1 |
On Wed, Sep 12, 2012 at 09:03:50AM +0100, Neil Bothwick wrote |
2 |
|
3 |
> I don't understand, why are you using sudo to run pmount when its core |
4 |
> purpose is to be run by normal users? |
5 |
> |
6 |
> % whatis pmount |
7 |
> pmount (1) - mount arbitrary hotpluggable devices as normal user |
8 |
|
9 |
A normal user can pumount *WHAT THAT SAME USER* has pmounted. Now try |
10 |
for a general solution. If you're the only user on the system, it's |
11 |
probably safe to keep an open xterm logged in to root. The problem is |
12 |
that inserting a USB device sets off a kernel event, that is passed to |
13 |
mdev, which looks for a script name in /etc/mdev.conf. If a script is |
14 |
found that matches the device spec (i.e. sd[a-z].*), e.g. my automount |
15 |
script, then the script is launched *AS ROOT*. Given that root has |
16 |
mounted the device, only root can unmount it. E.g. when root pmounts a |
17 |
device and normal user tries to pumount it, I get... |
18 |
|
19 |
waltdnes@d531 ~ $ pumount sdb1 |
20 |
Error: device /dev/sdb1 was not mounted by you |
21 |
|
22 |
Note also that the automount script has to first create a directory in |
23 |
/media, before mounting it. Since /media is drwxr-xr-x the directory |
24 |
has to be created by root, or else I have to open up /media to writing |
25 |
and directory creation by all users. The most secure approach is to |
26 |
have the system do things as root without user intervention, as much as |
27 |
possible. |
28 |
|
29 |
-- |
30 |
Walter Dnes <waltdnes@××××××××.org> |
31 |
I don't run "desktop environments"; I run useful applications |