From owner-freebsd-questions@FreeBSD.ORG Fri Jan 7 15:50:06 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2CA5816A4CE for ; Fri, 7 Jan 2005 15:50:06 +0000 (GMT) Received: from mail5.speakeasy.net (mail5.speakeasy.net [216.254.0.205]) by mx1.FreeBSD.org (Postfix) with ESMTP id EFA1D43D1D for ; Fri, 7 Jan 2005 15:50:05 +0000 (GMT) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: (qmail 15528 invoked from network); 7 Jan 2005 15:50:05 -0000 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org) ([66.92.78.145]) (envelope-sender ) by mail5.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 7 Jan 2005 15:50:05 -0000 Received: by be-well.ilk.org (Postfix, from userid 1147) id 1961B69; Fri, 7 Jan 2005 10:50:04 -0500 (EST) Sender: lowell@be-well.ilk.org To: Kevin Smith References: <41DE22AE.50101@adelphia.net> <41DE2457.20508@incubus.de> <41DE2FA3.4090500@adelphia.net> From: Lowell Gilbert Date: 07 Jan 2005 10:50:03 -0500 In-Reply-To: <41DE2FA3.4090500@adelphia.net> Message-ID: <44is69me6s.fsf@be-well.ilk.org> Lines: 32 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-questions@freebsd.org Subject: Re: how do I permit ordinary users to mound SCSI devices ? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-questions@freebsd.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Jan 2005 15:50:06 -0000 Kevin Smith writes: > Matthias Buelow wrote: > > > Kevin Smith wrote: > > > >> How do I permit ordinary users to mound SCSI devices ? > >> > >> As suggested in the FAQ, section 9, I am able to allow members of > >> operator group mount the cdrom by setting sysctl -w vfs.usrmount=1 > >> This does not appear to work with SCSI devices. (ex: /dev/da0s2) > >> I get the error: > >> > mount -t msdos /dev/da0s2 ~/ipod > >> msdosfs: /dev/da0s2: Permission denied > > > > > > the last time I was bitten by that issue, the mount point had to be > > owned by the user (group write access apparently isn't enough). > > that's a bit of a problem with things like gui mounters and I hope > > that that behaviour will be changed sometime in the future. at > > least I can't see any security problems with a user being able to > > mount over a mountpoint where he only has group write access. > > > I thought that was the case, but I created a directory in the user's > home directory (as that user) and used it as the mount point and it > still does not permit it (see example above: ~/ipod is owned by the > user). It works with the cdrom device though- i can mount that as a > regular operator user. Sounds like the users don't have permissions on /dev/da0s2 but do have permissions on /dev/acd0.