From owner-freebsd-questions Mon Jan 26 15:08:55 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA17134 for questions-outgoing; Mon, 26 Jan 1998 15:08:55 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from whqvax.picker.com (whqvax.picker.com [144.54.1.1]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id PAA17101 for ; Mon, 26 Jan 1998 15:08:47 -0800 (PST) (envelope-from rhh@ct.picker.com) Received: from ct.picker.com by whqvax.picker.com with SMTP; Mon, 26 Jan 1998 18:08:13 -0500 (EST) Received: from elmer.ct.picker.com by ct.picker.com (4.1/SMI-4.1) id AA07089; Mon, 26 Jan 98 18:08:11 EST Received: by elmer.ct.picker.com (SMI-8.6/SMI-SVR4) id SAA17861; Mon, 26 Jan 1998 18:06:38 -0500 Message-Id: <19980126180637.13521@ct.picker.com> Date: Mon, 26 Jan 1998 18:06:37 -0500 From: Randall Hopper To: Drifter Cc: freebsd-questions@FreeBSD.ORG Subject: Delegating MOUNT priviledges (was Re: Mounting a floppy, ZIP drive, or partition as a non-root user) References: <199801260545.AAA00895@stratos.net> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary=sG6bCIzRHxTLpBwC X-Mailer: Mutt 0.88 In-Reply-To: <199801260545.AAA00895@stratos.net>; from Drifter on Mon, Jan 26, 1998 at 12:45:38AM -0500 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk --sG6bCIzRHxTLpBwC Content-Type: text/plain; charset=us-ascii Drifter: | I have a quick question about mounting file systems as a non- |root user. Since I am confident in the security of my home system, I would |like the ability for my "drifter" account to mount and unmount my floppy |at will. | Unfortunately, I have not been able to figure it out. Yes, I am |being lazy in not wanting to su root all the time, and when I am in X, I Ditto that here. | So, without writing an expect script, is there a way to allow |non-root users to mount a floppy drive? When I make a new UFS ZIP disk, I mount it and I chown rhh and chgrp zip (I created that group) on the root dir of the ZIP UFS. That of course let's me (or anyone else I put in group zip) write to it as myself/themselves without being root. Now as to the mounting part, I haven't found a way to get mount as an ordinary user. I wish there was a way to give mount access per device to a group, but if it exists I don't know about it. In lieu of that, I use a hack: setuid mount{zip,cd,...}/umount{zip,cd,...} Perl scripts, so I don't have to mess with suing all the time. Examples attached. Now this works fine for UFS disks, and on 2.2.x, it works fine for DOS ZIP disks. But there's some bug on 3.0-current that prevents you from running mount_msdos setuid, so unfortunately we'll need to su for that until the bug is fixed. Randall --sG6bCIzRHxTLpBwC Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=mountzip #!/usr/bin/suidperl -w $ENV{'PATH'} = '/bin:/usr/bin:/usr/sbin:/sbin'; $ENV{'SHELL'} = '/bin/sh' if defined $ENV{'SHELL'}; $ENV{'IFS'} = '' if defined $ENV{'IFS'}; chdir( "/" ); ( !system( "mount /dev/sd0s1 /zip" ) && print "UFS /zip mounted\n" ) || ( !system( "mount -t msdos /dev/sd0s4 /zip" ) && print "DOS /zip mounted\n" ) || die "Mount failed\n"; --sG6bCIzRHxTLpBwC Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=umountzip #!/usr/bin/suidperl -w $ENV{'PATH'} = '/bin:/usr/bin:/usr/sbin:/sbin'; $ENV{'SHELL'} = '/bin/sh' if defined $ENV{'SHELL'}; $ENV{'IFS'} = '' if defined $ENV{'IFS'}; chdir( "/" ); ( !system( "umount /zip" ) && print "/zip UNmounted\n" ) || ( !system( "umount /doszip" ) && print "/doszip UNmounted\n" ) || die "Umount failed\n"; ( !system( "scsi -f /dev/rsd0.ctl -s 30 -c '1b 0 0 0 0:b6 v:b1 v:b1 0' 1 0" ) || die "Eject failed\n" ); # Permutations for the last two args to scsi(8) with this other arg permut # $loej $start action # 0 0 stop, don't eject medium # 1 0 stop & eject # 0 1 start, but don't try to load medium # 1 1 start & load medium --sG6bCIzRHxTLpBwC--