How to create a ext4 partition for all users?

partitioning permissions mount fstab

Maybe you're doing the things in the wrong order. When you create a file system with mkfs.ext4, everything inside it is owned by user root and group root with your system default permissions set.

When you mount that file system on a directory, you see file system permissions and owner, regardless of the original owner and permissions on that directory.

So doing something like this won't work:

sudo mkfs.ext4 /dev/some/data
sudo mkdir /media/data
sudo chown -R :users /media/data
sudo chmod -R g+rw /media/data
sudo mount /dev/some/data /media/data

The right thing to do is create the file system, mount it, and then change permissions and ownership on it. It doesn't matter what you do in /etc/fstab.

The right way to do it is this:

sudo mkfs.ext4 /dev/some/data
sudo mkdir /media/data
sudo mount /dev/some/data /media/data
sudo chown -R :users /media/data
sudo chmod -R g+rw /media/data

This should answer your question. If you need more details, read on.

To better understand what happens, let's experiment a little with an image file

Create an empty file to format and mount using fallocate -l 100MB /tmp/filesystem.img. Then format it as an ext4 file system with sudo mkfs.ext4 /tmp/filesystem.img (it's not a block device, but if you answer yes you can put a working ext4 file system on it anyway) and create a directory to use as mount point mkdir /tmp/experiment.

Now try to change the owner and permissions on that directoy with sudo chown -R :users /tmp/experiment and sudo chmod -R g+rw /tmp/experiment, and check permissions with ls -la /tmp/experiment. You'll get something like this:

 ls -la /tmp/experiment/
 total 0
 drwxrwx--x 2 gerlos users  40 feb 19 10:37 .
 drwxrwxrwt 8 root   root  180 feb 19 10:38 ..

This tells you that /tmp/experiment is owned by user gerlos and group users, and group members can read, write and execute on it. You can put files in it, for example with touch /tmp/experiment/somefile.

Now mount the file system on that directory with sudo mount /mnt/filesystem.img /tmp/experiment, and look again at ls output:

$ ls -la /tmp/experiment/
total 13
drwxr-xr-x 3 root root  1024 feb 19 10:41 .
drwxrwxrwt 8 root root   180 feb 19 10:41 ..
drwx------ 2 root root 12288 feb 19 10:41 lost+found

As you can see, now /tmp/experiment seems owned by root, with different permissions! Why? Because we are not looking at /tmp/experiment itself, but at the root directory of the file system contained in /mnt/filesystem.img, mounted on /mnt/experiment.

Additionally, your normal user won't be able to put files there with touch /tmp/experiment/anotherfile.

If you now try again to run chown and chmod as above, you will change owner and permissions not on the mount point, but on the mounted file system, and your users will be able to use the file system. To confirm this look at ls output one last time:

$ ls -la /tmp/experiment/
total 13
drwxrwxr-x 3 root users  1024 feb 19 10:41 .
drwxrwxrwt 8 root root    180 feb 19 10:45 ..
drwxrw---- 2 root users 12288 feb 19 10:41 lost+found

As you can see, now members of users group can put files on the file system! In fact, nothing prevents your normal user from creating a new file there with touch /tmp/experiment/myfile:

$ ls -la /tmp/experiment/
total 13
drwxrwxr-x 3 root   users   1024 feb 19 11:05 .
drwxrwxrwt 8 root   root     180 feb 19 11:02 ..
drwxrw---- 2 root   users  12288 feb 19 10:41 lost+found
-rw-rw---- 1 gerlos gerlos     0 feb 19 11:02 myfile

Mission accomplished! :-)


I finally solved the problem. I found out that I had a typo in my UUID. So my final entry in fstab was:

UUID=... /media/data ext4 defaults 0 0

or even better:

/dev/sdb1 /media/data ext4 defaults 0 0

I checked it before rebooting by simply calling:

sudo umount /media/data
sudo mount -a

If the fstab entry is correct everything will mount ok and every user of the computer will have access to the partition (At least to the folders he created himself which is the correct behaviour).

One cat do

sudo chown -R UserNameOfSudo:users /media/data 
sudo chmod -R g+rw /media/data

while the partition is still mounted to ensure everybody can access the partition.

If you do the ´chown´ ensure the specific user is part of the group "users" by typing:

sudo adduser yourSpecificUsername users

and logout and login again!

Edit
The partition after mounting by default is owned by root. This seems to prevent anyone from writing to the partition. Changing the owner to "UserNameOfSudo" after mounting as shown above yields the desired behaviour.

Edit2
In the case of sharing the computer between local users and LDAP users a solution is to give all rights to everyone: 

sudo chmod 777 /media/data

and then to set a 'sticky bit', which means only the user that created a folder / file is allowed to delete it. Which adds some sensible security: 

sudo chmod o+t /media/data/

Related

How to create a SFTP (SSH) User with extremely limited permissions
AppArmor with cupsd denied in logs
Manually edit DNS in Ubuntu 14.04
How can I make a mini English-Chinese dictionary for Ubuntu?
Why the "mutable default argument fix" syntax is so ugly, asks python newbie
How do you get the all properties of a class and its base classes (up the hierarchy) with Reflection? (C#)
How can I get all of the sets in redis?
Python 3 range Vs Python 2 range
Can I check if an email address exists using .net?
How to write a constraint concerning a max number of rows in postgresql?
Chrome debugger - how to turn off console.log message grouping?
What is an "Async Pinned Handle"?