HPE Community
Operating System - HP-UX
1825061 Members
4865 Online
109679 Solutions
New Discussion юеВ

mount for non-root users

 
sahertianr
Occasional Contributor

тАО02-12-2004 01:29 AM

тАО02-12-2004 01:29 AM

mount for non-root users

Hi,

How can I manage that non-root users can mount?
As a test I chmod the file: mount with 777.

I still get the message: must be root to use mount.

Thanks,
Ron
0 Kudos
Reply
8 REPLIES 8
Vijaya Kumar_3
Respected Contributor

тАО02-12-2004 01:32 AM

тАО02-12-2004 01:32 AM

Re: mount for non-root users

One way:

You can setup SUID for this mount command But this is insecure and not recommended.

Second way:
Try using using "sudo" package and give permissions for specific users to mount

Thanks
Vijay
Known is a drop, unknown is ocean - visit me at http://vijay.theunixplace.com
0 Kudos
Reply
RAC_1
Honored Contributor

тАО02-12-2004 01:38 AM

тАО02-12-2004 01:38 AM

Re: mount for non-root users

Unless user have a read/execute perms on dir where mount is, even doing chmod 777 is not going to help. You can set suid, but there is security risk involved.

Get sudo, then you can grant a user right to run particular command.
There is no substitute to HARDWORK
0 Kudos
Reply
Pete Randall
Outstanding Contributor

тАО02-12-2004 01:38 AM

тАО02-12-2004 01:38 AM

Re: mount for non-root users

Ron,

I'm not sure that setuid would even work. Really the only acceptable way is to use sudo

http://hpux.cs.utah.edu/hppd/hpux/Sysadmin/sudo-1.6.7p5/


Pete

Pete
0 Kudos
Reply
sahertianr
Occasional Contributor

тАО02-12-2004 01:40 AM

тАО02-12-2004 01:40 AM

Re: mount for non-root users

Thanks all,

And just for my understanding:
What is the security hole with SUID??

Cheers........
0 Kudos
Reply
Jeroen Peereboom
Honored Contributor

тАО02-12-2004 01:50 AM

тАО02-12-2004 01:50 AM

Re: mount for non-root users

Well,

I am not happy if every user can mount a filesystem as he/she wishes. If you make mount SUID, you cannot limit the mount requests to a specific device. Using sudo you can write script to (u)mount a specific device on a specific mount-point. That's acceptable.

By the way: is 'mount' the same file as 'umount' (a hard link)?

JP.
0 Kudos
Reply
sahertianr
Occasional Contributor

тАО02-12-2004 01:54 AM

тАО02-12-2004 01:54 AM

Re: mount for non-root users

No Jeroen, not a hard link...
0 Kudos
Reply
Jeroen Peereboom
Honored Contributor

тАО02-12-2004 01:56 AM

тАО02-12-2004 01:56 AM

Re: mount for non-root users

Ron,

in Linux one can put options in /etc/fstab.
Reading the replies it seems HP-UX doesn't support these options (like owner, user). Check the man pages.

Greetings from grey-ish Holland,

JP.
0 Kudos
Reply
Rory R Hammond
Trusted Contributor

тАО02-13-2004 03:39 AM

тАО02-13-2004 03:39 AM

Re: mount for non-root users

Our servers are in a Locked room.
Several thing that have worked for me.

1. Have the user FTP files to a temporary directory and install for the the temp. directory.

2. Put a samba share out for a temp directory. Have the user drag and drop the files from their PC to the temp directory.

Advantage is:
1. We have a large tmp directory called /usr/tmpi.(same perms a /tmp) We manage via cron by deleteing files that are more than 2 months old.
2. The user worries about permissions and access. I don't have to edit sudo adding and subtracting application users.
There are a 100 ways to do things and 97 of them are right
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.