Which permissions do I need to give an enrypted partition and encrypted root

I have set up a new system with btrfs swapfile and luks enrcypted. Also I have created another data partition in USB-live mode, btrfs and encrypted.

I have rebooted the system. But I had had only write access to both partitions, / (root) and data (/run/media/user/Daten). So I did sudo chown -R $user:$user /.
Probably it was a mistake. I cannot install software anymore and have no more access at all to my data partition even entering the right password. What can I do? If nothing I have to reinstall everything. Its ok, if necessary. But at least I would like to understand.

And why was kdewallet asking on every reboot for its password and for the password of the encrypted data partition. This is ok for one time but not every time. Probably I have done something wrong. But what? If it is a bigger issue I can open another topic for this.

Exactly that.



Why would you want encryption on your filesystem if it doesn’t ask for a password?

1 Like

I do not have experience with that kind of encryption but you probably should not have done it in the live usb.
And if you use auto-login, then the keyring is not unlocked and you will be asked for password. Not sure if this is the case.

1 Like

Gosh. How do you know that you have only write access, when you have no read access? And making everything on the root belong to your user is one of the dumbest thing you would ever do.

Recovering that is a tedious work. Backup your files and reinstall.

If kwallet (a password-manager) stores the password for your encrypted data partition, then it usually asks for your master password. No?

1 Like

Thanks for all your answer. I see I did wrong. This happens to everything. It is called “learning by mistakes”.

2.1. Still would like to know. I can only resize the root partition with installed OS on, if I use a USB-live stick and partition manager. Based on the free partition size I can create a new encrypted btrfs data partition. Which permissions do I need to give to this extra data partition and which commands would you recommend?

2.1 Does it make sense to create /home directory as btrfs subdirectory @home? Will it lead to problems making home to btrfs subdirectory after installation? How is the best way to do it?


Don’t take this the wrong way please.

1 Like

Sorry, but I am not an absolute beginner. I could write down the commands which I usually use, e.g.

sudo chown $user:$user /run/media/user/data R-

But I just want to verify my approach, if there may be a better solution.

And I’m sorry, yes you are a complete beginner (or haven’t learned anything), or you would know that the question is completely crazy.
I do not feel comfortable giving you advice without knowing you UNDERSTAND that advice.
And teaching linux from scratch is not something this forum is for. Sorry.

The question you ask: “is this the correct way to use chown”. You learn that within the first 20 minutes of ANY beginners linux course.

No, btrfs itself is capable to shrink and grow online (mounted). The cryptdisk (luks) is not able to do that.

The thing is just: Don’t chown the whole root, but only this partition when mounted.

  • chmod -R 777 /path/to/datamount
  • chown -R $USER:$USER /path/to/datamount

As always uppercase and lowercase letters make a difference. $USER not $user.

That pretty default when you install it on btrfs. There is @home in the FS_TREE which is mounted then to /home. And no, it is not a folder, but a subvolume.

<FS_TREE>/@ -> /
<FS_TREE>/@home -> /home

Sorry, but we see it and you know it. You are still an absolut beginner when you do fundamental mistakes and don’t see it.


If you do like this than do not give any advice to beginners, please. It is better like this.

I know btrfs directories shrink within a partition. But if I create a complete separated partition the main partition doesn’t. Or do you think it is better only work with subdirectories like @home and @data on one main btrfs partition?
The problem I see is, if I use timeshift I would like to backup also the /home settings but not the data. I want to keep it seperated in a different folder. For this I may not really have understood the logic.

Also if I use rsync -av --exclude=/path /origin /destination the exclude function seems not work properly.

Exactly. Manjaro is NOT for beginners, please read the link I provided.
I can’t speak for others, but I do not feel comfortable.
If you learn basics and ask relevant questions, I give you all the time in the world.

Lets take this example:

Those are not subdirectories, those are subVOLUMES.

I’m not typing this to be toxic, quite the contrary actually. I think you are out of your depth, you simply do not have enough knowledge but you can fix that.
What I advice you to do is to gain that basic knowledge and THEN come back. :slight_smile:

1 Like

I guess so. When I read you text then I think you don’t understand the basic design concept of btrfs. No worry, I felt the same. Throw out everything you know about old file systems and think new.

Subvolumes look like normal directories, but they are not. A subvolume is similar to a partition on a normal disk, but more dynamic. So please give yourself a favor and talk with the right terminology so that everyone understands you.

Explain please :question:

The idea of timeshift is NOT to have backups of your whole data, but to have a recovery tool when something bad happens.
Timeshift is not an ordinary backup tool.
Think of “Windows System Recovery” which is pretty equal to timeshift. Therefore it creates snapshot (read-only subvolumes with shared pointers) on the same partition when using btrfs. Timeshift creates a snapshot of the subvolume @ which is actually /. It doesn’t include any other subvolume by default. All data have to be on the same partition, since it de-duplicate the files internally. Therefore it is only suitable for system restore and not your data.

Real world example?

rsync -ahv --exclude={/dir1/*,/dir2} --info=progress2 --stats --delete --delete-excluded --force --partial /source /destination
Works great if you want to keep a directory “synced” to something.

Note that this will completely ignore anything btrfs and only make a sync of the files. Has nothing to do with subvolumes or anything.

If you want to do a clone, use btrfs send|recieve.

You find good Information about Btrfs in the wiki

and in




Yes, I know that. But if I select the option “Include subdrive @home in backups” in the Timeshift settings for backing up my personal settings, what happens to my personal data in @home? They are in the /home/user/… directory. The way the data is stored in /home/user is that there are separate folders for music, pictures, documents and so on, which I would have to back up separately.
Will they also be restored by timeshift in case of the mentioned extra setting? I do not want that.
So I was thinking of an extra btrfs partition or a simply a btrfs subvolume like @mypersonaldata if it works. Like this?

mkfs.btrfs -L mypersonaldata /home/user/mypersonaldata

lsblk shows these subvolumes or paths:

I hope you understand what I mean? I want root, home settings and data separated also for backup and recovery. And you are also right that I need to be more precise in my wording.

Thanks for your opinion.

That’s a good suggestion not a grumble.

Be carefull.
When Thimeshift does a rollback, it WILL rollback @home at the same time as @ . So you may lose some of your valuable data at that point in time

Timeshift does not support separate rollback. Snapper does.

But then Timeshift will not make any snapshots of @mypersonaldata and it will not cleanup snapshots you made. :man_shrugging: Snapper does.


Exactly. You seem to be the first one who really understands my core problem. This is why I am looking for a separated partition created with btrfs and encryption, because I believe it it the best solution. But let the high professionals also give their statement.

Totally agree here:

It depends on you. A backup should be always made on a separate storage. Neither a partition on the same drive nor a subvolume meets this criterion. You can call a snapshot a “transient backup”.

Use rsync, borg or what ever you want, but not timeshift. And use a separate physical drive.

However the whole thread goes offtopic. The problem was that you ruined your permissions on the whole root “/” by overwriting ownership. That can be only fixed easily by reinstalling,