Date: Sun, 5 Dec 1999 20:56:23 +0000 From: Mark Ovens <mark@ukug.uk.freebsd.org> To: Dan Harnett <danh@wzrd.com> Cc: freebsd-stable@freebsd.org Subject: Re: Non-root mounting of CD-ROMs Message-ID: <19991205205623.B1071@marder-1> In-Reply-To: <19991205183830.B76BD5D05A@mail.wzrd.com> References: <19991205175354.B696@marder-1> <19991205183830.B76BD5D05A@mail.wzrd.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Dec 05, 1999 at 01:38:30PM -0500, Dan Harnett wrote: > You should be able to allow anyone to mount anything without setting > the setuid bit on /sbin/mount*. First, the permissions on the actual > device need to be changed so a user can access that device. Doh! That was it. The one thing no-one checked. > Second, a simple sysctl will let the user mount a device: > > sysctl -w vfs.usermount=1 > > As an alternative, you could put the user into the operator group, > but this will give the user more privileges than probably intended. > It seems that you *must* use ``sysctl -w vfs.usermount=1'', even if the user in the operator group else it still gives "Operation not permitted", although it is possible for the user to umount(8) it :-/ Thanks for the help. > Dan Harnett > > > > A thread on the UK User Group mailing list about non-root users > > mounting CD-ROMs included posts from a couple of people running > > -STABLE who could do this. I tried and it doesn't work for me. A > > ktrace(1) showed the call to mount(2) returning EPERM, which is what I > > would expect. > > > > After several posts we established that the only differences we could > > find between my setup and theirs is that I'm using a SCSI CD-ROM and > > they both have IDE. Additionally, their systems were cvsup'd more > > recently than mine (mine was around the end of September) and no-one > > has made /sbin/mount* setuid. > > > > A look through the CVS logs on the web-site shows that there have been > > quite a few changes to mount in the last couple of months. > > > > So, the question is, should a non-root user be able to mount a CD-ROM > > (without making /sbin/mount* setuid)? > > > > -- > > PERL has been described as "the duct tape of the Internet" > > and "the Unix Swiss Army chainsaw" > > - Computer Shopper 12/99 > > ________________________________________________________________ > > FreeBSD - The Power To Serve http://www.freebsd.org > > My Webpage http://ukug.uk.freebsd.org/~mark/ > > mailto:mark@ukug.uk.freebsd.org http://www.radan.com > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-stable" in the body of the message > > > -- PERL has been described as "the duct tape of the Internet" and "the Unix Swiss Army chainsaw" - Computer Shopper 12/99 ________________________________________________________________ FreeBSD - The Power To Serve http://www.freebsd.org My Webpage http://ukug.uk.freebsd.org/~mark/ mailto:mark@ukug.uk.freebsd.org http://www.radan.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991205205623.B1071>