From owner-freebsd-questions@FreeBSD.ORG Sun Aug 13 12:14:47 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D4E4F16A4E2 for ; Sun, 13 Aug 2006 12:14:47 +0000 (UTC) (envelope-from chris@childeric.freeserve.co.uk) Received: from smtp-out4.blueyonder.co.uk (smtp-out4.blueyonder.co.uk [195.188.213.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 121B943D46 for ; Sun, 13 Aug 2006 12:14:46 +0000 (GMT) (envelope-from chris@childeric.freeserve.co.uk) Received: from [172.23.170.141] (helo=anti-virus02-08) by smtp-out4.blueyonder.co.uk with smtp (Exim 4.52) id 1GCErc-0008UT-WA; Sun, 13 Aug 2006 13:14:45 +0100 Received: from [82.35.115.93] (helo=[192.168.10.60]) by asmtp-out6.blueyonder.co.uk with esmtpa (Exim 4.52) id 1GCErc-0000AB-Ce; Sun, 13 Aug 2006 13:14:44 +0100 Message-ID: <44DF17B2.6060804@childeric.freeserve.co.uk> Date: Sun, 13 Aug 2006 13:14:42 +0100 From: Chris Whitehouse User-Agent: Thunderbird 1.5 (X11/20060417) MIME-Version: 1.0 To: Bob Richards References: <200608071755.57239.bob@tania.servebbs.org> <200608092346.47577.bob@tania.servebbs.org> <44DBB5EE.3010906@childeric.freeserve.co.uk> <200608102056.09797.bob@tania.servebbs.org> In-Reply-To: <200608102056.09797.bob@tania.servebbs.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Questions Subject: Re: Mount Point permissions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Aug 2006 12:14:47 -0000 Bob Richards wrote: > On Thursday 10 August 2006 18:40, you wrote: > > you want my devfs.rules and snips from other files. >> > > Thanks Chris; that would be appreciated. > > Bob Hi Bob The settings below allow user1 to mount and write to usb mass storage, floppy and cds (read only) on anywhere he owns. I created a new group usermount and directories ~user1/fd0, ~user1/cdrom and ~user1/usb. Of course you have to reboot or set everything manually before they will take effect. =========================================== /etc/rc.conf ... ... usbd_enable="YES" devd_enable="YES" devfs_system_ruleset="usb_device_perms" /etc/devfs.rules [usb_device_perms=100] add path 'da*s*' mode 0660 group usermount /etc/devfs.conf ... ... # Allow user to access floppy own fd0 root:usermount perm fd0 0660 # Allow user access to cdrom own xpt0 root:usermount perm xpt0 0660 own cd0 root:usermount perm cd0 0660 link cd0 cdrom link cd0 dvd own pass0 root:usermount perm pass0 0660 own cd1 root:usermount perm cd1 0660 own pass1 root:usermount perm pass1 0660 /etc/fstab # Device Mountpoint FStype Options Dump Pass# ... ... #/dev/cd0 /mnt/cdrom cd9660 ro,noauto 0 0 /dev/cd0 /usr/home/user1/cdrom cd9660 ro,noauto 0 0 /dev/fd0 /usr/home/user1/floppy msdosfs rw,noauto,sync 0 0 #/dev/fd0 /mnt/floppy msdosfs rw,noauto 0 0 /etc/group ... ... usermount:*:1004:user1 /etc/sysctl.conf vfs.usermount=1 ==================================== and here's the result with some things mounted. Note without a cd mounted ~/user1/cdrom is owner user1, group user1, not sure why it changes when a cd is mounted. %id uid=1001(user1) gid=1001(user1) groups=1001(user1), 5(operator), 1004(usermount) %pwd /usr/home/user1 %ls -ld usb cdrom floppy dr-xr-xr-x 20 root wheel 6144 7 May 12:58 cdrom drwxr-xr-x 1 user1 user1 7168 1 Jan 1980 floppy drwxr-xr-x 1 user1 user1 6144 1 Jan 1980 usb %ls -l /dev/da0s1 /dev/cd0 /dev/fd0 crw-rw---- 1 root usermount 0, 84 13 Aug 11:07 /dev/cd0 crw-rw---- 1 root usermount 0, 105 13 Aug 11:07 /dev/da0s1 crw-rw---- 1 root usermount 0, 79 13 Aug 11:07 /dev/fd0 %mount ... ... devfs on /dev (devfs, local) /dev/fd0 on /usr/home/user1/floppy (msdosfs, local, nosuid, mounted by user1) /dev/cd0 on /usr/home/user1/cdrom (cd9660, local, nosuid, read-only, mounted by user1) /dev/da0s1 on /usr/home/user1/usb (msdosfs, local, nosuid, mounted by user1) % cheers Chris