/etc/fstab Lacks Mount Point For Floppy
Michal Jaegermann
michal at harddata.com
Mon Oct 18 17:51:39 UTC 2004
On Mon, Oct 18, 2004 at 09:37:15AM -0400, Jeff Spaleta wrote:
> On Sun, 17 Oct 2004 22:46:44 -0600, Michal Jaegermann
> <michal at harddata.com> wrote:
> > Owners should be able to configure their systems any way they please;
> > only consequences of doing this or that should be clear.
>
> Would you be satified if there were some way to test the local defined
> configurations without having to plugin in a device?
Testing tools are always nice, especially if a configuration system
is complicated and ramifications of various options not always
clear. Although in the case in question I would rather see
tight defaults and "obvious" methods of configuring that in some
other ways.
> A way to ask
> fstab-sync to report the fstab entry it would create?
In this particular case 'cat' should be good enough for a "testing
tool".
> This confuses me... you're saying that the fstab entry for the
> device has "exec" but after you mount the device the mount command
> is saying its mounted as "noexec"?
See! I am not the only one confused here. :-) Yes, this is
exactly what I am seeing. Options on fstab-sync created entries
are
exec,pamconsole,noauto,managed
but if I will put a floppy in a (USB at the moment) drive then
mount says
ro,noexec,nosuid,nodev
"ro" is right as this floppy is write protected. Maybe other stuff
shows up because this is a VFAT floppy? Most likely, thinking a bit
more about it. Although exactly the same mount options are reported
also for a "magically mounted" CD.
Regardless, I would think that at least 'nodev,nosuid' should be a
default in fstab-sync generated entries for removable media
regardless of a file system. That means in /etc/fstab explicitely
nosuid,nodev,pamconsole,noauto,managed
Maybe 'noexec' as well. If somebody would want to relax these
defaults in a particular situation then they should be able to do
that without going through particular hoops. I think that David
explained, at least on this list, :-) how to do that (if something
else is not monkeying quietly with mount options).
> Or are you seeing an selinux interaction here?
I have selinux in this moment turned off. I want to avoid muddying
the picture.
Michal
More information about the fedora-test-list
mailing list