Where are default permissions and ownership for removable media in openSUSE 12.1 ?

English Hardware
#1

Short question:

Where are default permissions and ownership for removable media in openSUSE 12.1 ?

Long question:

Problem description:

  • A PHP script reads “/media” folder contents, searches for images and copies them. i.e. USB pendrives, DVD, CD.

  • The PHP script works fine in two different machines with openSUSE 11.3 (Laptop HP G62 and desktop processor Pentium D)

  • Desktop machine was upgraded to openSUSE 12.1 and script stopped working.

  • After analysis, I realized is a matter or permissions. openSUSE mounts removable media in “/media” and assigns ownership and permissions. But this works different for each one:

                                    Permissions                                           Ownership

OS Owner Group Everyone Owner Group
openSUSE 11.3 Read only Read only Read only myuser root
openSUSE 12.1 Read only Forbidden Forbidden myuser users

  • PHP script runs as ” wwwrun / www”, so i need to change default permissions and ownership in order to read /media folder.

Troubleshooting history:

  1. Except for the info of hard drives, the rest is identical in both /etc/fstab (openSUSE 11.3 vs 12.1):
    … HD mounting conf …
    proc /proc proc defaults 0 0
    sysfs /sys sysfs noauto 0 0
    debugfs /sys/kernel/debug debugfs noauto 0 0
    usbfs /proc/bus/usb usbfs noauto 0 0
    devpts /dev/pts devpts mode=0620,gid=5 0 0

  2. Partial ouput of “mount” command in openSUSE 12.1
    (last two lines with info of removable media)

    /dev/sdc1 on /media/MYPENDRIVE_USB type vfat (rw,nosuid,nodev,relatime,uid=1000,gid=100,fmask=0022,dmask=0077,codepage=cp437,iocharset=iso8859-1,shortname=mixed,showexec,utf8,errors=remount-ro,uhelper=udisks)
    /dev/sr0 on /media/MYIMAGES_DVD type iso9660 (ro,nosuid,nodev,relatime,uid=0,gid=0,iocharset=utf8,mode=0400,dmode=0500,uhelper=udisks)

  3. First try to workaround: fstab
    If I create folders (as root) /media/usb and /media/dvd and add these lines to /etc/fstab :

/dev/sdc1 /media/usb auto user,noauto,exec,utf8 0 0
/dev/sr0 /media/dvd auto user,noauto,exec,utf8 0 0

DVD and USB Pendrive mount OK:
Permissions Ownership
Device Owner Group Everyone Owner Group
DVD Read only Read only Read only root root
USB RW only Read only Read only myuser root

“mount” output:
/dev/sr0 on /media/dvd type iso9660 (ro,nosuid,nodev,relatime,utf8,user=myuser)
/dev/sdc1 on /media/usb type vfat (rw,nosuid,nodev,relatime,uid=1000, fmask=0022, dmask=0022, codepage=cp437, iocharset=iso8859-1,shortname=mixed,utf8, errors=remount-ro,user=myuser)

BUT after RESTART, all folders inside /media are ERASED.
If I try to mount again, dolphin says “mounting point doesnt exist” and I should create again /dvd and /usb inside /media.

  1. Second try to workaround: permission files for udev
    I’ve learned that openSUSE 12.1 uses udev instead of HAL, and it follows rules written in those particular files to mount devices.
    After several days googling, ctr+f and becoming bold, I didnt found where are default values for permissions and ownership of removable media. So, where are they ?

PD: Attached are some rules of my openSUSE 12.1
(Do you see it? Please let me know)

contents of /etc/udev/udev.conf :
udev_log=“err”

contents of /etc/udev/rules.d/70-persistent-cd.rules :
(without comments)
SUBSYSTEM==“block”, ENV{ID_CDROM}=="?", ENV{ID_PATH}==“pci-0000:00:1f.1-scsi-0:0:1:0”, SYMLINK+=“cdrom”, ENV{GENERATED}=“1”
SUBSYSTEM==“block”, ENV{ID_CDROM}=="?", ENV{ID_PATH}==“pci-0000:00:1f.1-scsi-0:0:1:0”, SYMLINK+=“cdrw”, ENV{GENERATED}=“1”
SUBSYSTEM==“block”, ENV{ID_CDROM}=="?", ENV{ID_PATH}==“pci-0000:00:1f.1-scsi-0:0:1:0”, SYMLINK+=“dvd”, ENV{GENERATED}=“1”
SUBSYSTEM==“block”, ENV{ID_CDROM}=="?", ENV{ID_PATH}==“pci-0000:00:1f.1-scsi-0:0:1:0”, SYMLINK+=“dvdrw”, ENV{GENERATED}=“1”

contents of /lib/udev/rules.d/60-cdrom_id.rules
(without comments)
ACTION==“remove”, GOTO=“cdrom_end”
SUBSYSTEM!=“block”, GOTO=“cdrom_end”
KERNEL!=“sr[0-9]|xvd”, GOTO=“cdrom_end”
ENV{DEVTYPE}!=“disk”, GOTO=“cdrom_end”
KERNEL==“sr[0-9]", ENV{ID_CDROM}=“1”
ENV{DISK_EJECT_REQUEST}=="?”, RUN+=“cdrom_id --eject-media $tempnode”, GOTO=“cdrom_end”
IMPORT{program}=“cdrom_id --lock-media $tempnode”
LABEL=“cdrom_end”

Partial content of ** /lib/udev/rules.d/50-udev-default.rules**
(just where sr* appears, sr* = my dvd)

cdrom

SUBSYSTEM==“block”, KERNEL==“sr[0-9]", SYMLINK+=“scd%n”, GROUP=“cdrom”
SUBSYSTEM==“scsi_generic”, SUBSYSTEMS==“scsi”, ATTRS{type}==“4|5”, GROUP=“cdrom”
KERNEL=="pktcdvd[0-9]”, GROUP=“cdrom”
KERNEL==“pktcdvd”, GROUP=“cdrom”

content of /lib/udev/rules.d/75-cd-aliases-generator.rules

these rules generate rules for the /dev/{cdrom,dvd,…} symlinks

the “path” of usb/ieee1394 devices changes frequently, use “id”

ACTION==“add”, SUBSYSTEM==“block”, SUBSYSTEMS==“usb|ieee1394”, ENV{ID_CDROM}=="?", ENV{GENERATED}!="?",
PROGRAM=“write_cd_rules by-id”, SYMLINK+="%c", GOTO=“persistent_cd_end”
ACTION==“add”, SUBSYSTEM==“block”, ENV{ID_CDROM}=="?", ENV{GENERATED}!="?", PROGRAM=“write_cd_rules”, SYMLINK+="%c"
LABEL=“persistent_cd_end”

inside /etc/permissions (easy | local | paranoid | secure) there are not rules for /media

Albert

#2

On 2012-03-19 21:36, albertsoares69 wrote:
>
> Short question:
>
> Where are default permissions and ownership for removable media in
> openSUSE 12.1 ?

Automatic somewhere. Udev I think.

> Troubleshooting history:
>
> 1) Except for the info of hard drives, the rest is identical in both
> /etc/fstab (openSUSE 11.3 vs 12.1):
> … HD mounting conf …

Please use code tags to post computer code. I had to unwrap your text to
read it.


> proc        /proc               proc      defaults          0 0
> sysfs       /sys                sysfs     noauto            0 0
> debugfs     /sys/kernel/debug   debugfs   noauto            0 0
> usbfs       /proc/bus/usb       usbfs     noauto            0 0
> devpts      /dev/pts            devpts    mode=0620,gid=5   0 0
  1. Partial ouput of “mount” command in openSUSE 12.1
    (last two lines with info of removable media)

> /dev/sdc1 on /media/MYPENDRIVE_USB type vfat (rw,nosuid,nodev,relatime,uid=1000,gid=100,fmask=0022,dmask=0077,codepage=cp437,iocharset=iso8859-1,shortname=mixed,showexec,utf8,errors=remount-ro,uhelper=udisks)
> /dev/sr0 on /media/MYIMAGES_DVD type iso9660 (ro,nosuid,nodev,relatime,uid=0,gid=0,iocharset=utf8,mode=0400,dmode=0500,uhelper=udisks)

> 3) First try to workaround: fstab
> If I create folders (as root) /media/usb and /media/dvd and add these
> lines to /etc/fstab :

It will not work.

> BUT after RESTART, all folders inside /media are ERASED.
> If I try to mount again, dolphin says “mounting point doesnt exist”
> and I should create again /dvd and /usb inside /media.

That’s the reason it will not work.
This is an intentional feature of 12.1, it is documented (or it should, I
wrote a bugzilla requesting it be documented).

/media is a directory created in RAM, not hard disk. It disappears on any
reset. If you want mounts there via fstab, do not use them. Instead create
them in /mnt. If you insist on using /media, it is up to you to create the
mount points with appropriate permissions on every reboot.

> 4) Second try to workaround: permission files for udev

Yes, this is the route. I can’t help you here, I know little about it.
However, you will have to repost those rules you made using code tags if
you want people to read and help :wink:

> inside /etc/permissions (easy | local | paranoid | secure) there are
> not rules for /media

No, there can’t be rules there for dynamic media.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)

#3

Gracias Carlos for your quick answer and suggestions.

Please use code tags to post computer code. I had to unwrap your text to read it.

Newbie mistake. That will never happen again, number one! :slight_smile:

/media is a directory created in RAM, not hard disk. It disappears on any
reset. If you want mounts there via fstab, do not use them. Instead create
them in /mnt. If you insist on using /media, it is up to you to create the
mount points with appropriate permissions on every reboot.

I guess this will be my workaround #1.

> 4) Second try to workaround: permission files for udev

Yes, this is the route. I can’t help you here, I know little about it.
However, you will have to repost those rules you made using code tags if
you want people to read and help :wink:

Here’s my homework:

contents of /etc/udev/udev.conf

udev_log="err"

contents of /etc/udev/rules.d/70-persistent-cd.rules
(without comments)

SUBSYSTEM=="block", ENV{ID_CDROM}=="?*", ENV{ID_PATH}=="pci-0000:00:1f.1-scsi-0:0:1:0", SYMLINK+="cdrom", ENV{GENERATED}="1"
SUBSYSTEM=="block", ENV{ID_CDROM}=="?*", ENV{ID_PATH}=="pci-0000:00:1f.1-scsi-0:0:1:0", SYMLINK+="cdrw", ENV{GENERATED}="1"
SUBSYSTEM=="block", ENV{ID_CDROM}=="?*", ENV{ID_PATH}=="pci-0000:00:1f.1-scsi-0:0:1:0", SYMLINK+="dvd", ENV{GENERATED}="1"
SUBSYSTEM=="block", ENV{ID_CDROM}=="?*", ENV{ID_PATH}=="pci-0000:00:1f.1-scsi-0:0:1:0", SYMLINK+="dvdrw", ENV{GENERATED}="1"

contents of /lib/udev/rules.d/60-cdrom_id.rules
(without comments)

ACTION=="remove", GOTO="cdrom_end"
SUBSYSTEM!="block", GOTO="cdrom_end"
KERNEL!="sr[0-9]*|xvd*", GOTO="cdrom_end"
ENV{DEVTYPE}!="disk", GOTO="cdrom_end"
KERNEL=="sr[0-9]*", ENV{ID_CDROM}="1"
ENV{DISK_EJECT_REQUEST}=="?*", RUN+="cdrom_id --eject-media $tempnode", GOTO="cdrom_end"
IMPORT{program}="cdrom_id --lock-media $tempnode"
LABEL="cdrom_end"

Partial content of /lib/udev/rules.d/50-udev-default.rules
(just where sr* appears, sr* = my dvd)

...
# cdrom
SUBSYSTEM=="block", KERNEL=="sr[0-9]*", SYMLINK+="scd%n", GROUP="cdrom"
SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", GROUP="cdrom"
KERNEL=="pktcdvd[0-9]*", GROUP="cdrom"
KERNEL=="pktcdvd", GROUP="cdrom"
…

content of /lib/udev/rules.d/75-cd-aliases-generator.rules

# these rules generate rules for the /dev/{cdrom,dvd,...} symlinks
# the "path" of usb/ieee1394 devices changes frequently, use "id"
ACTION=="add", SUBSYSTEM=="block", SUBSYSTEMS=="usb|ieee1394", ENV{ID_CDROM}=="?*", ENV{GENERATED}!="?*", \
PROGRAM="write_cd_rules by-id", SYMLINK+="%c", GOTO="persistent_cd_end"
ACTION=="add", SUBSYSTEM=="block", ENV{ID_CDROM}=="?*", ENV{GENERATED}!="?*", PROGRAM="write_cd_rules", SYMLINK+="%c"
LABEL="persistent_cd_end"

Hope it will be easier to help.

Albert

#4

Recap:

  1. PHP script needs to read USB and DVD to get some files.
  2. Script works well in openSUSE 11.3 but no so in openSUSE 12.1 because of permissions and ownership assigned to removable media.
  3. This is openSUSE 12.1 mount output for default values:

/dev/sdc1 on /media/MY_USB_FLASH_DRIVE type vfat (rw,nosuid,nodev,relatime,uid=1000,gid=100,fmask=0022,dmask=0077,codepage=cp437,iocharset=iso8859-1,shortname=mixed,showexec,utf8,errors=remount-ro,uhelper=udisks)
/dev/sr0 on /media/MY_DVDROM type iso9660 (ro,nosuid,nodev,relatime,uid=1000,gid=100,iocharset=utf8,mode=0400,dmode=0500,uhelper=udisks)

Look at dmask=0077 in USB and mode=0400 in DVD.

Workaround:

  1. Set udev rule for USB flash drive
  2. Set entry in /etc/fstab for DVD
    **
    History of troubleshooting:**

1) Modified fstab didnt work for USB flash drive:

Ok it worked after modifying fstab file and immediately inserting DVD or USB Flash drive.
Entries on /etc/fstab:


/dev/sdc1            /mnt/usb           auto       user,noauto,exec,utf8        0    0
/dev/sr0             /mnt/dvd           auto       user,noauto,exec,utf8        0    0

I had to created folders /mnt/dvd and /mnt/usb. Dont forget adding a newline at the of document to avoid an annoying error message.

This is mount output after immediately inserting dvd and/or usb device:


/dev/sdc1 on /mnt/usb type vfat (rw,nosuid,nodev,relatime,fmask=0022,dmask=0022,codepage=cp437,iocharset=iso8859-1,shortname=mixed,utf8,errors=remount-ro)
/dev/sr0 on /mnt/dvd type iso9660 (ro,nosuid,nodev,relatime,utf8)

If I eject/unmount devices and ***restart, ***system halt at

waiting for /dev/disk/by-id/MY_USB_FLASH_DRIVE_ID...............................timeout

If device is present it will mount. So fstab try to mount USB every time rather than automatically.
**
2)** /etc/udev/rules.d** only works for USB not DVD**

I first tried to make a rule for mounting my USB flash drive wich now works fine:

#/etc/udev/rules.d/11-mnt-auto-mount_albert.rules
# ON EDIT REMENBER TO DO >udevadm control --reload-rules

#RULES to mount USB flash drive in PC02 ALBERT
# Start at sdc to avoid system harddrives.
KERNEL!="sdc[0-9]", GOTO="media_by_label_auto_mount_end"

# Import FS infos
IMPORT{program}="/sbin/blkid -o udev -p %N"

# Get a label if present, otherwise specify one
ENV{ID_FS_LABEL}!="", ENV{dir_name}="%E{ID_FS_LABEL}"
ENV{ID_FS_LABEL}=="", ENV{dir_name}="usb-%k"

# Global mount options
ACTION=="add", ENV{mount_options}="relatime"
# Filesystem-specific mount options
ACTION=="add", ENV{ID_FS_TYPE}=="vfat|ntfs", ENV{mount_options}="$env{mount_options},utf8,gid=100,umask=002"

# Mount the device
ACTION=="add", RUN+="/bin/mkdir -p /mnt/%E{dir_name}", RUN+="/bin/mount -o $env{mount_options} /dev/%k /mnt/%E{dir_name}"

# Clean up after removal
ACTION=="remove", ENV{dir_name}!="", RUN+="/bin/umount -l /mnt/%E{dir_name}", RUN+="/bin/rmdir /mnt/%E{dir_name}"

# Exit
LABEL="media_by_label_auto_mount_end"

With this rule my USB flash drive mounts fine:

/dev/sdc1 on /mnt/ALBERT_USB type vfat (rw,relatime,gid=100,fmask=0002,dmask=0002,allow_utime=0020,codepage=cp437,iocharset=iso8859-1,shortname=mixed,utf8,errors=remount-ro)

Seems to be that CD, DVD are managed with udisk, all attempts to write local rules to mount DVD, were (allegedly) ignored. I tried many combinations and none worked. :’(
If somebody achieved this, I would appreciate posting how to make it. Please dont answer by hunch.

The question of this post is still without answer:

** Where are default permissions and ownership for removable media in openSUSE 12.1 ?**

Albert :slight_smile:

#5

On 2012-03-27 20:36, albertsoares69 wrote:

> Code:
> --------------------
>
> /dev/sdc1 /mnt/usb auto user,noauto,exec,utf8 0 0
> /dev/sr0 /mnt/dvd auto user,noauto,exec,utf8 0 0
>
> --------------------

You need to add “nofail” to avoid failure to boot if the devices are
missing. Another detail is not to use /dev/sdc, but one of the inmutable
links in /dev/disk-by/something - because if you have two usb devices
plugged in at boot, the one you are interested in might not be sdc. I like
to use LABEL.

> The question of this post is still without answer:
>
> WHERE ARE DEFAULT PERMISSIONS AND OWNERSHIP FOR REMOVABLE MEDIA IN
> OPENSUSE 12.1 ?

Sorry, I still do not know.

When I need to have some set of permissions, I mount manually with entries
in fstab, the automatics are unreliable for me. Worst, if you learn a
method chances are they use a new one on the next version and your trick
will stop working :.(

By the way, you are having problems with permissions, I guess, because your
external media is not formatted with a Linux native filesystem. But you may
have reasons to use fat or ntfs that I’m not aware of, like having to share
with windows computers.

I don’t remember if I said so, but you can also try asking in the openSUSE
mail list, it is a different set of users.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)