Non-root backup using `setcap` and `ntfs-3g`

Took several hours to solve an issue, so posting here in case someone else encounter the same.

I am dual-booting (Windows and Fedora), and I have the Windows NTFS partition set to auto-boot using ntfs-3g. Everything has been working fine from a general usability perspective. The ntfsusermap permissions seem to work as expected, and I have no problem using files on the NTFS drive for normal activities.

However, when I tried to setup restic to backup my NTFS drive using the directions here, the restic process returned “permission denied” errors for all the NTFS files owned by my user.

I tried debugging by granting the ls command the same elevated capabilities, but it also had the same issues.

To cut to the chase, I’m pretty sure the issue was in my /etc/fstab. Initially it looked like this for the NTFS drive:

UUID=[REDACTED] /mnt/windows ntfs-3g auto,x-gvfs-show 0 0

But when I added “users,permissions” like below, everything worked as expected.

UUID=[REDACTED] /mnt/windows ntfs-3g users,permissions,auto,x-gvfs-show 0 0

Oddly, I didn’t notice any issues using the NTFS drive under the original fstab settings, but I’m guessing something just wasn’t quite right with the permissions.

Hopefully this saves someone else some headaches!

1 Like

The fstab settings above still presented some issues (specifically, ansible was not able to execute shell scripts stored under the NTFS drive). These settings seem to work (remove “user” and place “permissions” at the end of the sequence):

UUID=[REDACTED] /mnt/windows ntfs-3g auto,x-gvfs-show,permissions 0 0

1 Like