From owner-freebsd-hackers@FreeBSD.ORG Fri Apr 7 09:13:41 2006 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 870E716A401 for ; Fri, 7 Apr 2006 09:13:41 +0000 (UTC) (envelope-from aren.tyr@gawab.com) Received: from info10.gawab.com (info10.gawab.com [204.97.230.43]) by mx1.FreeBSD.org (Postfix) with SMTP id F25D743D45 for ; Fri, 7 Apr 2006 09:13:40 +0000 (GMT) (envelope-from aren.tyr@gawab.com) Received: (qmail 9568 invoked by uid 1004); 7 Apr 2006 09:15:11 -0000 Received: from unknown (HELO yggdrasil) (aren.tyr@gawab.com@62.56.44.210) by gawab.com with SMTP; 7 Apr 2006 09:15:11 -0000 X-Trusted: Whitelisted From: Aren Olvalde Tyr To: freebsd-hackers@freebsd.org Date: Fri, 7 Apr 2006 10:13:28 +0100 User-Agent: KMail/1.9.1 References: <1144042356.824.16.camel@shumai.marcuscom.com> <44356DDF.4000702@bitfreak.org> <20060406234239.GB1913@dice.stsp.lan> In-Reply-To: <20060406234239.GB1913@dice.stsp.lan> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart2935123.ffY77boj9l"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200604071013.38486.aren.tyr@gawab.com> X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: Re: RFC: Adding a ``user'' mount option X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 09:13:41 -0000 --nextPart2935123.ffY77boj9l Content-Type: multipart/mixed; boundary="Boundary-01=_40iNEc4yoaB7FKP" Content-Transfer-Encoding: 7bit Content-Disposition: inline --Boundary-01=_40iNEc4yoaB7FKP Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Hello all, I've been watching this thread with some interest. I have actually found quite a straightforward solution to this problem that= =20 works for me under FreeBSD, and requires no extra entries in fstab, scripts= =20 changing permissions on login, or any other fairly ugly workaround. I assume that basically what we are looking for is to make mounting/unmount= ing=20 of devices as simple as possible for non-technical users so they do not hav= e=20 to run mount manually at the command line. As mentioned before, you can easily globally restrict which users you wish = to=20 allow mounting of a particular device by simply using group permissions on= =20 the device. Then, assuming you've set vfs.usermount =3D 1: 1. ) First create some suitable directories under the user's /home folder f= or=20 mounting the devices. For example, I have: [=3D Yggdrasil | aren | /usr/home/aren =3D]% ls -l media total 8 drwxr-xr-x 2 aren aren 512 Apr 6 21:37 cdrw/ drwxr-xr-x 2 aren aren 512 Apr 6 13:19 dvdrom/ drwxr-xr-x 2 aren aren 512 Apr 6 15:03 floppy/ drwxr-xr-x 2 aren aren 512 Apr 6 14:04 usbflash/ 2.) Next, add the devices icons to your KDE (or whichever) desktop. 3.) Now KDE by default will use the mount point specified under /etc/fstab= =2E=20 Obviously this is no good, since the current user will not own the mount=20 point specified. However, if you simply open up the actual desktop device=20 file, it is a very straightforward text file. You can then simply edit=20 the "MountPoint" entry to point to the new mount location under your home=20 folder. =46or example, for my DVD-ROM drive desktop link: [=3D Yggdrasil | aren | /usr/home/aren/Desktop =3D]% cat DVD-ROM [Desktop Action Eject] Exec=3Dkdeeject %v Name=3DEject [Desktop Entry] Actions=3DEject; Dev=3D/dev/cd1 Encoding=3DUTF-8 Icon=3Ddvd_mount MountPoint=3D/home/aren/media/dvdrom =46SType=3Dcd9660 ReadOnly=3Dtrue Type=3DFSDevice UnmountIcon=3Ddvd_unmount X-KDE-Priority=3DTopLevel The "FSType" entry is not usually there by default either, but it helps to= =20 make sure that the correct option is called to mount. Mounting a device is as simple as just clicking on the desktop icon now, wh= ich=20 is exactly what we wanted. It will mount the device under the mount locatio= n=20 in my /home, which I own, and everything works great.=20 This method requires no alteration/extra entries in /etc/fstab, no chown on= a=20 global mount location (since the user always owns their own local mount=20 point), no sudo and no setuid. Minimal security compromise. =46or a large network, it should be fairly trivial to create a script that = will=20 add the users to the correct group(s) for mouting the given device(s), crea= te=20 the necessary mount directories under the user's /home directory, and=20 populate their KDE (or whichever) desktop with the correct (modified) deskt= op=20 entries. Job done. Regards, Aren. --Boundary-01=_40iNEc4yoaB7FKP-- --nextPart2935123.ffY77boj9l Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQBENi1CoWGxb6IQ4B4RAoZUAKCGEQP86192Ynd9lXgxIu87fnV1swCfe5hZ 8xzLWqoDLQFWeEIhcfgYvZA= =i8Bq -----END PGP SIGNATURE----- --nextPart2935123.ffY77boj9l--