Am 31.10.20 um 20:13 schrieb Ulf Zibis:
Hi Jean-Pierre,
some time ago you have written:
Am 28.11.15 um 13:03 schrieb Jean-Pierre André:
If the users are in the same group in Windows (this is
the default on Windows 7 and earlier), they must also be
in the same *primary* group in Linux. If users are in
different groups in Windows (this is the default on
Windows 8 and subsequent), they must be in different
groups in Linux.
This will not be changed. You have to define your
primary groups on Linux the same way as on Windows.
(Alternative : switch to Windows 8 or Windows 10).
Now I have a dual-boot installation with fresh Windows 10 and Ubuntu 20.04.
When running ntfssecaudit from Ubuntu, I get:
gesche@T540p:~$ ntfssecaudit -u /mnt/Daten/Users/Gesche/Documents/
ntfssecaudit 1.5.0 : NTFS security data auditing
# User mapping proposal :
# -------------------- cut here -------------------
1000::S-1-5-21-1967741440-4199378828-1111019832-1002
:1000:S-1-5-21-1967741440-4199378828-1111019832-513
::S-1-5-21-1967741440-4199378828-1111019832-10000
# -------------------- cut here -------------------
# Insert the above lines into .NTFS-3G/UserMapping, with .NTFS-3G
# being a hidden subdirectory of the root of the NTFS file system.
# Example : /mnt/Daten/.NTFS-3G/UserMapping
No errors were found
gesche@T540p:~$ ntfssecaudit -u /mnt/Daten/Users/Mama/Documents/
ntfssecaudit 1.5.0 : NTFS security data auditing
# User mapping proposal :
# -------------------- cut here -------------------
1000::S-1-5-21-1967741440-4199378828-1111019832-1003
:1000:S-1-5-21-1967741440-4199378828-1111019832-513
::S-1-5-21-1967741440-4199378828-1111019832-10000
# -------------------- cut here -------------------
# Insert the above lines into .NTFS-3G/UserMapping, with .NTFS-3G
# being a hidden subdirectory of the root of the NTFS file system.
# Example : /mnt/Daten/.NTFS-3G/UserMapping
No errors were found
So I'm wondering, why your statement is not true here. Both users are in the
same Windows group, so I have the same mapping problem as with Windows 7.
As second problem is, that secaudit doesn't run through here (I had to cancel
it with Ctrl+C):
Now secaudit works again.
The reason for the error before seems, that /mnt/Daten/.NTFS-3G/UserMapping was
an empty file on my first try.
gesche@T540p:~$ sudo ntfssecaudit -vv /mnt/Daten/Users/Gesche/Documents
ntfssecaudit 1.5.0 : NTFS security data auditing
Directory /mnt/Daten/Users/Gesche/Documents
000000 01000480 6c000000 88000000 00000000
000010 14000000 02005800 03000000 00031400
000020 ff011f00 01010000 00000005 12000000
000030 00031800 ff011f00 01020000 00000005
000040 20000000 20020000 00032400 ff011f00
000050 01050000 00000005 15000000 005a4975
000060 8c6f4dfa 38d13842 ea030000 01050000
000070 00000005 15000000 005a4975 8c6f4dfa
000080 38d13842 ea030000 01050000 00000005
000090 15000000 005a4975 8c6f4dfa 38d13842
0000a0 01020000
Computed hash : 0xdda00891
Windows attrib : 0x11
Global header
revision 1
flags 0x8004
DACL present
self relative descriptor
Off USID 0x6c
Off GSID 0x88
Off SACL 0x0
Off DACL 0x14
Owner SID
Local user-1002 SID
O:hex S-1-5-15-75495a00-fa4d6f8c-4238d138-3ea
O:dec S-1-5-21-1967741440-4199378828-1111019832-1002
Group SID
Domain Users SID
G:hex S-1-5-15-75495a00-fa4d6f8c-4238d138-201
G:dec S-1-5-21-1967741440-4199378828-1111019832-513
DACL
revision 2
ACL size 88
ACE cnt 3
ACE 1 at 0x1c
type 0
Access allowed
flags 0x3
Object inherits ACE
Container inherits ACE
Size 0x14
Acc rgts 0x1f01ff
Obj specific acc rgts 0x1ff
List directory
Add file
Add subdirectory
Read EA
Write EA
Traverse
Delete child
Read attributes
Write attributes
standard acc rgts 0x1f
Delete
Read control
Write DAC
Write owner
Synchronize
SID at 0x24
Local System SID
hex S-1-5-12
dec S-1-5-18
Summary : grant rwx inherited applied
ACE 2 at 0x30
type 0
Access allowed
flags 0x3
Object inherits ACE
Container inherits ACE
Size 0x18
Acc rgts 0x1f01ff
Obj specific acc rgts 0x1ff
List directory
Add file
Add subdirectory
Read EA
Write EA
Traverse
Delete child
Read attributes
Write attributes
standard acc rgts 0x1f
Delete
Read control
Write DAC
Write owner
Synchronize
SID at 0x38
Administrators SID
hex S-1-5-20-220
dec S-1-5-32-544
Summary : grant rwx inherited applied
ACE 3 at 0x48
type 0
Access allowed
flags 0x3
Object inherits ACE
Container inherits ACE
Size 0x24
Acc rgts 0x1f01ff
Obj specific acc rgts 0x1ff
List directory
Add file
Add subdirectory
Read EA
Write EA
Traverse
Delete child
Read attributes
Write attributes
standard acc rgts 0x1f
Delete
Read control
Write DAC
Write owner
Synchronize
SID at 0x50
Local user-1002 SID
hex S-1-5-15-75495a00-fa4d6f8c-4238d138-3ea
dec S-1-5-21-1967741440-4199378828-1111019832-1002
Summary : grant rwx inherited applied to owner
No SACL
Windows owner S-1-5-21-1967741440-4199378828-1111019832-1002
Windows group S-1-5-21-1967741440-4199378828-1111019832-513
Interpreted Unix owner 1000, group 513, mode 0700
No errors were found
gesche@T540p:~$ sudo ntfssecaudit -vv /mnt/Daten/.NTFS-3G/UserMapping
ntfssecaudit 1.5.0 : NTFS security data auditing
File /mnt/Daten/.NTFS-3G/UserMapping
000000 01000484 60000000 70000000 00000000
000010 14000000 02004c00 03000000 00101800
000020 ff011f00 01020000 00000005 20000000
000030 20020000 00101400 ff011f00 01010000
000040 00000005 12000000 00101800 a9001200
000050 01020000 00000005 20000000 21020000
000060 01020000 00000005 20000000 20020000
000070 01020000 00000005 20000000 20020000
Computed hash : 0x07d0d652
Windows attrib : 0x24
Global header
revision 1
flags 0x8404
DACL present
DACL was inherited automatically
self relative descriptor
Off USID 0x60
Off GSID 0x70
Off SACL 0x0
Off DACL 0x14
Owner SID
Administrators SID
O:hex S-1-5-20-220
O:dec S-1-5-32-544
Group SID
Administrators SID
G:hex S-1-5-20-220
G:dec S-1-5-32-544
DACL
revision 2
ACL size 76
ACE cnt 3
ACE 1 at 0x1c
type 0
Access allowed
flags 0x10
ACE was inherited
Size 0x18
Acc rgts 0x1f01ff
Obj specific acc rgts 0x1ff
Read data
Write data
Append data
Read EA
Write EA
Execute
Read attributes
Write attributes
standard acc rgts 0x1f
Delete
Read control
Write DAC
Write owner
Synchronize
SID at 0x24
Administrators SID
hex S-1-5-20-220
dec S-1-5-32-544
Summary : grant rwx applied to owner to group
ACE 2 at 0x34
type 0
Access allowed
flags 0x10
ACE was inherited
Size 0x14
Acc rgts 0x1f01ff
Obj specific acc rgts 0x1ff
Read data
Write data
Append data
Read EA
Write EA
Execute
Read attributes
Write attributes
standard acc rgts 0x1f
Delete
Read control
Write DAC
Write owner
Synchronize
SID at 0x3c
Local System SID
hex S-1-5-12
dec S-1-5-18
Summary : grant rwx applied
ACE 3 at 0x48
type 0
Access allowed
flags 0x10
ACE was inherited
Size 0x18
Acc rgts 0x1200a9
Obj specific acc rgts 0xa9
Read data
Read EA
Execute
Read attributes
standard acc rgts 0x12
Read control
Synchronize
SID at 0x50
Users SID
hex S-1-5-20-221
dec S-1-5-32-545
Summary : grant rx applied
No SACL
Windows owner S-1-5-32-544
Windows group S-1-5-32-544
Interpreted Unix owner 0, group 0, mode 0755
No errors were found
-Ulf
_______________________________________________
ntfs-3g-devel mailing list
ntfs-3g-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ntfs-3g-devel
