Fstab security and auto mount-SOLVED

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post please read this

Fstab security and auto mount-SOLVED

Postby tosh124 on Tue May 31, 2011 10:59 am

HI all,
I thought I had the security permissions and auto mount sorted. but maybe not!
The Fstab content are below, but I have a drive that I want to leave open for the kids and another that only adults can get into. Unfortunately, whilst they do auto mount the permissions don't work, suggestions anyone?

many thanks
Col

# /etc/fstab: static file system information.
#
# Use 'vol_id --uuid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
# / was on /dev/sda1 during installation
UUID=385ecae6-bd34-41c3-a524-974b8cd6d17f / ext3 errors=remount-ro 0 1
# swap was on /dev/sda2 during installation
UUID=c6876978-438f-4a1e-ae53-dacdf22d1e4a none swap sw 0 0
/dev/scd0 /media/cdrom0 udf,iso9660 user,noauto 0 0
proc /proc proc nodev,noexec,nosuid 0 0
/dev/sda2 / ext4 rw,errors=remount-ro 0 0
/dev/sdb2 /media/DataNew ntfs defaults,umask=000,uid=1000 0 0---No permissions here everyone full access
/dev/sdb1 /media/CMStore ntfs defaults,umask=002,uid=1000,gid=adults 0 0
/dev/sda4 /media/DataBackup ext4 defaults,umask=000,uid=1000 0 0
----adults only access here
Last edited by tosh124 on Tue May 31, 2011 3:24 pm, edited 1 time in total.
tosh124
Level 2
Level 2
 
Posts: 70
Joined: Sun Jun 20, 2010 4:37 am

Linux Mint is funded by ads and donations.
 

Re: Fstab security and auto mount

Postby altair4 on Tue May 31, 2011 11:39 am

Do I have this right?

You want /media/DataNew to have full access - which it does.
But you want /media/DataBackup to be accessible to adults only.

First, you can't use this syntax on a Linux filesystem ( different rules for different filesystems I'm afraid ):
/dev/sda4 /media/DataBackup ext4 defaults,umask=000,uid=1000 0 0

The umask and uid thing is only for Windows filesystems so change it to:
Code: Select all
/dev/sda4 /media/DataBackup ext4 defaults,noatime 0 2

Then unmount the partition:
Code: Select all
sudo umount /media/DataBackup

And remount it without a reboot:
Code: Select all
sudo mount -a


Second, you need to define what type of access to the "adults. Here's one definition:

[1] Create a new group called adults:
Code: Select all
sudo groupadd adults

[2] Add each of the users you classify as adults to that group:
Code: Select all
sudo gpasswd -a altair adults

[3] Change ownership of the mounted partition:
Code: Select all
sudo chown :adults /media/DataBackup

[4] Change permissions of the mounted partition:
Code: Select all
sudo chmod 2770 /media/DataBackup

[5] Change the default umask:
Code: Select all
gksu gedit /etc/profile

And modify the last line to this:
Code: Select all
umask 002


This will limit access to the partition only to those members of the "adult" group. Each member will have the ability to add to and delete from the partition and all members will be able to write to each other's files. All new files by "adults" will save with group = adults and permissions of 664 which will enable all other member of the group to have write access to that file.

If that is not exactly what you had in mind or it goes too far in allowing access rights, you might want to look at this for other scenarios:
HowTo: Multi User Shared Local Directory: viewtopic.php?f=42&t=69834
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
altair4
Level 15
Level 15
 
Posts: 5805
Joined: Tue Feb 03, 2009 10:27 am

Re: Fstab security and auto mount

Postby tosh124 on Tue May 31, 2011 2:17 pm

HI Altair,
you do indeed have it right.
I have 3 drives (2*NTFS and 1*ext4) which I want to sort out the permissions on.
DataBackup (ext4)=adults only (Fstab line is "/dev/sda4 /media/DataBackup ext4 defaults,noatime 0 2")
CMStore(NTFS)=adults only (Fstab line is "/dev/sdb1 /media/CMStore ntfs defaults,umask=002,uid=1000,gid=adults 0 0")
DataNew(NTFS)=everyone full access, which works

Neither the DataBackup nor the CMStore prevent read access, although that does seem to be about it. I would prefer if they had no access at all, not that I don't trust them you understand :D

thanks again
Col
tosh124
Level 2
Level 2
 
Posts: 70
Joined: Sun Jun 20, 2010 4:37 am

Re: Fstab security and auto mount

Postby altair4 on Tue May 31, 2011 2:31 pm

If you don't want read access to anyone outside the "adult" group in CMStore the then change this:
/dev/sdb1 /media/CMStore ntfs defaults,umask=002,uid=1000,gid=adults 0 0

to this:
/dev/sdb1 /media/CMStore ntfs defaults,umask=007,uid=1000,gid=adults 0 0

Then unmount the partition:
Code: Select all
sudo umount /media/CMStore

And mount it again:
Code: Select all
sudo mount -a


As far as the DataBackup partition the method I proposed in my previous post will do that. It will make it accessible only to the "adults". It will also make the contents of that partition writeable so that it will act like the CMStore partition.
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
altair4
Level 15
Level 15
 
Posts: 5805
Joined: Tue Feb 03, 2009 10:27 am

Re: Fstab security and auto mount

Postby tosh124 on Tue May 31, 2011 3:23 pm

Excellent!
Thanks very much for your help, yet again!!

best wishes
Col
tosh124
Level 2
Level 2
 
Posts: 70
Joined: Sun Jun 20, 2010 4:37 am


Return to Other Topics

Who is online

Users browsing this forum: No registered users and 3 guests