[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[no subject]
- <!--x-content-type: text/plain -->
- <!--x-date: Wed Jun 30 14:10:28 2004 -->
- <!--x-from-r13: rfbgrevp ng 3gvzrf25.arg (Urbsserl) -->
- <!--x-message-id: [email protected] -->
- <!--x-reference: [email protected] -->
- <!--x-reference: [email protected] --> "http://www.w3.org/TR/html4/loose.dtd">
- <!--x-subject: [ale] Permission hell question -->
- <li><em>date</em>: Wed Jun 30 14:10:28 2004</li>
- <li><em>from</em>: esoteric at 3times25.net (Geoffrey)</li>
- <li><em>in-reply-to</em>: <<a href="msg00680.html">[email protected]</a>></li>
- <li><em>references</em>: <<a href="msg00585.html">[email protected]</a>> <<a href="msg00680.html">[email protected]</a>></li>
- <li><em>subject</em>: [ale] Permission hell question</li>
You really don't have to do this. I mount my memory stick which has
vfat fs by any user. Relevant entry in /etc/fstab:
/dev/sda1 /mnt/memstick vfat noauto,user,exec 0 0
The 'user' option permits any user to mount the file system.
Once it's mounted, I can create files as well as directories on
/mnt/memstick as the user who mounted the filesystem.
> If you move to the new 2.6 kernel then all the mount and umount stuff
> goes away for removeable devices. Plus, with permissions on the devices
> set correctly by the kernel for removeable devices you can work as a
> user. I need to read up on that last statement but SuSE 9.1 was a dream
> for the use of CD's and floppies when I was trying it out.
>
> Using mtools is a nice idea since it is designed to work with vfat. The
> unix cp -p command won't work like you'd expect since you don't have
> ownership or permissions per se under vfat. I believe the kernel just
> calls all the files and directories as owned by root unless you have it
> mounted as nobody.
Not exactly. If you can create a file on the mounted file system, it is
created as owned by the user who created it:
rhws/mnt/memstick> ls -lart
total 52
-r-xr-xr-x 1 esoteric users 0 Jul 16 2003 memstick.ind
drwxr-xr-x 6 root root 4096 Jun 29 07:45 ..
drwxr-xr-x 2 esoteric users 16384 Jun 30 13:48 foo
drwxr-xr-x 4 esoteric users 16384 Jun 30 13:48 .
> The underlying mount point permissions are very important to match up
> with what your filesystem has that will be mounted. You can't see those
> permissions on the mount point unless the filesystem isn't mounted yet
> on that mount point.
This isn't accurate either, sorry Dow. :)
/mnt/memstick on my box was 755 and I can mount it and created/delete
files or directories. As root, I changed the perms of /mnt/memstick to
700. I'm still able to mount the filesystem as well as create/delete
files and directories.
Note the following:
root at rhws/home/esoteric> ls -ld /mnt/memstick
drwx------ 2 root root 4096 May 12 13:59 /mnt/memstick
root at rhws/home/esoteric> exit
exit
rhws/home/esoteric> mount /mnt/memstick
rhws/home/esoteric> ls -ld /mnt/memstick
drwxr-xr-x 3 esoteric users 16384 Dec 31 1969 /mnt/memstick
> This bites people using NFS, such as me, when you
> have the mount point with 0700 permissions but expect to have 0755 on
> the mounted filesystem. The mounted filesystem's permissions hide and
> overlay the underlying mount point's permissions when mounted so you'd
> have to unmount to check and see what the values were.
I've not tried this for NFS, so I'm not sure what happens there.
--
Until later, Geoffrey Registered Linux User #108567
Building secure systems in spite of Microsoft
</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<ul><li><strong>Follow-Ups</strong>:
<ul>
<li><strong><a name="00688" href="msg00688.html">[ale] Permission hell question</a></strong>
<ul><li><em>From:</em> ups at tree.com (Stephan Uphoff)</li></ul></li>
<li><strong><a name="00690" href="msg00690.html">[ale] Permission hell question</a></strong>
<ul><li><em>From:</em> dhurst at kennesaw.edu (Dow Hurst)</li></ul></li>
</ul></li></ul>
<!--X-Follow-Ups-End-->
<!--X-References-->
<ul><li><strong>References</strong>:
<ul>
<li><strong><a name="00585" href="msg00585.html">[ale] Permission hell question</a></strong>
<ul><li><em>From:</em> kilpatms at speakeasy.net (Sean Kilpatrick)</li></ul></li>
<li><strong><a name="00680" href="msg00680.html">[ale] Permission hell question</a></strong>
<ul><li><em>From:</em> dhurst at kennesaw.edu (Dow Hurst)</li></ul></li>
</ul></li></ul>
<!--X-References-End-->
<!--X-BotPNI-->
<ul>
<li>Prev by Date:
<strong><a href="msg00686.html">[ale] What is krefilld?</a></strong>
</li>
<li>Next by Date:
<strong><a href="msg00688.html">[ale] Permission hell question</a></strong>
</li>
<li>Previous by thread:
<strong><a href="msg00680.html">[ale] Permission hell question</a></strong>
</li>
<li>Next by thread:
<strong><a href="msg00688.html">[ale] Permission hell question</a></strong>
</li>
<li>Index(es):
<ul>
<li><a href="maillist.html#00687"><strong>Date</strong></a></li>
<li><a href="threads.html#00687"><strong>Thread</strong></a></li>
</ul>
</li>
</ul>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
</body>
</html>