mounting filesytem for homedir

Erik Slagter erik at slagter.name
Fri May 23 13:02:58 UTC 2008 

Roger Heflin wrote:
> Guillaume wrote:

>> i try to mount EXT3 partition in the /home/username directory but i'm
>> hae some issue with ACL.
>> here is the process i use to reach this goal:
>>  * create the user
>>  * check the ACLs on this directory ( /home/user 770 user:user)
>>  * check the group on the special file ( /dev/sda1 root:user)
>>  * mount the filesystem (fsttab => /dev/sda1 /home/backup ext3
>> iocharset=utf8,group,noatime )
>>  ->> fail... only user root can do this.
>>  * if i mount the filesystem with the superuser ACL on the directory
>> /home/user change and look like this : (/home/user 775 root:root)
>>    this is not good and i would like to have 770 user:user

  > You need to make sure that /home/user has the correct permission on it
> before
> you mount the disk, and then after you mount the disk you need to again 
> make
> sure the correct permission is on /home/user.
> 
> If you have user:user on /home/user before the mount, but not on /home/user
> after the mount (actually on "." on the filesystem on the disk part) 
> then the most  restrictive of the two permissions will be used.  If 
> either permission is wrong, there will be problems.   It is not 
> typically a problem with directories like home since /home is owned by 
> root, but is a problem when a user owns the entire partition filesystem.

Bzzzzt.

The mode of the directory the filesystem is going to be mounted on 
doesn't have any impact on the mode/rights of the mounted filesystem, 
including the "root" of the mounted file system.

You should see it as a filesystem that is overlayed on the directory 
you're mounting on (e.g. /home/user). At the moment the filesystem is 
mounted on /home/user, the original /home/user directory becomes 
completely invisible and unreachable. Every reference to /home/user/* 
including /home/user itself is redirected to the mounted filesystem.

So... if I understand the OP correctly, he wants to change the file mode 
on the "root" of the mounted filesystem, not the "mount"-directory in 
the root file system. There is only one way to achieve that: mount the 
filesystem and then change the directory's mode (and owner etc.). You 
probably have to do this as root, as it's very probable that your 
"normal" user doesn't have the proper rights.

Maybe it helps if I give an example, this is the way I do it: I have an 
ext3 filesystem on /dev/sdd2 and a directory /var/backup that is used as 
the mount point. The directory /var/backup is owned by root and has file 
mode 000 (d---------). You can safely do this and I even recommend it, 
as it prevents any access to this directory when the filesystem is not 
mounted (for whatever reason). As soon as I mount /dev/sdd2 on 
/var/backup, the owner of this directory becomes bacula and the file 
mode becomes 775 (drwxrwxr-x) because that is how it's stored in the 
file system on /dev/sdd2. After unmounting, this becomes 000/root again.

If you want to be able to mount the file system as non-root you either 
need to:
  - use automount or
  - specify the "user" option in fstab (as root) (you cannot do this 
from the command line for security purposes), but please note that now 
anybody can mount the filesystem (although with a bit limited 
functionality, no dev/no suid/no exec).

I hope this helps...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3328 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20080523/29679ffc/attachment-0001.bin>

More information about the fedora-list mailing list