Operating System - HP-UX
1748196 Members
2600 Online
108759 Solutions
New Discussion юеВ

Re: Mount as a normal user

 
Jan Studsgaard_2
Frequent Advisor

Mount as a normal user

I need to mount a filesystem as a normal user, not as root.
Can I do that?
Best Regards
Jan Studsgaard

jsj@unimerco.dk
6 REPLIES 6
Stefan Farrelly
Honored Contributor

Re: Mount as a normal user


Sorry, you cant. The mount command can only be run by root, even if you change the permissions to 4555 (setuid to root) you still cannot run it as non root.
Im from Palmerston North, New Zealand, but somehow ended up in London...
Thierry Poels_1
Honored Contributor

Re: Mount as a normal user

Hi,

from the man pages:
"The mount command mounts file systems. Only a superuser can mount file systems. Other users can use mount to list mounted file systems."

There are of course workarounds with sudo or executables with 'set-owner-ID-on-file-execution'.

good luck,
Thierry.
All unix flavours are exactly the same . . . . . . . . . . for end users anyway.
Wodisch
Honored Contributor

Re: Mount as a normal user

Hello Jan,

YES, you can! You start SAM with the "-r" option, and instruct it to add a new command. That would be the mount command, to br run under user-id "root". Then you instruct SAM to permit that commadn for your "plain" user.
That's all,

HTH,
Wodisch
A. Clay Stephenson
Acclaimed Contributor

Re: Mount as a normal user

Hi:

This is normally a VERY dangerous command for a non-root user to use. While you can set up a SAM user to allow this command or get sudo from one one the HP-UX Porting Centers to do the same thing - it is still dangerous. If I were going to allow anything, it would be to mount/unmount a cdrom. In which case, I would write a wrapper script for the commands to only mount/unmount the cdrom and then sudo or make this a SAM -r type command.

Regards, Clay
If it ain't broke, I can fix that.
Bernie Vande Griend
Respected Contributor

Re: Mount as a normal user

3 options:
1) Restricted sam (sam -r) to set up.
2) Use sudo
3) use 3rd party utility such as PowerBroker, AccessControl, etc.

Personally, I agree with Stephan, limit this as much as you can. If there are only certain filesystems you want them to mount/umount, then write a wrapper script to specifically only allow mount/umounts of them and use one of the methods above to let them run it.
Ye who thinks he has a lot to say, probably shouldn't.
Eugen Cocalea
Respected Contributor

Re: Mount as a normal user

Hi,

I suppose you want to mount the cdrom and or floppy (I don't see any other filesystems you may want to mount as an user).

Write a program / script which runs as root that is something like an interface (imagine something with four buttons: mount/umount cdrom/floppy).

There are other ways as sudo. The mount command doesn't care about setuid root as it checks for the user's that issues the command id.

E.
To Live Is To Learn