writeprotection of unmounted mountpoints automaitcally - possible??

Alexander Raab alexander.raab at chello.at
Mon Jan 17 21:37:48 UTC 2005 

Jeff Vian wrote:

>On Sun, 2005-01-16 at 14:40 +0100, Alexander Raab wrote:
>  
>
>>Jonathan Berry wrote:
>>
>>    
>>
>>>On Fri, 14 Jan 2005 09:30:29 +0100, Alexander Raab
>>><alexander.raab at chello.at> wrote:
>>> 
>>>
>>>      
>>>
>>>>Hi, all.
>>>>Is there a possibility to set the permissons of ummounted mountpoints to
>>>>writeprotected?
>>>>I am coping files very often without checking if a usb-drive is really
>>>>mounted.
>>>>
>>>>Alex
>>>>   
>>>>
>>>>        
>>>>
>>>I think this would be possible, but only if what you are mounting is,
>>>say, formatted with FAT or FAT32.  I know the permissions for those
>>>FSs are set when the device is mounted with options in fstab.  You
>>>should be able to "chmod -w" the mount point (device is not mounted),
>>>which should prevent writing.  Then when the device is mounted, the
>>>options should change the permissions.  You can always try it and see
>>>what happens.
>>>I know if the device is formatted with ext3 then you simply
>>>chmod/chown the directory after the device is mounted to change the
>>>permissions on the device.  I don't recall whether these permissions
>>>are seperate from those of the directory when nothing is mounted
>>>there.  Again, I'd suggest just trying it and seeing what happens. 
>>>You can always change it if it doesn't work.
>>>
>>>Jonathan
>>>
>>> 
>>>
>>>      
>>>
>>Hi,
>>nice idea, but change the permissions didn't help.
>>I have made a chmod -rwx and d--------- looks good, but it didn't help.
>>No permissions, but I still can write there.
>>Alex
>>
>>    
>>
>You have 2 different aspects here. Filesystem vs mounted device.
>
>Changing the mount point (filesystem) options does not affect the mount
>options.  To have a partition mounted as read only, add the option "ro"
>to the options column in /etc/fstab for that device.
>
>Note: root can still write to the raw device, but it should prevent
>writing to the filesystem when mounted.
>
>As previously noted, root can write to a mount point/filesystem
>regardless of its permissions.  The mount point is a directory on the
>filesystem -- regardless of whether it has a device mounted there or
>not.
>
>To prevent writing to a directory that belongs to an unmounted device
>you can handle that with several factors.
>
>1.  Make the mount point owned by root, and writable only by root.  (The
>system uses permissions 755 for most.)
>2.  Work as a normal user the 99+ percent of the time you do not need
>root privileges. (This prevents the regular user from writing to any
>location that is restricted to root modification.)
>3.  Make the mount point options include "rw,users,UID=XXX,GIC=XXX"
>where XXX is your regular users UID and GID respectively.
>
>Now when mounted the (fat or fat32) filesystem there (your USB stick)
>will be usable by the regular user, but the directory will not be
>writable by the same user when unmounted.
>
>
>  
>
Hi,
Yes, I am running this as root. It's an automatical-backup. Sometimes I 
need the disk at an other place. So the backup runs into the directory 
not at the disk.

Alex

More information about the fedora-list mailing list