From owner-freebsd-questions@FreeBSD.ORG  Thu Feb 21 08:45:09 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D278916A401
	for <freebsd-questions@freebsd.org>;
	Thu, 21 Feb 2008 08:45:09 +0000 (UTC)
	(envelope-from norgaard@locolomo.org)
Received: from bifrost.locolomo.org (97.pool85-48-194.static.orange.es
	[85.48.194.97])
	by mx1.freebsd.org (Postfix) with ESMTP id 8EA6B13C4EE
	for <freebsd-questions@freebsd.org>;
	Thu, 21 Feb 2008 08:45:09 +0000 (UTC)
	(envelope-from norgaard@locolomo.org)
Received: from Home.local (32.Red-80-37-158.staticIP.rima-tde.net
	[80.37.158.32])
	by bifrost.locolomo.org (Postfix) with ESMTP id 6D1D53982D;
	Thu, 21 Feb 2008 09:45:06 +0100 (CET)
Message-ID: <47BD3A0B.2030806@locolomo.org>
Date: Thu, 21 Feb 2008 09:44:59 +0100
From: Erik Norgaard <norgaard@locolomo.org>
User-Agent: Thunderbird 2.0.0.9 (Macintosh/20071031)
MIME-Version: 1.0
To: Andrew Bradford <a-bb@gmx.net>
References: <47BCC9C6.9050501@gmx.net>
In-Reply-To: <47BCC9C6.9050501@gmx.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@freebsd.org
Subject: Re: Mounting FS read-only for specific user (or root)
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Feb 2008 08:45:09 -0000

Andrew Bradford wrote:

> I'm trying to set up a mounted filesystem that is read-write for root, 
> but read-only for anyone else.  It will be mounted as a backup 
> directory, so files listed in that directory will be owned by current 
> users on the system but can't be writeable, regardless of the file 
> permissions.
> 
> hd2 mounted rw in /root/backup-rw
> hd2 mounted ro in /backups
> 
> Is this possible?

Have you tried? ;)

I assume the reasoning for this is you want to preserve permissions and 
attributes on your backup, so you can't solve this simply by setting 
permissions appropriately.

But then, do users need frequent access to their backup? Then you could 
simply mount it on a mount point which only has root access.

Cheers, Erik