Hi! Paul Hampson [2004-11-11 10:03 +1100]: > But don't CD-ROM and floppy devices also need the same sort of pmount > support you're proposing here? After all, you can hot-swap the media in > them, so it seems reasonable to me that they can be pmounted? What's the > rationale for _not_ including these in the pmount infrastructure you're > proposing?
CD-ROMs are fully supported by pmount; hal runs in both floppy and cdrom group as well, so that media check and file system detection works. The only problem are floppies, because there is no sysfs entry for the floppy device. That means that pmount cannot currently decide that /dev/fd0 is removable and will refuse to mount it. However, this is not a big practical problem since legacy floppies are usually present in /etc/fstab. If a device is already in fstab, pmount <device> behaves _exactly_ like mount <device>. This fallback allows to use pmount as a complete replacement of mount in e. g. gnome-volume-manager. Maybe there is a misunderstanding here: pmount itself does not care about the group of a device. pmount decides whether or not the user is allowed to mount a device by looking at sysfs, not at device permissions. The udev mangling is not necessary for pmount, but for hal. Normally, /dev/hd* and /dev/sd* are assigned to group 'disk'. But access to group disk is essentially the same as root access, that's why we let hal run only in group 'plugdev' and assign all removable devices to group 'plugdev' instead of 'disk. > Hmm. Now that I think about it, surely the plugdev group would have to > be given using pam_console so that remote users in the plugdev group > can't remotely stomp on the USB memory stick the local user just put in, > before they could mount it? For Ubuntu we decided not to use pam_console, but put users into plugdev by default, because some users want to use their USB hard drives even remotely. However, using pam_console is entirely possible and in fact this decision is unrelated to the matter of device permissions. The administrator has to actively put users into plugdev, pmount will not try to mangle /etc/passwd :-) Have a nice day! Martin -- Martin Pitt http://www.piware.de Ubuntu Developer http://www.ubuntulinux.org Debian GNU/Linux Developer http://www.debian.org
signature.asc
Description: Digital signature
