How to manage permissions on a shared volume for OSX and ubuntu
User names are irrelevant. Permissions in both HFS+ and Linux-native filesystems are stored in terms of user IDs (UIDs), which are numbers associated with usernames. In Ubuntu, as in most modern Linux distributions, the first user is given a UID of 1000 by default. In OS X, the first user is given a UID of 501 by default. Thus, when sharing media that encode UID values, the UID values are likely to not match.
One way to fix this is by setting loose permissions (the mode value, as in rwxr-xr-x
, or 755 in octal). Note that the permissions octal code is not the same as the UID value. In either OS, you can set the default permissions used on files with the umask
command, which specifies the bit value to be removed from file permissions. For instance, umask 022
removes write permission for the group and other permissions, resulting in 755 (rwxr-xr-x
) permissions on new files (or 644 if something removes the execute permission bit, which is common practice for files). This is largely a command-line tool, though; if you're largely a GUI user, you'll need to find another tool to do the job, probably related to your desktop environment's defaults. This may be obscure and poorly documented. Also, setting loose permissions in this way can have security drawbacks, especially if yours is a multi-user system.
A better approach is to synchronize your account UIDs across Linux and OS X. You can easily change the UID value in Linux with the usermod
command, as in:
usermod -u 501 dale
This command sets the UID for dale
to 501. There are some significant caveats, though:
- You should log out of the account you're modifying before you modify it. Trying to modify an in-use account will cause that account to begin behaving strangely.
-
usermod
must be used asroot
. You can execute it viasudo
, but doing so from the account you're modifying is inadvisable in the extreme. Thus, you'll need to either giveroot
a password and log intoroot
directly or usesudo
from a second user account. - The
usermod
command won't change the ownership of any files owned by the user in question. To adjust ownership of those files, you'll need to locate them and then change their ownership withchown
. Most of the files will be in the user's home directory, sochown -R dale: /home/dale
, typed asroot
after changingdale
's UID, will change most ofdale
's files to use the new UID number. Some of the user's files may be located elsewhere, though. Typingfind / -uid 1000
will find all the files that use the old UID (assuming it was 1000). Note that thisfind
command will probably take several minutes to complete. To speed it up, unmount any filesystems on which you're sure it will find no hits, such as FAT or NTFS volumes. - If you access FAT or NTFS volumes, their UID values are determined by options at mount time. If you use a GUI file manager, chances are the UID value is set to whoever is running the file manager, so you need do nothing special. If you mount the volume via an
/etc/fstab
entry, though, you may need to adjust the UID value it specifies. - Ubuntu stores the minimum value it uses for UIDs in
/etc/login.defs
. If you fail to change theUID_MIN
value in this file, you'll likely discover that your account will seem to "disappear" from the GUI login screen, and perhaps from some other systems. Thus, you should edit that file.
In theory, you could change the UID of your OS X account(s) in a similar way to achieve the same goal. I'm less familiar with the OS X account-maintenance tools, though, so I can't provide explicit instructions for doing so. Adjusting the OS X values would have the advantage of your not having to adjust UID_MIN
in Linux.
If you've got multiple accounts on your computer, you should adjust them all to keep them all synchronized across your OS installations.
One more point: The Group ID (GID) value is stored in a similar way. IIRC, Ubuntu assigns a GID value for each account that's identical to its UID value. I don't recall what OS X does by default. You might want to adjust the GID values for the two OSes in a way that's analogous to the UID changes, but this isn't likely to be as important as adjusting the UID values.
EDIT: If you want to change your UID (and GID, if desired) in macOS/OS X rather than in Ubuntu, you can do so. As this modification in macOS is beyond the scope of this site, I'll just link to a few pages that provide procedures for doing this in macOS:
- Change a user's User ID on Mac OS X (10.6 - 10.12)
- "Changing your UID and GID" on Apple Communities
- "Consequences of changing uid/gid on snow leopard" on SuperUser
Related videos on Youtube
Community
Updated on September 18, 2022Comments
-
Community over 1 year
On my mac I'm using an unjournaled HFS partition to share files between OSX 10.8 and Ubuntu 12.04.
It was a nice thought at first, because Time Machine will automatically backup the volume in OSX, but I soon noticed that OSX and Ubuntu mess with the permission in a way that makes things messy for me.
So, in order to fully view and change files, I keep using
chmod
to apply permissions that will allow me to fully use a document. But I don't understand why I have to keep applying changes over and over.Is possible to set some kind of permission permanently so that both operating systems will respect permanently?
I guess 777 will work, but I thought that this is not a smart thing to do. But as long as 'others' does not get full access (third seven), I see a lock icon on the file in ubuntu.
-
edwin almost 11 yearsDo you have the same username in both OS X and Ubuntu? If you have different usernames you can try adding the Ubuntu username to your group in OS X, and vice versa. This way you would only need
774
for permissions. -
Admin almost 11 years@edwin Thanks for the tip. How do I add a username to my group? Is using 777 reasonable or unsafe?
-
-
Gabriel almost 11 yearsThis works in both cases, but I will only use the first option. Yet allowing "everyone" access (i.e permission 777) seems too radical - or is it not? Is this safe?
-
edwin almost 11 yearsIn Ubuntu at least, the command should work I have tried myself before adding the answer. Are you sure you substituted
<ubuntu-username>
with your actual username in Ubuntu (idem for<os-x-usernanme>
)? And can you be more specific about what errors OS X gives you when trying to run this command? -
Admin almost 11 yearsI only said that the command did not work in OSX. If I remember correctly, the command
adduser
does not exit. -
edwin almost 11 yearsI have edited the answer for this. Try it. I am not sure since I am not familiar with OS X user management. In OS X, you could also use the GUI to create the Ubuntu user (with the username you use in Ubuntu) and then adding it to your actual OS X user group.
-
edwin almost 11 yearsWell, it is not recommended for sure. "Everyone" will be able to modify and read the documents with those permissions (but this is unix stuff mostly, I think). Its definitely a little bit more secure to use
774
. -
Amalan Jenicious almost 11 yearsWow, thank you! This is a really well written comprehensive answer - explaining the full context of the problem! This solution helped me to get a flawless shared partition without making any compromises. At first there was still the problem of file ownership: "ignoring the ownership of this volume" in OSX would not give me write access to newly created files of OSX when running under ubuntu (lock icon) and vice versa. So I ended up setting a new new account in ubuntu using the same username as in OSX and changing the UID again.
-
Amalan Jenicious almost 11 yearsNow I have full access from both operating systems for existing and newly created files without having to change access restrictions. Since this is such an exemplary answer, I'll give you a bounty once the question becomes eligible for a bounty. ;-)
-
borisdiakur over 10 yearsAfter following your instructions I tried to log in in ubuntu. When I hit enter I saw a black screen for a second and then landed back in the login screen. After changing back anything to standard 1000 from my temp account I could log in again. Any idea why I couldn't log in with the new uid?
-
Rod Smith over 10 yearsIf you neglected to change the permissions on your own home directory, that might account for the problem. If you're using 13.10, it's also conceivable that something in Ubuntu has changed that's causing problems if you didn't adjust
UID_MIN
. -
krumpelstiltskin over 9 yearsUPDATE: i just did usermod on my system and somehow the permission of my home directory did not have to be changed!? Everything work nicely after only usermod (as root).
-
krumpelstiltskin about 9 yearsIf you want to use USB drives after changeing the UID then you must remove /media/USERNAME. askubuntu.com/questions/583375/…
-
Paschalis over 7 yearsTo set the ACL of
/media/<username>/
use:sudo setfacl -m u:501:r-x /media/<username>
, and remove the old one using:sudo setfacl -x u:1000 /media/<username>