• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 302
  • Last Modified:

Mount for every user ?

Hello,

my fstab:

/dev/hdd1        /mnt/share       ext3        rw,users,exec     0   0

but if i mount it as root, a normaly user cant write to that disk.

what is wrong with that ?
0
wtf123
Asked:
wtf123
  • 2
1 Solution
 
majorwooCommented:
well what is happening is that if root mounts it, it's root's disk.  You want to mount it giving ownership to a group/user with something like this and use umask to make it writable by the group (obviously you need to set your own uid and gid values in here... (/etc/passwd will have them):


/dev/hdd1 /mnt/share ext3 rw,users,exec,uid=507,gid=1111,umask=002 0 0\

although what i am going to paste below targets FAT the same umask and ownership ideas apply(I would just link you, but i have yet to fix my site to not inclue frames, so i cant yet):

FAT Permissions

FAT (File Allocation Table) filesystems, such as Windows or DOS, do not understand permissions. Everything is world readable, world writeable and world executable. This is fairly tolerable on a single-user system. It can lead to accidental damage to important system files, but is generally not a crippling problem. Trouble arises when you mount those partitions on a multi-user system. It really becomes a worry when anonymous connections are allowed to that system.

You can kludge around this limitation somewhat. When mounting a dos partition, you can use the mount options for uid, gid and umask to give user ownership, group ownership and rwx permissions on a partition-wide level. Some examples will illustrate this better.

Suppose you have a group 'dos' with gid of 66 in your /etc/group file. These are people you trust with full use of dos on your system. They're competent, careful, understand the risks and are not likely to rewrite command.com or the registry.

A line in /etc/fstab:

/dev/hda1 /mnt/fat vfat defaults,gid=66 1 2

This gives group ownership to the dos group. But it doesn't provide protection from 'others' doing weird things to the directory.

change the line to:

/dev/hda1 /mnt/fat vfat defaults,gid=66,umask=002 1 2

This not only gives ownership to the dos group, but it takes away write privileges from others. Think of the 'umask=' option as a way to _mask out_ the permissions you don't want. In this case we are not masking out any permissions for 'user' or 'group', only for 'others'. User and group masks are 0. The '2' masks the permission in the 2's place for the octal representation of 'rwx'.

Permission              umask (bitmask of permissions NOT present)
bin oct char             bin oct
000  0  -r,-w,-x         111  7
001  1  -r,-w,+x         110  6
010  2  -r,+w,-x         101  5
011  3  -r,+w,+x         100  4
100  4  +r,-w,-x         011  3
101  5  +r,-w,+x         010  2
110  6  +r,+w,-x         001  1
111  7  +r,+w,+x         000  0

You use one of the oct digits to represent the permissions of each of 'user', 'group', 'others'.

So, a umask of 000 means the same as chmod 777, which gives everybody all permissions. A umask of 007 is the same as chmod 770, which gives user and group all permissions and gives others no permissions. A common permission set you will see is chmod 755, which gives the user all permissions, the group and others get read and execute (+r-w+x) permissions. The umask for this is 022. Another common set is chmod 644, user=+r+w-x, group=+r-w-x, others=+r-w-x. This is umask=133.

Just remember that you are dealing with the entire fat or vfat partition. Everything on that mounted partition will be treated as if it had the permissions given by the umask. I don't think a umask=777 would be very useful. :)

0
 
majorwooCommented:
so what part didn't you like?
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now