View previous topic :: View next topic |
Author |
Message |
Jimmy2027 n00b
Joined: 12 May 2020 Posts: 34
|
Posted: Tue Oct 13, 2020 1:19 pm Post subject: specify user in fstab |
|
|
Hello, I want to mount an external hard drive such that only user "larry" and root can access it. Is there a way to do this in the fstab file?
Also another somehow related question: Is there a way to change access rights of a folder in an external hard drive?
For example, if I have a folder that should only be accessible by user "larry" in a mounted external hard drive that is accessible by all users?
If I try to run `chown larry my_folder` as root in the mounted hard drive, I get the error:
`chown: changing ownership of my_folder: Operation not permitted` |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54330 Location: 56N 3W
|
Posted: Tue Oct 13, 2020 1:37 pm Post subject: |
|
|
Jimmy2027,
The user= option to mount, however its called, only works with non *NIX filesystems that do not support *NIX permissions.
It will work for vfat and ntfs and a few others.
Change the permissions on the mount point while the filesystem is not mounted.
A word of warning. Linux uses UIDs everywhere. User names are for display only.
If you want this to work on several systems, larry must have the same UID on every system. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
Tony0945 Watchman
Joined: 25 Jul 2006 Posts: 5127 Location: Illinois, USA
|
Posted: Tue Oct 13, 2020 3:39 pm Post subject: |
|
|
NeddySeagoon wrote: | A word of warning. Linux uses UIDs everywhere. User names are for display only.
If you want this to work on several systems, larry must have the same UID on every system. |
Example here: [solved] CIFS mount owned by fakeuser wheel |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 21724
|
Posted: Tue Oct 13, 2020 3:43 pm Post subject: |
|
|
What filesystem type is used by the external drive? Do you require that the access control apply regardless of the computer used to access the drive, or is it sufficient that the Gentoo Linux system in question enforces it? In the latter case, someone could move the drive to a different system and allow users other than root and larry to access it. |
|
Back to top |
|
|
Jimmy2027 n00b
Joined: 12 May 2020 Posts: 34
|
Posted: Tue Oct 13, 2020 5:21 pm Post subject: |
|
|
Thanks for the replies! I have tried to add user=hendrik to the fstab, however after unmounting and mounting the external drive, all users could still access it.
My fstab entry looks like the following, with 1000 my user uid:
LABEL=my_external_drive /mnt/my_external_drive exfat user=1000 0 0
The external drive uses the exfat file system and should in theory never change place. It would be enough if the Gentoo Linux system it is mounted on would enforce the access rights.
However out of curiosity, how could one make sure that for any system only root or user larry can access the external drive? |
|
Back to top |
|
|
toralf Developer
Joined: 01 Feb 2004 Posts: 3925 Location: Hamburg
|
Posted: Tue Oct 13, 2020 5:54 pm Post subject: |
|
|
Jimmy2027 wrote: | However out of curiosity, how could one make sure that for any system only root or user larry can access the external drive? | encrypt it |
|
Back to top |
|
|
NeddySeagoon Administrator
Joined: 05 Jul 2003 Posts: 54330 Location: 56N 3W
|
Posted: Tue Oct 13, 2020 8:57 pm Post subject: |
|
|
Jimmy2027,
user allows any single user to mount the filesystem and that same user to unmount it again.
You want uid= and possibly gid=
Maybe fmask= and dmask= too.
The uid and gid for the same users/groups are not fixed across systems.
To make it work across systems the admin (that's you) needs to fix that. _________________ Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
Back to top |
|
|
Tony0945 Watchman
Joined: 25 Jul 2006 Posts: 5127 Location: Illinois, USA
|
Posted: Tue Oct 13, 2020 10:22 pm Post subject: |
|
|
I just updated and tested my example:
Code: | $ cat /etc/fstab |grep Documents
//trantor/Documents /home/tony/Documents cifs vers=1.0,users,credentials=/etc/credentials.tony,rw 0 0 |
format of the credentials file is given in "man mount.cifs" The file can be anywhere accessible at mount time. It doesn't have to be in /etc
It should be rw root only to prevent others from reading the password inside. Root, of course, could even change the password. |
|
Back to top |
|
|
|