How to make mount command mount partions as user not only as root ? - Hardware

This is a discussion on How to make mount command mount partions as user not only as root ? - Hardware ; hello I'd be grateful if you'd explain me howto get mount command to mount partions as user not only as root (w/o fstab) I try to mount /dev/hda4 (vfat) partion I gave rwx to /dev/hda4 I gave rwx to /mnt/hda4 ...

+ Reply to Thread
Results 1 to 12 of 12

Thread: How to make mount command mount partions as user not only as root ?

  1. How to make mount command mount partions as user not only as root ?

    hello
    I'd be grateful if you'd explain me howto get mount
    command to mount partions as user not only as root (w/o fstab)

    I try to mount /dev/hda4 (vfat) partion
    I gave rwx to /dev/hda4
    I gave rwx to /mnt/hda4

    I gave +s to /bin/mount

    I do : mount -t vfat /dev/hda4 /mnt/hda4


    No way, I always get 'Only root can do that'

    What is the way to do it?

    Thanks



  2. Re: How to make mount command mount partions as user not only as root ?

    =SERGE= staggered into the Black Sun and said:
    > I'd be grateful if you'd explain [to] me [how to] get [the] mount
    > command to mount partions as user not only as root (w/o fstab)


    Wait. What do you mean "without fstab"? The whole *point* of the
    "user" and "users" keywords in fstab is to allow users to mount and
    umount certain filesystems. They invented a good way to do this many
    years ago. Use that way, or post a good explanation of why it won't
    work for you.

    > mount -t vfat /dev/hda4 /mnt/hda4
    > 'Only root can do that'


    Only root is allowed to pass parameters to mount. Non-root users can do
    "mount $DEVICE" or "mount $MOUNT_POINT", that's all. If a user could
    override fstab-supplied parameters, that user could mount a removable
    medium that had writable device nodes or arbitrary SUID-root programs on
    it. This is a huge security hole, so users are not allowed to pass
    parameters.

    --
    There is not enough coffee in the world.
    --TimC in ASR
    My blog and resume: http://crow202.dyndns.org:8080/wordpress/
    Matt G|There is no Darkness in Eternity/But only Light too dim for us to see

  3. Re: How to make mount command mount partions as user not only as root ?

    =SERGE= wrote:

    > hello
    > I'd be grateful if you'd explain me howto get mount
    > command to mount partions as user not only as root (w/o fstab)
    >
    > I try to mount /dev/hda4 (vfat) partion
    > I gave rwx to /dev/hda4
    > I gave rwx to /mnt/hda4


    That's irrelevant.

    > I gave +s to /bin/mount
    >
    > I do : mount -t vfat /dev/hda4 /mnt/hda4
    >
    >
    > No way, I always get 'Only root can do that'
    >
    > What is the way to do it?


    The only way I can think of is to edit */etc/fstab* and explicitly
    set /user/ or /users/ as a mount option.

    Like so...

    /dev/hda4 /mnt/hda4 vfat defaults,users 0 0

    (Substitute /defaults/ for whatever mount options you have for it.)

    --
    *Aragorn*
    (registered GNU/Linux user #223157)

  4. Re: How to make mount command mount partions as user not only as root ?

    w/o fstab
    I mean a disk/partition which is not mentioned in fstab file
    For example there was some free space on disk I made a partion and would
    like to be able to mount it in linux tree with mount command w/o putting
    anything in fstab


    "Dances With Crows" wrote in message
    news:slrng2m4h5.o70.danceswithcrows@crow202.dyndns .org...
    > =SERGE= staggered into the Black Sun and said:
    >> I'd be grateful if you'd explain [to] me [how to] get [the] mount
    >> command to mount partions as user not only as root (w/o fstab)

    >
    > Wait. What do you mean "without fstab"? The whole *point* of the
    > "user" and "users" keywords in fstab is to allow users to mount and
    > umount certain filesystems. They invented a good way to do this many
    > years ago. Use that way, or post a good explanation of why it won't
    > work for you.
    >
    >> mount -t vfat /dev/hda4 /mnt/hda4
    >> 'Only root can do that'

    >
    > Only root is allowed to pass parameters to mount. Non-root users can do
    > "mount $DEVICE" or "mount $MOUNT_POINT", that's all. If a user could
    > override fstab-supplied parameters, that user could mount a removable
    > medium that had writable device nodes or arbitrary SUID-root programs on
    > it. This is a huge security hole, so users are not allowed to pass
    > parameters.
    >
    > --
    > There is not enough coffee in the world.
    > --TimC in ASR
    > My blog and resume: http://crow202.dyndns.org:8080/wordpress/
    > Matt G|There is no Darkness in Eternity/But only Light too dim for us to
    > see




  5. Re: How to make mount command mount partions as user not only as root ?

    =SERGE= wrote:

    > w/o fstab
    > I mean a disk/partition which is not mentioned in fstab file
    > For example there was some free space on disk I made a partion and would
    > like to be able to mount it in linux tree with mount command w/o putting
    > anything in fstab


    You can't. You can only mount it as root. If you need to be able to mount
    it as a regular user, then include an entry for it in */etc/fstab* and set
    it up with either /user/ or /users/ as a mount option.

    P.S.: Please don't top-post. Use interleaved replies instead, as you could
    see in our replies to you and as explained here...:

    http://en.wikipedia.org/wiki/Top-posting##Top-posting

    --
    *Aragorn*
    (registered GNU/Linux user #223157)

  6. Re: How to make mount command mount partions as user not only as root ?

    =SERGE= wrote:

    > What is the way to do it?


    man pmount:
    > NAME
    > pmount - mount arbitrary hotpluggable devices as normal
    > user
    >
    >
    > SYNOPSIS
    > pmount [ options ] device
    >
    > pmount [ options ] device label
    >
    > pmount --lock [ options ] device pid
    >
    > pmount --unlock [ options ] device pid
    >
    > pmount
    >
    >
    > DESCRIPTION
    > pmount ("policy mount") is a wrapper around the
    > standard mount program which permits normal users to
    > mount removable devices without a matching
    > /etc/fstab entry.


    If pmount is not installed on your system, it's in your
    distribution's package manager repository for sure.

    Wolfgang Draxinger
    --
    E-Mail address works, Jabber: hexarith@jabber.org, ICQ: 134682867


  7. Re: How to make mount command mount partions as user not only as root ?

    "=SERGE=" wrote:
    > I'd be grateful if you'd explain me howto get mount
    > command to mount partions as user not only as root (w/o fstab)


    If you for some reason do not want to edit fstab you can instead configure
    sudo to allow ordinary users run the mount command with root privileges.

    Use visudo to add a line something like this:

    myuser ALL=(ALL) NOPASSWD: /sbin/mount -t vfat /dev/hda4 /mnt/hda4

    Or, if you want the user to be able to fool around as he/she wishes with
    mount:

    myuser ALL=(ALL) NOPASSWD: /sbin/mount

    Before doing any of the above you should consider the damages a user could
    cause with mount.

    regards Henrik
    --
    The address in the header is only to prevent spam. My real address is:
    hc3(at)poolhem.se Examples of addresses which go to spammers:
    root@localhost postmaster@localhost


  8. Re: How to make mount command mount partions as user not only as root ?

    "=SERGE=" writes:

    > w/o fstab
    > I mean a disk/partition which is not mentioned in fstab file
    > For example there was some free space on disk I made a partion and would
    > like to be able to mount it in linux tree with mount command w/o putting
    > anything in fstab


    Why are you so opposed to editing fstab? You appear to have root
    access since you were able to create a partition and change
    permissions on files and directories that are in directories that
    normally belong to root; the idea here is just that you, as root, can
    give access to ordinary users by editing fstab. So do it.

  9. Re: How to make mount command mount partions as user not only as root ?

    Joe Pfeiffer wrote:

    > "=SERGE=" writes:
    >
    >> w/o fstab
    >> I mean a disk/partition which is not mentioned in fstab file
    >> For example there was some free space on disk I made a partion and would
    >> like to be able to mount it in linux tree with mount command w/o putting
    >> anything in fstab

    >
    > Why are you so opposed to editing fstab? You appear to have root
    > access since you were able to create a partition and change
    > permissions on files and directories that are in directories that
    > normally belong to root; the idea here is just that you, as root, can
    > give access to ordinary users by editing fstab. So do it.


    I am actually very tempted to assume that he does not have root access on
    that machine, and that certain things he describes as "having done" have
    actually been done by the real root user.

    Either way, if he had /su/ or /sudo/ rights, he could create a partition and
    mount it anyway, without having to edit */etc/fstab.* The fact that he
    hasn't thought of this solution yet leads me to believe that he's actually
    trying to crack a box. :-/

    --
    *Aragorn*
    (registered GNU/Linux user #223157)

  10. Re: How to make mount command mount partions as user not only as root ?

    hello

    Thak you for your replies

    well, i know that i can use fstab etc but Why cant' I pass params to mount
    command directly? Mount command reads what is written in fstab, does it not?
    Exacly in this way it should read the params i set should it not?

    I vaguely remember that there was a way of doing it... by changing chmod +s
    for mount

    Thanks you


    "Aragorn" wrote in message
    news:hHIWj.11400$_K5.222@newsfe16.ams2...
    > Joe Pfeiffer wrote:
    >
    >> "=SERGE=" writes:
    >>
    >>> w/o fstab
    >>> I mean a disk/partition which is not mentioned in fstab file
    >>> For example there was some free space on disk I made a partion and would
    >>> like to be able to mount it in linux tree with mount command w/o putting
    >>> anything in fstab

    >>
    >> Why are you so opposed to editing fstab? You appear to have root
    >> access since you were able to create a partition and change
    >> permissions on files and directories that are in directories that
    >> normally belong to root; the idea here is just that you, as root, can
    >> give access to ordinary users by editing fstab. So do it.

    >
    > I am actually very tempted to assume that he does not have root access on
    > that machine, and that certain things he describes as "having done" have
    > actually been done by the real root user.
    >
    > Either way, if he had /su/ or /sudo/ rights, he could create a partition
    > and
    > mount it anyway, without having to edit */etc/fstab.* The fact that he
    > hasn't thought of this solution yet leads me to believe that he's actually
    > trying to crack a box. :-/
    >
    > --
    > *Aragorn*
    > (registered GNU/Linux user #223157)




  11. Re: How to make mount command mount partions as user not only asroot ?

    On Thu, 15 May 2008, =SERGE= wrote:

    > hello
    >
    > Thak you for your replies
    >
    > well, i know that i can use fstab etc but Why cant' I pass params to mount
    > command directly? Mount command reads what is written in fstab, does it not?
    > Exacly in this way it should read the params i set should it not?
    >
    > I vaguely remember that there was a way of doing it... by changing chmod +s
    > for mount
    >

    Read the man page for mount:
    "Normally, only the superuser can mount file systems. However,
    when fstab contains the user option on a line, anybody can mount
    the corresponding system."

    The mount command is written in such a way that it's aware of who
    is running it, and will only allow full use of the options if it's
    run as root.

    But since users may need to mount things at times, that is allowed
    for, but only under controlled situations. Thus if fstab has
    been configured to allow it, it can happen. Since only root can
    edit fstab, the system administrator can control what the user
    can mount, and where it can be mounted.

    If anyone could run root any way they wish, then someone could
    copy /etc to something mountable, edit things to their liking,
    and then mount it over the existing /etc Whammo, they get control
    of the system.

    But mount doesn't allow that, so the user can only mount that copy
    of /etc to somewhere specified by the administrator in fstab.

    The permission of the mount point, and the permission of the partition
    or removeable device is a completely different matter.

    Michael


  12. Re: How to make mount command mount partions as user not only as root ?

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    In article ,
    =SERGE= wrote:

    > Why cant' I pass params to mount command directly?


    It can be done with a wrapper program:

    extern int execve(char *,char **,char **);
    extern int setuid(int);
    const char m[] = "/bin/mount";
    int
    main(int ac, char **av, char **ev)
    {
    av[0] = m;
    setuid(0);
    execve(m,av,ev);
    return 1;
    }

    Put these lines in file 'mymount.c'
    Compile with 'cc -o mymount mymount.c' (ignore warnings)
    Run 'su -c "install -so root -m 4550 mymount ${HOME}/bin/mount"'
    Make sure '${HOME}/bin' is the first directory in ${PATH}

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.7 (GNU/Linux)

    iD8DBQFIK+rC+Gl3NVTic0gRApJHAJ470epkN5zxsD7FwVVHBq qNs12lKQCgp5ca
    vrPODepYGzdemVyzxYO7vyM=
    =9BSt
    -----END PGP SIGNATURE-----

+ Reply to Thread