From owner-freebsd-questions@FreeBSD.ORG  Fri May  6 13:29:05 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A50CF16A4D3
	for <freebsd-questions@freebsd.org>;
	Fri,  6 May 2005 13:29:05 +0000 (GMT)
Received: from mail23.sea5.speakeasy.net (mail23.sea5.speakeasy.net
	[69.17.117.25])	by mx1.FreeBSD.org (Postfix) with ESMTP id 7B36E43D9A
	for <freebsd-questions@freebsd.org>;
	Fri,  6 May 2005 13:29:05 +0000 (GMT)
	(envelope-from freebsd-questions-local@be-well.ilk.org)
Received: (qmail 20070 invoked from network); 6 May 2005 13:29:05 -0000
Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org)
	([66.92.78.145])
	(envelope-sender <freebsd-questions-local@be-well.ilk.org>)
	by mail23.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP
	for <freebsd-questions@freebsd.org>; 6 May 2005 13:29:05 -0000
Received: by be-well.ilk.org (Postfix, from userid 1147)
	id B191630; Fri,  6 May 2005 09:29:04 -0400 (EDT)
Sender: lowell@be-well.ilk.org
To: Emanuel Strobl <Emanuel.strobl@gmx.net>
References: <200505060941.56312@harrymail>
From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org>
Date: 06 May 2005 09:29:04 -0400
In-Reply-To: <200505060941.56312@harrymail>
Message-ID: <447jich49r.fsf@be-well.ilk.org>
Lines: 28
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
cc: freebsd-questions@freebsd.org
Subject: Re: vfs.usermount and directory owner
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: freebsd-questions@freebsd.org
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 May 2005 13:29:05 -0000

Emanuel Strobl <Emanuel.strobl@gmx.net> writes:

> I want to be able to access my cd drive as normal user. As any user, not a 
> specific one. So it's a problem that I can't mount it to a general 
> directory like /cdrom since only one user can be owner and it looks like 
> it's required that the mountpoint belongs to the user, even with 
> vfs.usermount=1 set.

Yes.

> I can't see any security reason for that. If I decide to let users mount 
> something (with vfs.usermount) why is there an extra check regarding the 
> owner of the mountpoint?

So they can control access to the filesystem.

> Is there another sysctl which disables that prerequisite or at least shifts 
> the check to group instead of user id?

No.  

The normal approaches are to either use mount points in users' home
directories, or to use fbtab(5) to change ownership of common mount
points.  Is there some reason these won't work for you?

-- 
Lowell Gilbert, embedded/networking software engineer, Boston area
		http://be-well.ilk.org/~lowell/