Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
How to make USB mounts user specific
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo
View previous topic :: View next topic  
Author Message
wisemonkey
n00b
n00b


Joined: 14 Mar 2013
Posts: 45

PostPosted: Tue May 28, 2013 12:09 am    Post subject: How to make USB mounts user specific Reply with quote

Hi,
I'm using e17 and I've /etc/fstab lines looks something similar to:
Code:
/dev/sdb1               /home/wisemonkey/media/usbDevice4       auto            noauto,user,rw,sync     0 0

and so on.
I would like user to be able to mount / unmount USB as he wishes.
Even with these lines in /etc/fstab, normal user can't use USB devices.

Is there something I'm missing?

Thanks
Back to top
View user's profile Send private message
ppurka
Advocate
Advocate


Joined: 26 Dec 2004
Posts: 3256

PostPosted: Tue May 28, 2013 12:57 am    Post subject: Reply with quote

If you want to keep the lines in fstab then add uid,gid parameters corresponding to your user to the mount parameters. If you don't want to keep the line in fstab, then try to switch to using udevil -- configure it's configuration file in /etc properly and you will be all set.
_________________
emerge --quiet redefined | E17 vids: I, II | Now using kde5 | e is unstable :-/
Back to top
View user's profile Send private message
wisemonkey
n00b
n00b


Joined: 14 Mar 2013
Posts: 45

PostPosted: Tue May 28, 2013 6:04 am    Post subject: Reply with quote

ppurka wrote:
If you want to keep the lines in fstab then add uid,gid parameters corresponding to your user to the mount parameters. If you don't want to keep the line in fstab, then try to switch to using udevil -- configure it's configuration file in /etc properly and you will be all set.


Thanks I'm going to try udevil approach, I may take some time to understand it.
I'll get back to you as I go through config file.

I'll try to read about uid, gid in /etc/fstab as well but as much as I understood it seems more like static solution than dynamic (limited to single user with many lines being added per device per user).
Back to top
View user's profile Send private message
wisemonkey
n00b
n00b


Joined: 14 Mar 2013
Posts: 45

PostPosted: Fri May 31, 2013 4:45 am    Post subject: Reply with quote

Ok I commented lines in /etc/fstab
and I understood udevil.conf

However udevil command (binary) itself is not executable by user. I added my user to 'plugdev' group and used chmod +s udevil
Still executing udevil reports
Quote:
permission denied


my current udevil permissions:
Code:
-rws--s--- 1 root plugdev 105640 May 27 21:36 /usr/bin/udevil
Back to top
View user's profile Send private message
ppurka
Advocate
Advocate


Joined: 26 Dec 2004
Posts: 3256

PostPosted: Sun Jun 02, 2013 11:15 am    Post subject: Reply with quote

wisemonkey wrote:
Ok I commented lines in /etc/fstab
and I understood udevil.conf

However udevil command (binary) itself is not executable by user. I added my user to 'plugdev' group and used chmod +s udevil
Still executing udevil reports
Quote:
permission denied


my current udevil permissions:
Code:
-rws--s--- 1 root plugdev 105640 May 27 21:36 /usr/bin/udevil
It works for me. Here are my udevil permissions
Code:
~» ll =udevil
-rws--x--- 1 root plugdev 104K May 17 10:04 /usr/bin/udevil
Did you relogin or at least run "su $USER" after adding yourself to the plugdev group? Otherwise your current login session will still use the old group information.

I looked at my udevil.conf configuration and here are the differences between my configuration and the one that comes with udevil by default-
Code:
--- udevil.conf   2013-03-18 02:03:01.000000000 +0800
+++ /etc/udevil/udevil.conf   2013-05-18 23:36:34.000000000 +0800
@@ -41,7 +41,7 @@
 # allowed_types_jim = vfat
 # Setting allowed_types = * does NOT allow all types, as this is a security
 # risk, but does allow all recognized types.
-# allowed_types = $KNOWN_FILESYSTEMS, file, cifs, smbfs, nfs, curlftpfs, ftpfs, sshfs, davfs, tmpfs, ramfs
+# allowed_types = $KNOWN_FILESYSTEMS, file, cifs, smbfs, nfs, curlftpfs, ftpfs, sshfs, tmpfs, ramfs
 allowed_types = $KNOWN_FILESYSTEMS, file
 
 
@@ -78,7 +78,7 @@
 # allowed_groups_nfs = network
 # The root user is NOT automatically allowed to use udevil in some cases unless
 # listed here (except for unmounting anything or mounting fstab devices).
-allowed_groups = *
+allowed_groups = plugdev
 
 
 # allowed_media_dirs specifies the media directories in which user mount points
@@ -212,7 +212,9 @@
 # and GID.
 # FOR GOOD SECURITY, default_options SHOULD ALWAYS INCLUDE: nosuid,noexec,nodev
 # WARNING:  OPTIONS PRESENT OR MISSING CAN CAUSE SERIOUS SECURITY PROBLEMS.
-default_options           = nosuid, noexec, nodev, noatime
+#default_options           = nosuid, noexec, nodev, noatime
+#modified by myself
+default_options           = nosuid, nodev, noatime
 default_options_file      = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, ro
 # mount iso9660 with 'ro' to prevent mount read-only warning
 default_options_iso9660   = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, ro, utf8

_________________
emerge --quiet redefined | E17 vids: I, II | Now using kde5 | e is unstable :-/
Back to top
View user's profile Send private message
wisemonkey
n00b
n00b


Joined: 14 Mar 2013
Posts: 45

PostPosted: Sun Jun 02, 2013 4:01 pm    Post subject: Reply with quote

ppurka wrote:
wisemonkey wrote:
Ok I commented lines in /etc/fstab
and I understood udevil.conf

However udevil command (binary) itself is not executable by user. I added my user to 'plugdev' group and used chmod +s udevil
Still executing udevil reports
Quote:
permission denied


my current udevil permissions:
Code:
-rws--s--- 1 root plugdev 105640 May 27 21:36 /usr/bin/udevil
It works for me. Here are my udevil permissions
Code:
~» ll =udevil
-rws--x--- 1 root plugdev 104K May 17 10:04 /usr/bin/udevil
Did you relogin or at least run "su $USER" after adding yourself to the plugdev group? Otherwise your current login session will still use the old group information.

I looked at my udevil.conf configuration and here are the differences between my configuration and the one that comes with udevil by default-
Code:
--- udevil.conf   2013-03-18 02:03:01.000000000 +0800
+++ /etc/udevil/udevil.conf   2013-05-18 23:36:34.000000000 +0800
@@ -41,7 +41,7 @@
 # allowed_types_jim = vfat
 # Setting allowed_types = * does NOT allow all types, as this is a security
 # risk, but does allow all recognized types.
-# allowed_types = $KNOWN_FILESYSTEMS, file, cifs, smbfs, nfs, curlftpfs, ftpfs, sshfs, davfs, tmpfs, ramfs
+# allowed_types = $KNOWN_FILESYSTEMS, file, cifs, smbfs, nfs, curlftpfs, ftpfs, sshfs, tmpfs, ramfs
 allowed_types = $KNOWN_FILESYSTEMS, file
 
 
@@ -78,7 +78,7 @@
 # allowed_groups_nfs = network
 # The root user is NOT automatically allowed to use udevil in some cases unless
 # listed here (except for unmounting anything or mounting fstab devices).
-allowed_groups = *
+allowed_groups = plugdev
 
 
 # allowed_media_dirs specifies the media directories in which user mount points
@@ -212,7 +212,9 @@
 # and GID.
 # FOR GOOD SECURITY, default_options SHOULD ALWAYS INCLUDE: nosuid,noexec,nodev
 # WARNING:  OPTIONS PRESENT OR MISSING CAN CAUSE SERIOUS SECURITY PROBLEMS.
-default_options           = nosuid, noexec, nodev, noatime
+#default_options           = nosuid, noexec, nodev, noatime
+#modified by myself
+default_options           = nosuid, nodev, noatime
 default_options_file      = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, ro
 # mount iso9660 with 'ro' to prevent mount read-only warning
 default_options_iso9660   = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, ro, utf8


Thanks,
I was not restarting session after adding myself to plugdev.
Now I can mount / unmount successfully. However why is it read-only?
I've tried mount-point_mode = 0766, -o rw and changing media dirs to under my home (so that I own them)
Still it reports 'read only filesystem'
Back to top
View user's profile Send private message
wisemonkey
n00b
n00b


Joined: 14 Mar 2013
Posts: 45

PostPosted: Sun Jun 02, 2013 4:02 pm    Post subject: Reply with quote

Ohh yea and I installed spaceFM, it is an aweseom file manager.
e17 default file manager is kinda weird for functionality.
Back to top
View user's profile Send private message
ppurka
Advocate
Advocate


Joined: 26 Dec 2004
Posts: 3256

PostPosted: Sun Jun 02, 2013 4:54 pm    Post subject: Reply with quote

wisemonkey wrote:
Now I can mount / unmount successfully. However why is it read-only?
I've tried mount-point_mode = 0766, -o rw and changing media dirs to under my home (so that I own them)
Still it reports 'read only filesystem'
You should look at udevil.conf and make sure that your file system is being mounted without ro permissions., or that the uid/gid is set correctly, or the umask is correctly set. The default configuration may be a bit restrictive for security purposes. However, there is only one configuration file for udevil and it is pretty well commented, and the mount options simply follow the mount options of the mount command. So, if you don't understand some option then look at "man mount".

The e17 fm is indeed weird. I have never used it for any kind of serious work (in fact, that module remains unloaded here). Using rox here, which is also weird in parts, but has some nice quirks which I find useful.
_________________
emerge --quiet redefined | E17 vids: I, II | Now using kde5 | e is unstable :-/
Back to top
View user's profile Send private message
wisemonkey
n00b
n00b


Joined: 14 Mar 2013
Posts: 45

PostPosted: Sat Jun 22, 2013 4:45 pm    Post subject: Reply with quote

ppurka wrote:
wisemonkey wrote:
Now I can mount / unmount successfully. However why is it read-only?
I've tried mount-point_mode = 0766, -o rw and changing media dirs to under my home (so that I own them)
Still it reports 'read only filesystem'
You should look at udevil.conf and make sure that your file system is being mounted without ro permissions., or that the uid/gid is set correctly, or the umask is correctly set. The default configuration may be a bit restrictive for security purposes. However, there is only one configuration file for udevil and it is pretty well commented, and the mount options simply follow the mount options of the mount command. So, if you don't understand some option then look at "man mount".

The e17 fm is indeed weird. I have never used it for any kind of serious work (in fact, that module remains unloaded here). Using rox here, which is also weird in parts, but has some nice quirks which I find useful.


Thanks ppurka,
Sorry it took a while to reply but I was bit busy.
Anyways I reviewed udevil.conf and there was no issue with it. In fact I could mount one pen drive with R/W but external HDD was RO.
I realized I needed ntfs-3g for NTFS so added fuse module in kernel and installed ntfs-3g so everything is good now :)
I'll check rox as well.

Thanks for ur inputs

For anyone searching for easy USB device mount management:
1. Install udevil
2. Configure it correctly (don't need to change much from default) -- only make sure set suid for udevil itself
3. install spacefm (not required but makes it convenient)
4. If you have NTFS devices make sure kernel has fuse module and ntfs3g is installed.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum