/etc/fstab Lacks Mount Point For Floppy

Michal Jaegermann michal at harddata.com
Mon Oct 18 17:51:39 UTC 2004


On Mon, Oct 18, 2004 at 09:37:15AM -0400, Jeff Spaleta wrote:
> On Sun, 17 Oct 2004 22:46:44 -0600, Michal Jaegermann
> <michal at harddata.com> wrote:
> > Owners should be able to configure their systems any way they please;
> > only consequences of doing this or that should be clear.
> 
> Would you be satified if there were some way to test the local defined
> configurations without having to plugin in a device?

Testing tools are always nice, especially if a configuration system
is complicated and ramifications of various options not always
clear.  Although in the case in question I would rather see
tight defaults and "obvious" methods of configuring that in some
other ways.

> A way to ask
> fstab-sync to report the fstab entry it would create?

In this particular case 'cat' should be good enough for a "testing
tool".

> This confuses me... you're saying that the fstab entry for the
> device has "exec" but after you mount the device the mount command
> is saying its mounted as "noexec"?

See!  I am not the only one confused here. :-)  Yes, this is
exactly what I am seeing.  Options on fstab-sync created entries
are
        exec,pamconsole,noauto,managed

but if I will put a floppy in a (USB at the moment) drive then
mount says

       ro,noexec,nosuid,nodev

"ro" is right as this floppy is write protected.  Maybe other stuff
shows up because this is a VFAT floppy?  Most likely, thinking a bit
more about it.  Although exactly the same mount options are reported
also for a "magically mounted" CD.

Regardless, I would think that at least 'nodev,nosuid' should be a
default in fstab-sync generated entries for removable media
regardless of a file system.  That means in /etc/fstab explicitely

        nosuid,nodev,pamconsole,noauto,managed

Maybe 'noexec' as well.  If somebody would want to relax these
defaults in a particular situation then they should be able to do
that without going through particular hoops.  I think that David
explained, at least on this list, :-) how to do that (if something
else is not monkeying quietly with mount options).

> Or are you seeing an selinux interaction here?

I have selinux in this moment turned off.  I want to avoid muddying
the picture.

   Michal




More information about the fedora-test-list mailing list