Re: Mounting problems
On Sun, 17 Oct 1999, Bryan Scaringe wrote:
: This is confusing the hell out of me:
:
: I want to allow a user, AND ONLY THAT USER, to mount CD's and floppys.
: We'll call him 'bob'. I added 'bob' to the groups floppy and cdrom.
: adduser bob floppy
: adduser bob cdrom
:
: my mount points are:
: /dev/fd0 /mnt/fd0 vfat defaults,user,noauto 0 0
: /dev/fd1 /mnt/fd1 vfat defaults,user,noauto 0 0
: /dev/cdrom /mnt/cdrom iso9660 defaults,user,noauto 0 0
: /dev/cdrw /mnt/cdrw iso9660 defaults,user,noauto 0 0
: /dev/mcd /mnt/mcd iso9660 defaults,user,noauto 0 0
: /dev/zip /mnt/zip vfat defaults,user,noauto 0 0
This allows any user to mount the media. You might want add bob to
/etc/sudoers so he can use `sudo mount' to mount the media instead.
: and an ls -l of my /mnt directory shows:
: dr-xr-x--- 2 root cdrom 1024 May 18 21:51 cdrom/
: dr-xr-x--- 2 root cdrom 1024 May 18 21:51 cdrw/
: dr-xr-x--- 2 root floppy 1024 May 18 21:51 fd0/
: dr-xr-x--- 2 root floppy 1024 May 18 21:51 fd1/
: dr-xr-x--- 2 root cdrom 1024 Aug 16 21:07 mcd/
: dr-xr-x--- 2 root floppy 1024 May 18 21:51 zip/
:
: Now, if 'bob' mounts the cdrom, /mnt/cdrom becomes:
: dr-xr-xr-w 2 root root 1024 May 18 21:51 cdrom/
:
: And now ANY user can see the contents of the CD!!!
:
: Why did the group and permissions change?
The permissions of the mount point do not determine the permissions of
the mounted media - in fact, the permissions of the mounted media root
will supercede the permissions of the mount point.
: How do I prevent other users from changing into that directory (/mnt/cdrom)?
RTFM `man mount', pay close attention to the uid, gid, and umask
options.
Example: I mount a VFAT partition readable by only one user on my home
machine:
/dev/sdc3 /win vfat uid=1000,gid=1000,umask=027
This mount is automounted ... in your case you'd want something like
this:
/dev/cdrom /mnt/cdrom iso9660 noauto,uid=1000,gid=1000,umask=027
HTH,
--
Nathan Norman
MidcoNet 410 South Phillips Avenue Sioux Falls, SD
mailto:finn@midco.net http://www.midco.net
finger finn@home.midco.net for PGP Key: (0xA33B86E9)
Reply to: