1002/ michael)
Access: 2018-06-08 11:20:50.000000000 +0100
Modify: 2015-08-24 12:50:56.000000000 +0100
Change: 2015-08-24 12:50:56.000000000 +0100
 Birth: -

A random file in FAT:

$ stat /run/media/michael/CRUCIAL-8G/blah
  File: /run/media/michael/CRUCIAL-8G/blah
  Size: 1731366   Blocks: 3384       IO Block: 4096   regular file
Device: 810h/2064d Inode: 124         Links: 1
Access: (0644/-rw-r--r--)  Uid: ( 1000/ michael)   Gid: ( 1002/ michael)
Access: 2019-04-08 01:00:00.000000000 +0100
Modify: 2007-08-25 22:46:42.000000000 +0100
Change: 2019-04-08 14:04:54.000000000 +0100
 Birth: -

Ditto for directories.

exFAT:

$ stat /run/media/michael/VERBATIM32G/Foo
  File: /run/media/michael/VERBATIM32G/Foo
  Size: 32768     Blocks: 64         IO Block: 4096   directory
Device: 811h/2065d Inode: 24          Links: 1
Access: (0777/drwxrwxrwx)  Uid: ( 1000/ michael)   Gid: ( 1002/ michael)
Access: 2018-02-11 17:22:52.000000000 +0000
Modify: 2018-02-11 17:22:54.000000000 +0000
Change: 2018-02-11 17:22:54.000000000 +0000
 Birth: -


FAT:

$ stat /run/media/michael/CRUCIAL-8G/Foo
  File: /run/media/michael/CRUCIAL-8G/Foo
  Size: 4096       Blocks: 8          IO Block: 4096   directory
Device: 810h/2064d Inode: 79          Links: 2
Access: (0755/drwxr-xr-x)  Uid: ( 1000/ michael)   Gid: ( 1002/ michael)
Access: 2019-04-08 01:00:00.000000000 +0100
Modify: 2019-04-08 14:43:26.000000000 +0100
Change: 2019-04-08 14:43:26.000000000 +0100
 Birth: -

The mount options are different as shown below.

exFAT:

$ findmnt -oOPTIONS /dev/sdb1
OPTIONS
rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other,
blksize=4096

FAT:

$ findmnt -oOPTIONS /dev/sdb
OPTIONS
rw,nosuid,nodev,relatime,uid=1000,gid=1002,fmask=0022,dmask=0022,codepage=437,
iocharset=iso8859-1,shortname=mixed,showexec,utf8,flush,errors=remount-ro


In the above examples I used udisksctl to mount the devices.  I understand
Gnome expose via Gvfs an API to handle I/O to block devices, which desktop
applications can plug into without performing raw kernel calls to hardware
devices (like e.g. /bin/mount does).  I don't run Gnome and am not familiar
with its internals to know how similar it is with udisksctl.

Regarding mounting with udisksctl I don't know why exFAT and VFAT are
different, but the udisksctl man page provides this revealing information on
the mount permissions allowed:

      The device will be mounted with a safe set of default options. You
      can influence the options passed to the mount(8) command with
      --options. Note that only safe options are allowed - requests with
      inherently unsafe options such as suid or dev that would allow the
      caller to gain additional privileges, are rejected.

HTH.
--
Regards,
Mick

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: udisks and exfat

William Kenworthy
On 1/5/19 4:35 pm, Mick wrote:

> On Wednesday, 1 May 2019 03:32:21 BST Bill Kenworthy wrote:
>> Got sidetracked - turns out fuse and exfat on usb do not play well with
>> mounts as a user due to changes late last year.  It can now only be
>> mounted/unmounted by root.
>>
>> The second part (also due to fuse) is that to stop fuse (silently as ls
>> still showed the execute bit set) from interfering with execution of
>> files on the mounted device) it must be mounted as the user under a user
>> owned directory such as /home/user (mount cannot deal with this - it did
>> in the past, but something has changed).  So the solution is to mount
>> via root as the user you want (via sudo) under a mount point in the
>> users home.  This may all be unique to fuse-exfat, and which versions of
>> everything involved as I saw one email on the mechanics of the changes
>> saying fat is handled a little differently due to a different use
>> scenario.  And ext2/3/4 etc don't have the problem at all.  Auto-mount
>> on device plugin still doesn't happen so thats next on my list.
>>
>> /etc/fstab:
>>
>> /dev/sda1               /home/myuser/mnt           auto          
>> rw,auto,exec,uid=1000,gid=1000,users,user=myuser                   0 0
>>
>>
>> BillK
> exFAT and VFAT are mounted with different permissions by udisks, without
> overriding options in fstab or command line.
>
> A random file in exFAT:
>
> $ stat /run/media/michael/VERBATIM32G/blah
>   File: /run/media/michael/VERBATIM32G/blah
>   Size: 32768     Blocks: 64         IO Block: 4096   regular file
> Device: 811h/2065d Inode: 19          Links: 1
> Access: (0777/-rwxrwxrwx)  Uid: ( 1000/ michael)   Gid: ( 1002/ michael)
> Access: 2018-06-08 11:20:50.000000000 +0100
> Modify: 2015-08-24 12:50:56.000000000 +0100
> Change: 2015-08-24 12:50:56.000000000 +0100
>  Birth: -
>
> A random file in FAT:
>
> $ stat /run/media/michael/CRUCIAL-8G/blah
>   File: /run/media/michael/CRUCIAL-8G/blah
>   Size: 1731366   Blocks: 3384       IO Block: 4096   regular file
> Device: 810h/2064d Inode: 124         Links: 1
> Access: (0644/-rw-r--r--)  Uid: ( 1000/ michael)   Gid: ( 1002/ michael)
> Access: 2019-04-08 01:00:00.000000000 +0100
> Modify: 2007-08-25 22:46:42.000000000 +0100
> Change: 2019-04-08 14:04:54.000000000 +0100
>  Birth: -
>
> Ditto for directories.
>
> exFAT:
>
> $ stat /run/media/michael/VERBATIM32G/Foo
>   File: /run/media/michael/VERBATIM32G/Foo
>   Size: 32768     Blocks: 64         IO Block: 4096   directory
> Device: 811h/2065d Inode: 24          Links: 1
> Access: (0777/drwxrwxrwx)  Uid: ( 1000/ michael)   Gid: ( 1002/ michael)
> Access: 2018-02-11 17:22:52.000000000 +0000
> Modify: 2018-02-11 17:22:54.000000000 +0000
> Change: 2018-02-11 17:22:54.000000000 +0000
>  Birth: -
>
>
> FAT:
>
> $ stat /run/media/michael/CRUCIAL-8G/Foo
>   File: /run/media/michael/CRUCIAL-8G/Foo
>   Size: 4096       Blocks: 8          IO Block: 4096   directory
> Device: 810h/2064d Inode: 79          Links: 2
> Access: (0755/drwxr-xr-x)  Uid: ( 1000/ michael)   Gid: ( 1002/ michael)
> Access: 2019-04-08 01:00:00.000000000 +0100
> Modify: 2019-04-08 14:43:26.000000000 +0100
> Change: 2019-04-08 14:43:26.000000000 +0100
>  Birth: -
>
> The mount options are different as shown below.
>
> exFAT:
>
> $ findmnt -oOPTIONS /dev/sdb1
> OPTIONS
> rw,nosuid,nodev,relatime,user_id=0,group_id=0,default_permissions,allow_other,
> blksize=4096
>
> FAT:
>
> $ findmnt -oOPTIONS /dev/sdb
> OPTIONS
> rw,nosuid,nodev,relatime,uid=1000,gid=1002,fmask=0022,dmask=0022,codepage=437,
> iocharset=iso8859-1,shortname=mixed,showexec,utf8,flush,errors=remount-ro
>
>
> In the above examples I used udisksctl to mount the devices.  I understand
> Gnome expose via Gvfs an API to handle I/O to block devices, which desktop
> applications can plug into without performing raw kernel calls to hardware
> devices (like e.g. /bin/mount does).  I don't run Gnome and am not familiar
> with its internals to know how similar it is with udisksctl.
>
> Regarding mounting with udisksctl I don't know why exFAT and VFAT are
> different, but the udisksctl man page provides this revealing information on
> the mount permissions allowed:
>
>       The device will be mounted with a safe set of default options. You
>       can influence the options passed to the mount(8) command with
>       --options. Note that only safe options are allowed - requests with
>       inherently unsafe options such as suid or dev that would allow the
>       caller to gain additional privileges, are rejected.
>
> HTH.

Sounds like you are using gnome/systemd ... thats a whole other box of
worms to open.  This is a gnomeless openrc system with a recently
getting elogind to replace consolekit.


BillK



Reply | Threaded
Open this post in threaded view
|

Re: udisks and exfat

Mick-10
On Wednesday, 1 May 2019 10:24:02 BST Bill Kenworthy wrote:

> Sounds like you are using gnome/systemd ... thats a whole other box of
> worms to open.  This is a gnomeless openrc system with a recently
> getting elogind to replace consolekit.
>
>
> BillK

No, that's a can of worms I've consciously stayed away from.  ;-)

I use openrc with consolekit and Enlightenment or KDE as desktops.  Lately I
also installed elogind because Skype was asking for it.  I checked while
logged into KDE and both console-kit-daemon and elogind are running.
--
Regards,
Mick

signature.asc (849 bytes) Download Attachment