:: Re: [DNG] For all you automounter p…
Inizio della pagina
Delete this message
Reply to this message
Autore: Hendrik Boom
Data:  
To: fsmithred
CC: dng
Oggetto: Re: [DNG] For all you automounter programmers
On Tue, Apr 26, 2016 at 06:19:32PM -0400, fsmithred wrote:
> On 04/26/2016 03:36 PM, Hendrik Boom wrote:
> > On Tue, Apr 26, 2016 at 02:08:33PM -0400, Steve Litt wrote:
> >> Hi all,
> >>
> >> It seems like everyone in the Devuan community has written his or her
> >> own usb drive automounter, and I've just discovered something that will
> >> help us all.
> >>
> >> The thumb drive you buy at the store is formatted with a Windows file
> >> system, and that's a good thing because it's mountable pretty much by
> >> any device or computer. Sneakernet at its best.
> >>
> >> But you must be root to mount it unless it's declared in /etc/fstab,
> >> which is a bad idea for a number of reasons. And if you mount it as
> >> root, normally the owner is root, and with its (typical) 755
> >> permissions, a normal user can't write to it. Defeating its whole
> >> purpose.
> >>
> >> What you really want is for anyone in a certain group to be able to
> >> write to it. I used group "floppy", because a USB drive is a pretty
> >> good analog to a floppy, and floppies aren't even used much anymore. So
> >> do the mount like this:
> >>
> >> mount -o gid=floppy,fmask=113,dmask=002 /dev/sdd1 /mnt/thumb
> >>
> >> or
> >>
> >> mount -o gid=floppy,fmask=113,dmask=002 /dev/sdd1 /mnt/sdd1
> >>
> >> The gid= means the thumb drive and all its files are group "floppy",
> >> and the fmask and dmask make directories 775 and 664 respectively, so
> >> group "floppy" can write.
> >>
> >> I haven't yet tried this on a genuine ext4 formatted thumb drive, so I
> >> don't know whether it would have any downside there. If so, the
> >> different mount options would only appear if the thumb drive was
> >> determined to be vfat/fat/msdos etc.
> >
> > I have a USB backup drive. I have root mount it, It's formatted
> > ext3, and I have no problems doing so. It even allows me to use my
> > systems's user IDs, though I expect it'll get confused if I were to use
> > it on several systems with different UIDs.
> >
> > I just mount it as mount /dev/sdb1 /usbackup
> >
> > -- hendrik
>
>
>
> This did not work for me:
>
> $ mount -o gid=floppy,fmask=113,dmask=002 /dev/sdd1 /mnt/thumb
> mount: only root can use "--options" option


Of course, to back up the entire system, I have to be root amyway, so
there's no problem with this restriction,

>
> First partition is vfat, second is ext4, and that won't mount, either. I'm
> in the floppy group and also in plugdev group, and /mnt/thumb exists. What
> am I doing wrong? Or is this something the user used to be able to do but
> no longer can? (similar to what happened with blkid.)


As far as I know, mounting an ext file system as a user is a
security risk, so there have to be enough constraints to keep the
system from interpret the permissions within the mounted volume as
permitting the execution of arbitrary code.

Root, as usual, us trusted to know what it is doing.

Root can place an line in the /etc/fstab to make some of these
things possible, but I've notice restrictions creeping in over the
years.

>
> I like pmount for mounting usb devices. It's pretty smart. For removable
> devices, you don't need to list them in /etc/pmount.allow, and it handles
> encrypted filesystems (cryptsetup/luks).
>
> -fsr
>
> _______________________________________________
> Dng mailing list
> Dng@???
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng