Site Navigation

Date:      26 Oct 2000 01:15:10 -0000
From:      mwm@mired.org
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   docs/22297: The FAQ entry for users mounting removable media needs updating
Message-ID:  <20001026011510.2715.qmail@guru.mired.org>

---

next in thread | raw e-mail | index | archive | help

---

>Number:         22297
>Category:       docs
>Synopsis:       The FAQ entry for users mounting removable media needs updating
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-doc
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Oct 25 18:20:02 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator:     Mike Meyer
>Release:        FreeBSD 5.0-CURRENT i386
>Organization:
Meyer Consulting
>Environment:

	People aren't often asking "how do I let users mount a floppy"; rather
	they are asking "how do I let users mount a cdrom".
	

>Description:

	 I think the emphasis on floppies in the FAQ entry is making
	 them miss it. The FAQ entry is also missing a step (adding an
	 entry to /etc/sysctl.conf) and is overpermissive in setting
	 device permissions.

>How-To-Repeat:

	Read -questions for a while, and watch.

>Fix:

	The attached patch to the FAQ file adds CDROMs to the title and
	procedure, lowers the device permissions a bit, including an
	example on how to restrict the ability to a group, and adds the
	sysctl.conf step. I reorganized the text a bit to work better
	with the new information.

--- book.sgml	Tue Oct 17 18:17:14 2000
+++ /tmp/book.sgml	Wed Oct 25 20:14:12 2000
@@ -6343,7 +6343,7 @@
 
       <qandaentry>
         <question>
-          <para>How do I let ordinary users mount floppies and other removable
+          <para>How do I let ordinary users mount floppies, CDROMs and other removable
             media?</para>
         </question>
 
@@ -6353,6 +6353,14 @@
 
           <procedure>
             <step>
+              <para>As <username>root</username> set the sysctl variable
+                <varname>vfs.usermount</varname> to
+                <literal>1</literal>.</para>
+
+              <screen>&prompt.root; <userinput>sysctl -w vfs.usermount=1</userinput></screen>
+            </step>
+
+            <step>
               <para>As <username>root</username> assign the appropriate
                 permissions to the block device associated with the
                 removable media.</para>
@@ -6360,33 +6368,47 @@
               <para>For example, to allow users to mount the first floppy
                 drive, use:</para>
 
-              <screen>&prompt.root; <userinput>chmod 777 /dev/fd0</userinput></screen>
-            </step>
+              <screen>&prompt.root; <userinput>chmod 666 /dev/fd0</userinput></screen>
 
-            <step>
-              <para>As <username>root</username> set the sysctl variable
-                <varname>vfs.usermount</varname> to
-                <literal>1</literal>.</para>
+              <para>To allow users in the group
+                <username>operator</username> to mount the cdrom drive,
+                use:</para>
 
-              <screen>&prompt.root; <userinput>sysctl -w vfs.usermount=1</userinput></screen>
+              <screen>&prompt.root; <userinput>chgrp operator /dev/cd0c</userinput>
+&prompt.root; <userinput>chmod 640 /dev/cd0c</userinput></screen>
             </step>
+
+	    <step>
+	      <para>Finally, add the line
+		<literal>vfs.usermount=1</literal> to the file
+		<filename>/etc/sysctl.conf</filename> so that it is reset
+		at system boot time.</para>
+	    </step>
           </procedure>
 
-          <para>Users can now mount <filename>/dev/fd0</filename> onto a
-            directory that they own:</para>
+          <para>All users can now mount the floppy
+            <filename>/dev/fd0</filename> onto a directory that they
+            own:</para>
 
           <screen>&prompt.user; <userinput> mkdir ~/my-mount-point</userinput>
 &prompt.user; <userinput> mount -t msdos /dev/fd0 ~/my-mount-point</userinput></screen>
 
+          <para>Users in group <username>operator</username> can now
+            mount the cdrom <filename>/dev/cd0c</filename> onto a
+            directory that they own:</para>
+
+          <screen>&prompt.user; <userinput> mkdir ~/my-mount-point</userinput>
+&prompt.user; <userinput> mount -t msdos /dev/cd0c ~/my-mount-point</userinput></screen>
+
           <para>Unmounting the device is simple:</para>
 
           <screen>&prompt.user; <userinput>umount <filename>~/my-mount-point</filename></userinput></screen>
 
           <para>Enabling <varname>vfs.usermount</varname>, however, has
             negative security implications.  A better way to access MSDOS
-            formatted media is to use the <ulink
-            URL="http://www.freebsd.org/cgi/ports.cgi?query=%5Emtools-&amp;stype=name">mtools</ulink>;
-            package in the ports collection.</para>
+            formatted media (<emphasis>not CDROMs</emphasis>) is to
+	    use the <ulink
+	    URL="http://www.freebsd.org/cgi/ports.cgi?query=%5Emtools-&amp;stype=name">mtools</ulink>; package in the ports collection.</para> 
         </answer>
       </qandaentry>
 

>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-doc" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001026011510.2715.qmail>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact