Page 1 of 1

LM14 auto mount point

Posted: Wed Dec 05, 2012 9:41 am
by maxb
Hi friends!
After a fresh installation of LM14 I note that inserting an USB disk or
mounting a partition by clicking on the triangle key near the name
in Nemo the mount point of this new area is /media/<username>/sdax.
So if my username is max, when I mount the internal partition sda1 I'll find it
under /media/max/sda1

The difference with previous LM version is the addition of the <username> part
on the mount point and that this mount point became property of the same user.
All well, all right... a point of view while making the distribution.
But I don't like the change of the mount point and return back adding some
lines in /etc/fstab:

/dev/sda1 /media/sda1 ...

Now all is ok for me, no problem at all.

I think that the job of the mount point name construction is done by udev
but I don't find anything usefull investigating the /lib/udev/rules.d, also
using "udevadm test /block/sda/sda1" doesn't permit to find the point where
there is the association of the mount point with the username.

Is there someone that can help me in understanding better this particular way
of auto mounting a disk/partition?
Thank you

Re: LM14 auto mount point

Posted: Wed Dec 05, 2012 1:27 pm
by altair4
Depending on how you use that mounted partition it's actually worse than you described it.

Let's suppose you have an external or even an internal ext3 partition that you have set to 777 permissions so everyone can use it. When you mount it it mounts to /media/altair/LABEL. Take a look at the permissions along the path:
ls -al /media/altair
drwxr-x---+ 3 root root 4096 Dec 5 11:57 .
drwxr-xr-x 5 root root 4096 Nov 21 15:38 ..
drwxrwxrwx 3 root root 4096 Apr 25 2012 LABEL
The permissions on /media/altiar/LABEL are 777 just like they should be but the permissions of /media/altair is this:
drwxr-x---+ 3 root root 4096 Dec 5 11:57 .
It looks at first glance that altair or anyone else hasn't got a change to get to the partition since it's only allowing root access. But then you notice the "+" at the end. It's using ACL's to determine access to the mounted partition and in this case it's only altair:
sudo getfacl /media/altair
# file: media/altair
# owner: root
# group: root
user::rwx
user:altair:r-x
group::---
mask::r-x
other::---
If you were really obsessed about security in a multiuser system and one where these users were logged on simultaneously then only altair and no others could access that partition. An NTFS partition would always mount in a somewhat similar fashion because it would mount to /media/LABEL with owner = mounter and permissions of 700. Maybe this was an attempt to have them all mount with the same type of rules.

It makes a royal mess of things if you create a samba share on that ext3 partition since you either have to force the remote samba client to appear to be altair or do what you did and take adult control over how and where that partition is mounted.

In any event this isn't Mints doing.