| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 41315 | 2004-01-07 00:29:00 | Autmounting or usermounting cd-rom's | Chilling_Silently (228) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 205786 | 2004-01-09 07:41:00 | -rwsrwsrwx 1 family root 79832 Jan 4 13:51 mount The mount is a background red with grey text though when I type ls -l? With one user (Ive made my own for easier ssh access, I always forget -l username) for myself, and the other is the familys. One says: mount: only root can do that User family says: mount: must be superuser to use mount Any more ideas? Thanks Chill. |
Chilling_Silently (228) | ||
| 205787 | 2004-01-09 08:48:00 | A couple of random things to try: What are the permissions & ownership of whatever /dev/cdrom points to? Is /etc/mtab a file or a symlink to /proc/mounts? Try changing the /etc/fstab line from "user" to "users". |
bmason (508) | ||
| 205788 | 2004-01-09 08:58:00 | You have the ownership of mount wrong, it should be owned by root rather than family. The colour change in ls is a warning, using SUID on mount is bad for security. BTW, Why not just use a desktop distro? |
bmason (508) | ||
| 205789 | 2004-01-09 09:35:00 | > BTW, Why not just use a desktop distro? What fun would that be :D Im thinking Fedora if this doesnt work.... I'll ssh into them in the morning coz they've turned the box off for the night. Cheers Chill. |
Chilling_Silently (228) | ||
| 205790 | 2004-01-10 01:37:00 | That has been the problem all the time . . . mount has to be owned by root . If it's not it doesn't work . If it's owned by a user, it's never going to work and suid can't help . I think 'user" is correct in the fstab options . I know suid is a security "problem" . It depends . Many security problems are theoretical . You let me sit in front of your box and all the security in the world won't stop me from being root on your system . :D I do agree about packaged systems . I've done a few installations with Slackware --- that's great for boxes which do one job, but for a desktop, RH is easier . Usually, CS, you should never have to change the ownership on devices . You never, ever change the ownership of system supplied commands in /bin, /sbin, /usr/bin, usr/sbin . Almost always new applications installed by RPM or other packages or by a "make install" will have the correct ownership and protections . If they don't work, there is something wrong . Something you have done . ;-) I sometimes suid to do mount as user or something similar : it isn't a security problem --- its a convenience . I don't like that magic mounting . . . it doesn't match the way I work . For those who have used only GUIs it would probably be perfectly OK . |
Graham L (2) | ||
| 205791 | 2004-01-10 01:52:00 | > That has been the problem all the time ... mount has > to be owned by root. If it's not it doesn't > work. If it's owned by a user, it's never going to > work and suid can't help. I think 'user" is correct > in the fstab options. That would be because I mucked around with the mount permissions before I really knew what I was doing :p user will allow only the user that mounted the file-system to unmount it, users will allow any user to unmount a file-system mounted by another user. > I know suid is a security "problem". It depends. > Many security problems are theoretical. You let me > sit in front of your box and all the security in the > world won't stop me from being root on your system. > :D Its a buautiful thing aint it ;-) > I do agree about packaged systems. I've done a few > installations with Slackware --- that's great for > boxes which do one job, but for a desktop, RH is > easier. Yeah, although what I really found annoying was dependancies galore. That's what I love about Gentoo, its all taken care of. Im hoping they'll work on more binary packages to make it easier to install, compiling a whole desktop takes a LONG time on a 1Ghz or less.... > Usually, CS, you should never have to change > the ownership on devices. You never, > ever change the ownership of system supplied > commands in /bin, /sbin, /usr/bin, usr/sbin. Almost > always new applications installed by RPM or > other packages or by a "make install" will have the > correct ownership and protections. If they don't > work, there is something wrong. Something you have > done. ;-) I sometimes suid to do mount as > user or something similar : it isn't a security > problem --- its a convenience. Ahh.... :-) > I don't like that magic mounting ... it doesn't match > the way I work. For those who have used only GUIs it > would probably be perfectly OK. Yeah, and its not my cup of tea either. Coming from a Windows background though, the rest of my family is somewhat un-easy about typing: sudo mount /cdrom to mount the cdrom ;-) I have a younger 9 year old brother however who thinks he's the smartest ever now he can mount CD's from the command line... Loves it :D I'll be home from the LAN later today and I'll give it a shot. Many thanks Chill. |
Chilling_Silently (228) | ||
| 205792 | 2004-01-10 05:08:00 | Okay, Ive chown'd root /dev/cdrom and /dev/cdroms/cdrom0 I then found that cdrom0 was a symlink too, to: /dev/ide/host0/bus1/target0/lun0/cd I ran ls -l on that folder and got: family@Apollo lun0 $ ls -l total 0 brw------- 1 family cdrom 22, 0 Jan 1 1970 cd What does that mean? Should it be changed? Many thanks Chill. |
Chilling_Silently (228) | ||
| 205793 | 2004-01-10 05:10:00 | I forgot to mention that this is now the permissions for /bin/mount: -rwxrwxrwx 1 root root 79832 Jan 4 13:51 mount Anything I should be doing now? Its still broken :-( Chill. |
Chilling_Silently (228) | ||
| 205794 | 2004-01-11 01:48:00 | That hasn't been suided. If the users can use mount, they can mount anywhere. As far as the nodes in /dev go ... I don't think they should be owned by any users. How did you generate them ...? But leave them alone ... fior the moment ... I'm not sure I understand the new device node structure. If you can mount the node /dev/cdrom to the directory /cdrom it will all work. If that /cdrom has the same ownership and protection as the other "public" top level directories (such as /bin) it should all work. The complaints the sytem give you are because the mount programme checks that it is being run by "uid 0" (root). There are two ways to do this ... be root, or have the programme suided and owned by root. |
Graham L (2) | ||
| 205795 | 2004-01-11 09:44:00 | Here's MY PC's /bin/mount permissions: -rws--x--x 1 root root 94872 Dec 11 10:02 mount Will do a little googl'ing into suid'ing Thanks for your help Chill. |
Chilling_Silently (228) | ||
| 1 2 3 | |||||