Allowing users other than root to MOUNT devices

badger_fruit · December 28, 2009, 4:10pm

Happy holidays everyone.
I wonder if someone can help me, I have a non-super user on my box which I’d like to give it MOUNT and UMOUNT permissions but I don’t know how.

For example purposes, the user name is “USER”.
I don’t want to make it into a SuperUser, just give it rights to be able to issue the MOUNT and UMOUNT commands at the terminal.

Thanks for reading and any replies!
Rich

ab · December 28, 2009, 4:28pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You can do this with the sudo command. Run the following for the basic info:

man sudo
man sudoers

Basically you add an entry into /etc/sudoers to allow someuser to run the
/bin/mount and /bin/umount commands as root. Once done they can do
anything with the mount command as ‘root’ (including unounting things you
may like left alone) so be careful.

Searching for ‘sudoers example mount’ (without quotes) using Google turned
up some good stuff too.

Good luck.

badger fruit wrote:
> Happy holidays everyone.
> I wonder if someone can help me, I have a non-super user on my box
> which I’d like to give it MOUNT and UMOUNT permissions but I don’t know
> how.
>
> For example purposes, the user name is “USER”.
> I don’t want to make it into a SuperUser, just give it rights to be
> able to issue the MOUNT and UMOUNT commands at the terminal.
>
> Thanks for reading and any replies!
> Rich
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLOM5/AAoJEF+XTK08PnB5YgAP/1VHX8jkCwEbqSi59zCNXxss
sNn+gNm1JVH8kYsaKtNdvLIdMvzHx5IciPmM+Kk6hKK5G/0sayxrGsh5dF8YwFJT
ZXMUo0mSrhrpnWFmnI0lSUFrPdcEmbEnJFyVAiimME/2cOvpexLGgEhwj9sJCUBl
Edf/3/o8SCxt1tXBDiBLLCuATXfdAI8kbjSI+wgVMeWOKsqUZMmvrEJVy95ekoHn
EYHCyryd5ZedLgr/8FPUxQQAyjGHjOSrEwmX2iHVmrZNxHdCxnEaOQIqWse7R12B
QfS65K8zKAAxl3Jcts2J7uAlmHSSsukas96lPe0ohDJ86zlD13NQIl12ewfSvlde
kyovX1O0XUPyq0QG2jGDcemrq45EGNtZgc7nOycaJ9d4gQTDMmuD8bhkR002lzEn
KxsKztYP3yFSBebSv4Lumt75nEMZqyIUISTQhhidliKin8LKZq2TEEzqGi8MRWoj
GSyAqrCm5axe8EbUkkUflyE5lja41ACmAr7OsCQU27la25dJTGg64MpxMFn/EGfo
IP1Vbnnt9Zq6bBXipUbOIFyNdgLvqOCIRlzF6gYm2y7DqMiJEAaL2DAD0akZmd5Z
jyL2vSzAaQkO8TnxD7N8ry4PTPkqwdOhIQcJJZNKBeZl2CJtV4HntrU7OBpLAmkr
pwESGcnAHqdQk86ku6dM
=AmbN
-----END PGP SIGNATURE-----

microchip8 · December 28, 2009, 4:49pm

In addition to what ab said, you can also add the ‘user’ option to the partition in /etc/fstab. This will allow a regular user to mount/unmount that partition, though it will allow any regular user to mount it so if you only look into restricting the mount stuff to only one specific user, then ab’s solution will be preferable.

There are two user-mount options for mounting; user and users

The first allows regular users to mount the parition and only the user who mounted it, will be able to unmount it again, ie if another regular user tries to unmount it, he won’t succeed

The second option (users) allows any regular user to mount and unmount the partition, ie if user ‘a’ mounts the partition, then user ‘b’ is allowed to unmount it… something not possible/allowed with the first ‘user’ option

ab · December 28, 2009, 5:04pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Also that is limited to mounts explicitly defined in /etc/fstab, I believe
(correct me if I’m wrong). If you wanted to mount an ISO for the first
time today there would be no way unless you had a way to modify /etc/fstab
for every ISO ever mounted.

Good luck.

microchip8 wrote:
> In addition to what ab said, you can also add the ‘user’ option to the
> partition in /etc/fstab. This will allow a regular user to mount/unmount
> that partition, though it will allow any regular user to mount it so if
> you only look into restricting the mount stuff to only one specific
> user, then ab’s solution will be preferable.
>
> There are two user-mount options for mounting; user and users
>
> The first allows regular users to mount the parition and only the user
> who mounted it, will be able to unmount it again, ie if another regular
> user tries to unmount it, he won’t succeed
>
> The second option (users) allows any regular user to mount and
> unmount the partition, ie if user ‘a’ mounts the partition, then user
> ‘b’ is allowed to unmount it… something not possible/allowed with the
> first ‘user’ option
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLONb3AAoJEF+XTK08PnB5g5YQAJUfoisZBKf7nCuMffwrYpjS
CLSmc9W3srIgI/+arSn3W9Xn+a2Z/2KVUXh9S2AlgAjDxdG/lcOA2YxOR2dw2eLc
bFqtAlmZtuP15H9qL/Xfud+S0MYuMnK/ScjUXrj+1ZYC2ZNLkHrm3uIqE11asTmH
RCkfGYLPnexdNBsJLOR16QGqR3dQhKwDqbPskc2JJP68ZKJk2LIYHiN+CWlQ5eZR
jMffAJXbNKdEWo9qDtwDsHX9GUvwyb/jCAxRCxIeBhzlRSXPWmSN4/c2fHkhCzZW
EKjHcFP0kN5CYo+y14kLVBHbG/UJfyxsB3mGsR5B8LWzbDIdR4YnSAmhFPW+4MwH
duRfG0we5naAXU39Ig3P33afj7TeLflIPpkeyxens1Eja7Bk9BxAvW/sbYGZ5tDt
1dypfWym+FXa8cTW+P0LafLeZ7dOIy9xyfqXKYhkh0oA+ep/kMu4TXso74RmRgb6
WpS4u0gyzEm7UzCH0jq+t1HRK2g2eWq8NouBzIv4H+Evrk0m2K703SnKObUl8ZpS
uhXqy1dUI6BdxcrJEAMW+wUm77Inz5Umta1y/J9DsIipDUzT4khhZvC97IibSupY
ecBn20icbodvkJrfQePq/H2cEAPeQ8R/OD/ZQ1P8VHTUGFZ52QjB7q5ApEgebj4Y
NVIdu2/hya29QqnTFTve
=FIaF
-----END PGP SIGNATURE-----

microchip8 · December 28, 2009, 5:26pm

yeah, for ISOs you’d need to be root to mount them on a loop device or add entries to fstab

ab · December 28, 2009, 5:50pm

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Another option may be to have one mountpoint defined and allowed for users
and have the “file” be a symlink which the user can control themselves…
for example, /home/username/someiso which points to
/home/username/whatever0 or /home/username/whatever1. With that done the
user could then unmount, point the symlink to a new ISO file, then mount
again. Otherwise use sudo or explicitly define the mountpoints as you
mentioned.

Good luck.

microchip8 wrote:
> ab@novell.com;2094607 Wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Also that is limited to mounts explicitly defined in /etc/fstab, I
>> believe
>> (correct me if I’m wrong). If you wanted to mount an ISO for the first
>> time today there would be no way unless you had a way to modify
>> /etc/fstab
>> for every ISO ever mounted.
>>
>> Good luck.
>>
>
> yeah, for ISOs you’d need to be root to mount them on a loop device or
> add entries to fstab
>
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJLOOHnAAoJEF+XTK08PnB5i/0P/RNSL9j7YpENlnd611h7zptV
cqNVLNqMLYs5l/B/wlbjOXBm6CcNiRSGY7HcLOp1ha3HR/baUi8SdWyTWucXgFJT
WCbCgtKQdseoIcLQNwp0akIBBY1dTigWF5jAvvoSBEIrynJ0Ja6La8IXGuytJgeS
kCdn7RikS83/YYKOIPlgWN+Lyjbile2zX7xCVM9tz+Wyku3KxKZBwdL8NMCwzwx1
0wmHHVuiLXs7OE9N3bSmy8/oGmSbTLx2zU8sYlMKCmG8o0g/mA62rXXCudstAB/U
RJfk2TTkUn4WPr9Xuap7lZiu68QA4TNFFjY4XxIiBGt/e5SGBiE/NwILk3CoQPei
Tx3TWXHj8oBxyVdVUnnx0CNnCdh6iGBV/vVDdAL0VNWM9P9sQaTPEZ6ZYm+N6M9n
GUiOf2Jqk18X83301eE0lE3l31BjnPM5OGJCJXf8H9bvWdRk5z/JZNvm3lSeKlvb
DjsHa0vm7TX4ooC1Pqg4jaCk2pW8fAz9BfXj9XC0OaDLvd+yQUfb/hhWa1r98UrV
m8ly6jcEBv5pAbXEoBF+2AAcBwvX0iypvJi5Ha/3fYa51Hr3RsSKVShodCwTTMb4
AQyZ+tP+EKDVzXsNPK/uKA/5R2ApPVpqUJnGZbVYCKbugiFpmmsThuQJABCvV1BM
ezFVzq8fjlXzPNtho2cV
=dPlZ
-----END PGP SIGNATURE-----

mingus725 · December 28, 2009, 11:13pm

If you wish to use the sudo solution, easiest to use the YaST Sudo module. The sudoers file has specific syntax and formatting requirements. There is a command line program which enforces this notation, but YaST is friendlier. Remember to use the fully-qualified program filename (/bin/mount and /bin/umount).