HowTo Remove Executable Flag from Files in Virtual Box Shared Folder on Linux Guest

If you are using Virtual Box virtualization technology then you know that is possible to share some folders between the host OS and guest OS.
The problem is when you share files between Windows host and Linux guest. In this case, files on Linux get executable flag by default, what is in most cases annoying and unwanted behavior – for example file names coloring will stop working, because all archives, sources etc. now looks like executable. I cannot imagine regular computer user scenario when he need to get shared windows file as executable in Linux.
Here you can find how to disable this behavior and share files as normal data (not executable files).

The Virtual Box offers two ways how to get the shared folder accessible in the Linux guest OS. Both are dependent on the classical Linux mount mechanism, but are little different.

NOTE: To get the Shared Folder mechanism working, you have to install the Virtual Box Guest Additions, what have to be provided manually. The installation process may be little bit different for diferent Linux distributions (Ubuntu, Fedora, etc) and I recommend using Google to find right way how to install the Virtual Box Guest Additions.

First mount mechanism is fully managed by the Virtual Box Guest Additions, and VM options dialogue. Open the Virtual Box machine settings by click on “Machine->Settings…” in menu. You will obtain the dialogue:

Virtual Box Machine Settings Dialogue

Now you have to select the Shared Folders item in the list of the left side. You will obtain list of all defined shared folders. Then double-click selected folder record and you will obtain final Shared Folder settings:

Virtual Box Shared Folder Settings Dialogue

If you tick the “Auto-mount” option, the Virtual Box will mount your shared folder automatically, but you cannot influence the way how the folder will be mounted.  So, this way to mount the shared folder is not for us if we can disable the executable unwanted behavior.

The second way is to mount the shared folder manually, through the command line or during the guest OS boot process by /etc/fstab file. This way gives to us more freedom to influence how the shared folder will be finally mounted.

For our purposes, we will use the second way, of course – then if you are using “Auto-mount” mechanism, disable it first, please.

Now, let’s go to make the shared folder executable-less.

At first we have to know the shared folder name. This piece of information can be obtained from the Virtual Box Shared folders settings. Open these settings as described above through the “Machine->Settings…” menu.

The name of the Shared Folder is first item on the folder record line, or you can open full configuration dialogue by line double-click and then you will get name from Folder Name edit box.

In our case the Shared Folder name is vm_share.

Second prerequisite is to prepare the “mount-point” for our shared folder in the guest OS. It is classical regular folder, which can be placed everywhere on your file system – in your Home folder, in /mnt folder or in same place where the Auto-mount mechanism places the shared folders -> in /media folder.

The Virtual Box uses “mount-point” naming scheme when prepend the “sf_” prefix before the Shared Folder regular name, then name generated by Virtual Box will be sf_vm_share.

But you can select whatever folder name here; it is not restricted by any special way.

Choose the folder name and create it:

sudo mkdir /media/sf_vm_share

Now you are ready to mount the shared folder and make its content accessible from the Guest OS. Type this command from your terminal:

sudo mount -t vboxsf vm_share /media/sf_vm_share

Now switch your current working directory (CWD) to the mount-point:

cd /media/sf_vm_share

If everything went OK, you can see now the Shared Folder content with same list of files as from your host OS.

But when you use the simple command from above, all your files are green add have executable flag:

ls -l
drwxrwxrwx 1 root root    0 2011-11-14 12:43 ./
drwxr-xr-x 3 root root 4096 2011-11-14 08:52 ../
-rwxrwxrwx 1 root root  386 2011-11-11 15:45 file.txt*
-rwxrwxrwx 1 root root    5 2011-11-14 09:48 ppp*

Additionally all users can read, write or execute the files in the folder.

Then default mounting policy is not enough for us. Unmount the folder by command:

cd /
sudo umount vm_share

where vm_share is name of your Shared Folder and follow next steps to get expected result.

The default Virtual Box mounting mechanism restricts the folder access only to members of the vboxsf group members. I think, that is good idea then we will restrict the folder access by same way. If you do not want to do this, skip next section.

We have to detect if the vboxsf group already exists or not. To do this, type this command:

grep vboxsf /etc/group

If you get this result:

vboxsf:x:1001:

Then group already exists and has GID == 1001 -> this GID will be used later.

If you will not get any grep result, then you have to create the group itself:

sudo groupadd vboxsf

Verify that group has been created successfully:

grep vboxsf /etc/group
vboxsf:x:1001:

Ok, now we have to add your user to the group, to grant correct access to him:

useradd -G vboxsf user_name

the user_name replace by real user name on your OS.

Now verify finally, that group exists and user is member of the group:

grep vboxsf /etc/group

You have to see this result:

vboxsf:x:1001:user_name

where 1001 is Group ID (GID) and the user_name at the line end means that user is member of the group.

Now we are ready to restrict the Shared Folder access to the vboxsf group members, and modify the rights to disable the unwanted executable flag mapping. But we have add some parameters to the mount command to reach our goal.

The Virtual Box provides folder sharing by special file system with vboxsf name. This file system offers several mount options, which you can obtain by this command:

sudo mount.vboxsf
rw                 mount writable (the default)
ro                 mount read only
uid=UID            set the default file owner user id to UID
gid=GID            set the default file owner group id to GID
ttl=TTL            set the "time to live" to TID for the dentry
dmode=MODE         override the mode of all directories to (octal) MODE
fmode=MODE         override the mode of all regular files to (octal) MODE
umask=UMASK        set the umask to (octal) UMASK
dmask=UMASK        set the umask applied to directories only
fmask=UMASK        set the umask applied to regular files only
iocharset CHARSET  use the character set CHARSET for I/O operations  (utf8 is default)
convertcp CHARSET  convert the folder name from CHARSET to utf8

For our purposes, we have to use the fmode option, which allow modifying and overriding all file permissions, and additionally we will use general mount parameters umask, gid and uid to set appropriate access rigths to the shared folder.

Detailed help to mentioned mount common commands can be obtained on the mount man page then I can say here briefly that uid defines the OWNER user ID for the mount-point of the Shared Folder and gid makes same for the GROUP.

The umask then specifies rights to the mount-point for its owner and group, but here is used binary negation of the classic file rigths. Then, if the full access for everybody to a file is 777 in classic rights representation, we have to define umask 000 to get same result – 7 dec  is 111 in binary, and negation is 000.

More important is the vboxsf file system specific parameter fmode. It overrides (in classical way) rights to all files in the Share Folder and all subfolders. Then to reach read/write rights without executable flag, we have to specify the fmode to 660.

Now, try to mount the Shared Folder with final set of parameters:

sudo mount -t vboxsf -o uid=0,gid=1001,umask=007,fmode=660 vm_share /media/sf_vm_share

If you now dump the folder content, you will get different result:

cd /media/sf_vm_share
ls –l
drwxrwx--- 1 root vboxsf    0 2011-11-14 13:02 ./
drwxr-xr-x 3 root root   4096 2011-11-14 08:52 ../
-rw-rw---- 1 root vboxsf  386 2011-11-11 15:45 file.txt
-rw-rw---- 1 root vboxsf    5 2011-11-14 09:48 ppp

As you can see, the files are accessible only to root (owner) and group vboxsf, and both entities have only read/write (not executable) rights to files. It has been our starting requirement on the Shared Folder.

Finally, we can make mounting of our Share Folder permanent and automatic during the guest boot process. To do that, we have to modify the /etc/fstab file content by adding this line:

vm_share /media/sf_vm_share vboxsf rw,fmode=660,umask=007,uid=0,gid=1001, 0 0

Now, after reboot, your Shared Folder will be automatically mounted to the /media/sf_vm_share location.

If you can have the Shared Folder accessible more comfortable from your home folder too, you can create symbolic link to the folder:

ln –s /media/sf_vm_share ~/shared

That’s all. Enjoy your properly mounted Shared Folder in the Virtual Box.

 

Note: This article was originally published on my previous site polach.cc. Because I had to change the domain I have moved the article here from the previous site.

 

Posted by:

Zdenek Polach

6 Comments

  1. Kshitij -  January 6, 2012 - 04:49

    Great, have been looking to do this since long.

    Reply
  2. Joachim -  January 15, 2013 - 09:11

    Very helpful. Thank you!
    I used:
    umask=002
    fmode=664
    to set the files like my linux defaults…

    btw, I can’t change the permissions of single files back to 775, any ideas?

    Reply
  3. ster5 -  March 20, 2013 - 11:37

    Many thanks, Zdenek, excellent post! It’s really helpful!

    Reply
  4. Leslie -  July 7, 2013 - 20:38

    Thank you so much. When I create a .py file, it is now not executable. But, I do want to make it executable: sudo chmod +x file.py
    However, this does not work. All my files are rw-rw—- and I cannot make them executable. The permissions on the directory that contains file.py is drwxrwx— .
    Any ideas? Thanks again.

    Reply
  5. Lon -  August 4, 2014 - 16:36

    If using Vagrant, this is fixed easily in the config.vm.synced_folder setting of the Vagrantfile. Just add options such as:

    owner: “user_name”, group: “group_name”, mount_options: [“umask=022”]

    (Changing “user_name” and “group_name” and the umask (I did 022) as appropriate.

    Reply

Leave A Comment

Your email address will not be published. Required fields are marked (required):

Back to Top