Mount and use LUKS encrypted flash drive without sudo on Arch/manjaro

1

I managed to encrypt a usb drive using cryptsetup as described here.

When I insert the drive into the computer, I can double click it, enter the password, and it opens. However, I can't create new folders or anything from the file manager, and have to go in through the terminal and use sudo. This a) is annoying since it's mounted to a directory with a very long random name and b) I have to use sudo for all editing commands.

I have used encrypted drives before with TAILS (created the drive using GNOME Disk) and it was a breeze. Is there a way I can recreate this behavior on Arch/Manjaro?

I'm running Manjaro with xfce.

In response to @G-Man, I can edit and view files with their normal permissions. Additionally, this issue is not unique to encrypted drives: even regular old ext4 formatted usb sticks give me the same issue.

sonarforte

Posted 2017-11-22T02:53:48.017

Reputation: 111

1Can you read files normally? Can you modify files normally? What do you get if you say ls -la and id from terminal (without sudo)?   Please do not respond in comments; [edit] your question to make it clearer and more complete. – G-Man Says 'Reinstate Monica' – 2017-11-22T03:16:58.007

Answers

1

You're right that it has nothing to do with LUKS. The ext4 filesystem supports and enforces Unix-like file permissions (owner/group/world, read/write/execute) and does not change behavior depending on what kind of drive it's on.

So if you format a USB stick with ext4, it works the same way as a HDD formatted with ext4: the only way to get write access is by using chown, chmod, and/or setfacl. There is no magic "allow everything" switch in ext4. (The ext4 driver maintainer has once already refused to add that as an option.)

(But no matter what you do, some problems are unavoidable. If a program deliberately creates a file only writable by the owner, and your UIDs happen to be different between two computers, the 2nd computer won't let you access that file until yet another manual chmod.)

user1686

Posted 2017-11-22T02:53:48.017

Reputation: 283 655

1I agree with your solution for the most part, but you could also use a FUSE mount to override the permissions - eg use sshfs to localhost. You could also reformat the drive to something else like vfat. – davidgo – 2017-11-22T07:38:31.323

12nd davidgo's FUSE mount idea, but I really hate to upvote anything recommending FAT, I had near weekly filesystem corruption when trying to use it on usb drives, use literally anything else, ntfs even ;-) – Xen2050 – 2017-12-02T09:04:16.217

Asked: 2017-11-22T02:53:48.017

Viewed: 1 486 times

Active: 2017-11-22T06:36:18.093