$ | >

Emulate POSIX-compliant filesystem permissions

Windows Subsystem for Linux (WSL) must support traditional Unix permissions for mounted Windows drives in /mnt/*.

Many utilities won't work otherwise.

Dotfiles often contain private data and apps check for chmod 600, ignoring the file otherwise.
Incorrect permissions are source of many bugs. Without proper emulation, developers won't be able to discover/fix them before deploying on a real Linux system.
Developers should be able to set executable flags, particularly for Git repos.
0777 perms on everything is a security risk.

69 votes
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    Anonymous shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    [Note: We have made some improvements to file permission handling which have been available for several months now in Win10 Insider builds, and which will roll out broadly when Windows 10 Creators Update ships in a few weeks’ time]

    WSL does honor & support Linux filesystem permissions on files stored in the Linux side of the filesystem.

    Files that are stored in the Windows filesystem also reflect the permissions of the local Windows user: If a file’s Windows permissions grant the locally logged-in user read-only permissions, a file only reports read-only rights:

    ~$ ll /mnt/c/dev/WindowsOnly.txt
    r-r—r— 1 root root 13 Mar 7 16:10 /mnt/c/dev/WindowsOnly.txt

    Trying to write to this file results in an error:

    ~$ echo FAIL! > /mnt/c/dev/WindowsOnly.txt
    bash: /mnt/c/dev/WindowsOnly.txt: Permission denied

    Note: Windows filesystem permissions always supersede *NIX file permissions – if a user does not have the rights to read/write/execute a file, then they won’t be able to read/write/execute that file, no matter what you do, even sudo fails:

    ~$ sudo echo FAIL! > /mnt/c/dev/WindowsOnly.txt
    bash: /mnt/c/dev/WindowsOnly.txt: Permission denied

    15 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      Submitting...
      • Gary Oberbrunner commented  ·   ·  Flag as inappropriate

        I don't get how to use almost anything without this. Can't use my ssh private key for instance, because there's no way (?) to set the Windows ACLs such that Linux will see a 0400 mode.

      • Anonymous commented  ·   ·  Flag as inappropriate

        I just installed wsl today. I was pretty excited about it at first, but I ran into this issue within the first 5 minutes of usage. I'll be uninstalling and sticking with the bash shells that work for now. It's hard to take wsl seriously if ssh cannot not even work properly.

      • rusty mandolini commented  ·   ·  Flag as inappropriate

        Yep, this is pretty important. I'm racking my brains, going through all kinds of hoops trying make it work.

      • Marcel commented  ·   ·  Flag as inappropriate

        "no matter what you do, even sudo fails:

        ~$ sudo echo FAIL! > /mnt/c/dev/WindowsOnly.txt
        bash: /mnt/c/dev/WindowsOnly.txt: Permission denied"

        Um... you are echoing as root. You are not trying to write to the file as root. To do that, the command is:

        echo "FAIL!" | sudo tee /mnt/c/dev/WindowsOnly.txt

      • Tejay Cardon commented  ·   ·  Flag as inappropriate

        I agree that this is not fixed. This request is for full support for setting permissions on /mnt/c files from bash, and having them survive. As for compatibility between posix and windows permissions, the chmod operation should fail (in my opinion) if one tries to grant more permissions in bash than are available in windows.

      • Mike Enright commented  ·   ·  Flag as inappropriate

        You say that the *NIX permissions are superceded. This is not the effect at all. No *NIX permissions are getting set, so in the emulation nothing is there to be superseded. I invoke chmod, nothing happens. I'm pretty sure that a change to the Windows ACL is exactly what I want when I do a chmod on a /mnt partition. If it isn't, perhaps there is some persuasion you could attempt which would convince me that Windows Ubuntu should not change ACLs.

      • Daniel Heater commented  ·   ·  Flag as inappropriate

        So.... Not fixed!
        Please reopen so we can at least vote to get this fixed.

        It screws up permissions for files under version control where I use git from bash, but the code has to be stored on a /mnt drive so Visual Studio can compile.

      • David commented  ·   ·  Flag as inappropriate

        agree with Logan, this does not address the original issue. can this be re-opened?

      • Logan Fleur commented  ·   ·  Flag as inappropriate

        "WSL does honor & support Linux filesystem permissions on files stored in the *Linux* side of the filesystem."
        This does not respond to what the question asked: "...Unix permissions for mounted Windows drives in /mnt/*."
        This functionality is still not implemented in the latest insider build.

        effleurager@Asus-F554L:/mnt/c/Users/ldfle/Desktop$ ll logfile.txt
        -rwxrwxrwx 1 root root 57269 Feb 26 21:01 logfile.txt*
        effleurager@Asus-F554L:/mnt/c/Users/ldfle/Desktop$ sudo chmod 600 logfile.txt
        effleurager@Asus-F554L:/mnt/c/Users/ldfle/Desktop$ ll logfile.txt
        -rwxrwxrwx 1 root root 57269 Feb 26 21:01 logfile.txt*

        Will this functionality ever be supported by WSL?

      • Stepan Orda commented  ·   ·  Flag as inappropriate

        Can't run Ansible playbooks because of 0777 default permissions. It's trying to execute hosts file.

      • Mike Lonergan commented  ·   ·  Flag as inappropriate

        Here's an actual scenario I ran into - whether it's something I *should* have done is debatable, but it made sense to me at the time:
        https://mikethecanuck.wordpress.com/2016/09/27/why-doesnt-chmod-under-bash-on-ubuntu-on-windows-10-actually-take/

        Basic situation: I decided to share my code repos between Windows and Bash by mounting the Windows folder as a link under Bash. I'm running Ansibke from Bash (incompatible with Windows), and Ansible-playbook command hates executable bit on a vault password file.

      • Anonymous commented  ·   ·  Flag as inappropriate

        This is an absolute deal breaker. I need to set and control file permissions before deploying to a live linux system.

      • ionut stoica commented  ·   ·  Flag as inappropriate

        My Gods, this is such an annoyance.
        I use Virtualbox with shared folders so that I use native editors where windows is unbeatable(having used OSX and Ubuntu, I am convinced that GUI in windows is way more responsive than any other OS) and test inside the vm, but the permissions issues are still there and it is awful to see everything mounted as executable.
        Can't an user-space file system be used that will translate these permissions between the Ubuntu side and the Windows side - what is not translatable, put them in an sqlite database and give us a simple tool to control them.

      Feedback and Knowledge Base