A perfectly functioning usermapping file on Ubuntu server 9.04.
Then I edited the file and inserted a bunch of comment line at the beginning of it.
The advanced ntfs-3g driver stopped finding the usermapping file.

/var/log/syslog below:: the first mount shows that the usermapping file isn't found, the second mount finds the usermapping file::
The only difference between the two mounts is that I deleted the comments from the beginning of the same usermapping file::

-rwxrwxrwx 1 root root 1597 2009-05-26 20:15 UserMapping <= ntfs-3g finds this one (still has come initial comment lines)
-rwxrwxrwx 1 root root 3257 2009-05-26 20:14 UserMapping.bak <= ntfs-3g fails finding this one (33 lines of initial comments)
-rw-r--r-- 1 root root 1446 2009-05-26 20:36 UserMapping.xxx <= ALL initial comment lines removed

May 26 20:13:52 mic ntfs-3g[24524]: Version 2009.4.4AC.11 integrated FUSE 27
May 26 20:13:52 mic ntfs-3g[24524]: Mounted /dev/remov02 (Read-Write, label "remov02", NTFS 3.1)
May 26 20:13:52 mic ntfs-3g[24524]: Cmdline options: rw,noexec,nosuid,nodev,users,locale=en_US.UTF-8,usermapping=.NTFS-3G/UserMapping
May 26 20:13:52 mic ntfs-3g[24524]: Mount options: rw,noexec,nosuid,nodev,users,silent,allow_other,nonempty,relatime,fsname=/dev/remov02,blkdev,blksize=4096
May 26 20:13:52 mic ntfs-3g[24524]: No user mapping file : ownership and permissions disabled
May 26 20:15:21 mic ntfs-3g[24524]: Unmounting /dev/remov02 (remov02)
May 26 20:15:43 mic ntfs-3g[26426]: Version 2009.4.4AC.11 integrated FUSE 27
May 26 20:15:43 mic ntfs-3g[26426]: Mounted /dev/remov02 (Read-Write, label "remov02", NTFS 3.1)
May 26 20:15:43 mic ntfs-3g[26426]: Cmdline options: rw,noexec,nosuid,nodev,users,locale=en_US.UTF-8,usermapping=.NTFS-3G/UserMapping
May 26 20:15:43 mic ntfs-3g[26426]: Mount options: rw,noexec,nosuid,nodev,users,silent,allow_other,nonempty,relatime,fsname=/dev/remov02,blkdev,blksize=4096,default_permissions

Hi,

So far I have not been able to produce such error.

Do you get the error randomly or every time ?
Are you sure all your comment lines have a # as the first character (no blank line, no space before the #, etc) ?
Can you post a mapping file involving the error ?

Regards

Jean-Pierre

Hi JP,
I trimmed down the case a little bit. Here it seems that the offending pattern is <beginning of file> + <blank line> before or between <comment lines>.
I can always reproduce this issue using the following file which I created with usermap.exe.

The above file works as named and configured per my first post. But if I insert a blank line before the first comment line, it isn't recognized anymore.

I have other questions. Assume the above usermap. I login to my server as
user fou uid/gid 1000/1000 member of group computers gid 1001
$ cd /.NTFS-3G
$ ls -l
and I can see that some files are owned by fou/computers, which should confirm that ntfs-3g is handling permissions, as also syslog seems to suggest:
But then when I create an empty file in the same directory:
$ >x
syslog says: why unmapped?
$ ls -l x
-rw-r--r-- 1 root root 0 2009-05-28 11:33 x
$ rm x
rm: remove write-protected regular empty file `x'? y
and the file is removed, even if fou shouldn't have rm permissions because it didn't sudo.

Then fou creates x again, or y, and this time syslog doesn't complain, why?
$ >x
$ >y
$ ls -l x y
-rw-r--r-- 1 root root 0 2009-05-28 11:45 x
-rw-r--r-- 1 root root 0 2009-05-28 11:45 y

Back to the unmapped 1000/1000 message. Maybe to avoid it I should add a line mapping fou's gid 1000 to a SID? But what SID #, do I make one up, and what will it do if I connect the disk directly to a Windows PC?

Thanks for your huge patience and attention!

I thought more about my 1000/1000 uid/gid question. I guess I misconceived what ntfs-3g can do at the moment.
I realize now that I was trying to map my user to a group he belongs to but which isn't the default group for this user. Mapping any group but the user's default group will result in ntfs-3g complaining that this user gid isn't mapped when the user creates a file on linux; did I get it right this time?
If this is the case, then in practice I need to move all my linux users into the same default group in order to use the disk with permissions.
Having to keep all users into the same default group is a bit limiting, is there or will there be a work-around? TIA

Hi,


This is as expected. A blank line is not a comment line, nor is it a valid mapping line, so the processing stops there, with no mapping defined.
In future versions, il will log this more clearly.

Because you have defined a single user (fou=1000) and a single group (computers=1001). But you have not defined gid=1000, which is the default group for user fou, so the gid cannot be recorded as the group for the new file.

I you want the files to be accessed the same way in Linux and Windows, the users must be in the same groups on both sides. This probably means the SID ending in 513 should be mapped to group 1000, or alternately group 1001 should be defined as default group for user fou.

Anyway I recommend you add an extra mapping line such as

so you never have an unmapped situation (however you may use fake users or groups which Windows does not recognize).

Actually, fou is in an unmapped group, and is mapped by default to group root which must have write access to parent directory. This is just a consequence of the above.

Yes. See above.

If you want to be sure, create a file by user fou on Windows, and check on Linux the file has uid for foo and gid for default group of fou. secaudit will display the SIDs for owner and group of the created file


[second message]


Exactly.

More precisely, you must have the same user/group pairs on both systems.
I agree, but on Windows are you using several groups ? If so, map them the same way.

Insert a default line at the end of the mapping file as indicated above. Fake SIDs will be used for unmapped uid and gid. If uid is mapped and gid is not, Windows will recognize owner's rights and ignore group rights (and conversely), which may be enough for your needs.

Regards

Jean-Pierre

Thanks JP, it's all clear. I had added a last line for unmapped users, but guess what?, I also had several empty lines in my file, so ntfs-3g never did process that last line.