On Mon, Aug 11, 2008 at 12:51:24AM +0100, Edd Barrett wrote: > On Sun, Aug 10, 2008 at 04:11:25PM +0200, frantisek holop wrote: > > hi there, > > > > in trying to hunt down a hotplugd issue on the eeepc, > > i have come across the following issue. > > > > i use the kern.usermount facility. i can umount > > anything i have mounted manually. but if the mounting > > was done by hotplugd or from /etc/fstab at boot time > > (by a root process in one word) even if i have > > everything enabled in order to use usermount the > > umounting operation is not permitted. > > > > this could be seen as a security feature, a bug, or > > possibly both... if the devices are owned by me, the > > mount point is owned by me, i personally see this as a > > bug and not a feature, after all, this is about users > > mounting/umounting... > > > > from where i stand, this is similar to root creating a > > file with owner set to a user. this user will be able > > to modify/delete the file, because it doesn't matter > > who created it. > > > > but if this _is_ a feature, perhaps it could be > > mentioned in the manpage or the faq in one form or > > another. > > Ok, to mount(and probably unmount) a filesystem as non-root, you must > own the directory, and kern.usermount must be 1. > > hotplugd runs as root, so ofcourse it can mount anything it wants, but > you the user, can not probably because you don't own the dir. > > I may be wrong. > > alias mount="sudo mount"?
he's talking about not being able to unmount a filsystem, as opposed to not being able to mount it. here's an example: guff:~% sysctl kern.usermount kern.usermount=1 guff:~% id uid=1000(jakemsr) gid=1000(jakemsr) groups=1000(jakemsr), 0(wheel), 5(operator), 9(wsrc), 10(users), 20(staff) guff:~% grep usb0 /etc/fstab /dev/sd0i /mnt/usb0 msdos rw,noauto 0 0 guff:~% ls -ld /mnt/usb0 drwxr-xr-x 2 jakemsr wheel 512 Jan 18 2008 /mnt/usb0 guff:~% mount /mnt/usb0 guff:~% umount /mnt/usb0 guff:~% sudo mount /mnt/usb0 guff:~% umount /mnt/usb0 umount: /mnt/usb0: Operation not permitted guff:~% -- [EMAIL PROTECTED] SDF Public Access UNIX System - http://sdf.lonestar.org
