Date: Mon, 14 Aug 2000 14:09:44 -0500 (CDT) From: Mike Meyer <mwm@mired.org> To: keith@mail.telestream.com Cc: questions@FreeBSD.ORG, Jan Pfeifer <janpf@iname.com>, Subject: Re: allow users to mount CD Message-ID: <14744.17400.379491.342117@guru.mired.org> In-Reply-To: <Pine.LNX.4.10.10008141152440.3835-100000@mail.telestream.com> References: <14744.15737.680866.512393@guru.mired.org> <Pine.LNX.4.10.10008141152440.3835-100000@mail.telestream.com>
next in thread | previous in thread | raw e-mail | index | archive | help
keith@mail.telestream.com writes: > I recently <friday> just got amd to mount the cd localy. It's pretty neat > stuff. Also mounting remote SGI<5 minutes ago>, FreeBSD and Linux > machines. Working on the solaris machine now. I'd recomend anyone mounting > even the local cd via amd. > True there are a few things running that probably are over kill > for the job but it's a great way to do it if you want to have both > restriced and super user privies on it. You could have a amd.cdrom > config file for the users and one for superuser. I don't know if both > could be active in the amd.conf file at the same time but you could surely > point two different configs for the cdrom at different locations and give > each one different access. If you've got amd set up and running anyway, then using it for this makes some sense. If you need the things you can get with a super-user mount, that makes even more sense (sort of like using ppp -auto). How does it deal with dismounts? Last time I looked at amd, all that really happened was a timeout. That might be a problem in this case. If you get all this working nicely, a web page detailing how would probably be worthwhile. <mike > ================================= > Keith W. > At the helm <for better or worse> > > My non work related site > www.cydonia.net > ================================= > > > On Mon, 14 Aug 2000, Mike Meyer wrote: > > > keith@mail.telestream.com writes: > > > I'm a TOTAL nfs/amd newbie but wouldn't it also be possible to setup amd > > > to mount the cd with the proper perms on it, having nfs/amd basicaly do > > > the perms according to what's in your /etc/exports file? > > > > Well, if you wanted to mount the cdrom via NFS from your local host, > > you could certainly do that. You might even be able to convince amd to > > mount the thing locally (I've been avoiding amd for the last 8 > > years). If there was something like Linux's autofs available, that > > would have a similar effect. > > > > But that's an awful lot of mechanism for what's essentially a simple > > problem. Basically, the reason users can't mount cdroms is security > > features; just setting those to a less secure mode solves the problem. > > > > <mike > > > > > ================================= > > > Keith W. > > > At the helm <for better or worse> > > > > > > My non work related site > > > www.cydonia.net > > > ================================= > > > > > > > > > On Mon, 14 Aug 2000, Mike Meyer wrote: > > > > > > > Jan Pfeifer writes: > > > > > How do I let users mount a CD, or any other mount point ? > > > > > > > > This question was answered just last week. Basically, you add > > > > "vfs.usermount=1" to /etc/sysctl.conf (creating it if you need to), > > > > chmod the cd devices to mode 660, put the users you want to be able to > > > > mount things in group operator (which owns the CD devices by default; > > > > fix that or use the group that owns them instead if this isn't the > > > > case), then reboot the system. > > > > > > > > Users in group operator can then mount cds on directories *they* own. > > > > > > > > > ps2.: I wanted to avoid to make a suid script to do this ... > > > > > > > > Suid scripts are a very bad idea, so that's a good thing to avoid. If > > > > the above doesn't work, make it a C program instead of a script. > > > > > > > > <mike > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14744.17400.379491.342117>