Hello all, I've been watching this thread with some interest.
I have actually found quite a straightforward solution to this problem that works for me under FreeBSD, and requires no extra entries in fstab, scripts changing permissions on login, or any other fairly ugly workaround. I assume that basically what we are looking for is to make mounting/unmounting of devices as simple as possible for non-technical users so they do not have to run mount manually at the command line. As mentioned before, you can easily globally restrict which users you wish to allow mounting of a particular device by simply using group permissions on the device. Then, assuming you've set vfs.usermount = 1: 1. ) First create some suitable directories under the user's /home folder for mounting the devices. For example, I have: [= Yggdrasil | aren | /usr/home/aren =]% ls -l media total 8 drwxr-xr-x 2 aren aren 512 Apr 6 21:37 cdrw/ drwxr-xr-x 2 aren aren 512 Apr 6 13:19 dvdrom/ drwxr-xr-x 2 aren aren 512 Apr 6 15:03 floppy/ drwxr-xr-x 2 aren aren 512 Apr 6 14:04 usbflash/ 2.) Next, add the devices icons to your KDE (or whichever) desktop. 3.) Now KDE by default will use the mount point specified under /etc/fstab. Obviously this is no good, since the current user will not own the mount point specified. However, if you simply open up the actual desktop device file, it is a very straightforward text file. You can then simply edit the "MountPoint" entry to point to the new mount location under your home folder. For example, for my DVD-ROM drive desktop link: [= Yggdrasil | aren | /usr/home/aren/Desktop =]% cat DVD-ROM [Desktop Action Eject] Exec=kdeeject %v Name=Eject [Desktop Entry] Actions=Eject; Dev=/dev/cd1 Encoding=UTF-8 Icon=dvd_mount MountPoint=/home/aren/media/dvdrom FSType=cd9660 ReadOnly=true Type=FSDevice UnmountIcon=dvd_unmount X-KDE-Priority=TopLevel The "FSType" entry is not usually there by default either, but it helps to make sure that the correct option is called to mount. Mounting a device is as simple as just clicking on the desktop icon now, which is exactly what we wanted. It will mount the device under the mount location in my /home, which I own, and everything works great. This method requires no alteration/extra entries in /etc/fstab, no chown on a global mount location (since the user always owns their own local mount point), no sudo and no setuid. Minimal security compromise. For a large network, it should be fairly trivial to create a script that will add the users to the correct group(s) for mouting the given device(s), create the necessary mount directories under the user's /home directory, and populate their KDE (or whichever) desktop with the correct (modified) desktop entries. Job done. Regards, Aren.
pgprdvGZRpCF3.pgp
Description: PGP signature
