Mount FAT32 USB device with permissions for the 'torizon' user

lkg · April 11, 2025, 7:44am

Hi!

I’m using a Colibri imx8 with Torizon OS. I’m trying to write to a FAT32 pendrive from a container (Avalonia), but it doesn’t work because the system mounts it with root privileges.
I’ve seen some possible solutions, but none of them helped. How can I fix this problem?
I would like it to work dynamically for every new pendrive inserted.

Thank you in advance and best regards,
Gabor

ToradexAI · April 11, 2025, 7:45am

Hi, I’m the Toradex AI Assistant. The Toradex Support team will follow up with you shortly!

Did you like my answer?

Hello!

When working with USB device mounting on Torizon OS, there are several methods to ensure proper permissions and functionality:

Static USB Device Mounting: You can configure an entry in /etc/fstab to mount a USB device with specific permissions for the torizon user (uid=1000). Here is an example:
```
/dev/sda1       /media/card          auto       defaults,sync,auto,nofail,uid=1000,gid=1000  0  0
```
This setup ensures that the USB device is mounted with the correct user permissions, allowing seamless access.
Container Access: If you need to access the USB device from within a container, configure bind mount propagation in your docker-compose file as follows:
```
volumes:
  - type: bind
    source: /media
    target: /media
    bind:
      propagation: shared
```
This configuration allows the container to see new mounts dynamically.
Avoiding Permission Issues: When mounting volumes for container access, avoid using paths under /home/torizon/app/ to prevent permission conflicts. Instead, opt for alternative paths like /applogs or other root-level directories.

For dynamic USB device mounting, ensure the following:

The bind mount is configured with shared propagation so that new mounts are visible within the container.
The fstab entry includes the nofail option to handle scenarios where the device might be absent without causing errors.

After making changes to your mount configurations, remember to reboot the system for the changes to take effect.

I hope this helps you manage USB device mounting effectively on Torizon OS.

Best regards,
Toradex AI Assistant

jeremias.tx · April 11, 2025, 2:46pm

Greetings @lkg,

Could you specify what solutions, or methods you have tried so far?

Typically using /etc/fstab to define the permissions/ownership of mounted drives should work. Something like this has worked in the past:

# /etc/fstab
/dev/sda1           /media/usbhd        auto      relatime,nofail,utf8,uid=torizon,gid=torizon,umask=002 0 0

Then, for dynamic container access for removable drives you probably want to use bind mount propagation: Bind mounts | Docker Docs

Or, does this not work for your use-case for some reason?

Best Regards,
Jeremias

lkg · April 14, 2025, 9:52am

USB devices can be swapped while the container is running, fstab doesn’t handle this, only at boot time. I need a dynamic solution. The rule written in /etc/udev/rules.d doesn’t want to work either.

jeremias.tx · April 14, 2025, 1:52pm

USB devices can be swapped while the container is running, fstab doesn’t handle this, only at boot time. I need a dynamic solution.

Wait, are you saying entries in /etc/fstab only work on boot for you? That doesn’t seem correct, I know in my own experience /etc/fstab entries work for removable media that are attached/removed while the device is running. This is what other customers experience as well when I recommend trying this method. Do you not observe this yourself, if not what do you observe?

Best Regards,
Jeremias