Mounting removable drives without root privilege
| Line 7: | Line 7: | ||
For my personal computer, I gave myself full sudo privileges and added an alias to my shell config allowing me to quickly "dock" my usb drive in my home directory: | For my personal computer, I gave myself full sudo privileges and added an alias to my shell config allowing me to quickly "dock" my usb drive in my home directory: | ||
| − | alias dock="sudo mount /home/blaise/dock" | + | alias dock="sudo mount /home/blaise/dock" |
| − | alias udock="sudo umount /home/blaise/dock" | + | alias udock="sudo umount /home/blaise/dock" |
It is worth noting, however, that giving unrestricted NOPASSWD sudo privileges to a user is an egregious security violation, as it makes it possible to compromise the system at a root level with only a single account and password. | It is worth noting, however, that giving unrestricted NOPASSWD sudo privileges to a user is an egregious security violation, as it makes it possible to compromise the system at a root level with only a single account and password. | ||
[[Category:Common Tasks]] [[Category:FreeBSD for Workstations]] | [[Category:Common Tasks]] [[Category:FreeBSD for Workstations]] | ||
Revision as of 17:04, 2 March 2006
Removable drives can be mounted by root onto any directory. Generally, they should not be automounted at startup because they are not always connected.
For information on mounting a usb stick see USB storage. To enable users (non-root) to mount/unmount a removable drive, see [http://www.caia.swin.edu.au/reports/041130A/].
If you don't want to allow non-root users unfettered access to mount and unmount drives, you might also consider writing a shell script which specifically mounts or dismounts only the drive you're concerned with, and then use sudo to allow users the privilege of running that script as root. If you do it this way, be CERTAIN that the script is owned by root and chmod 755, so that noone can edit themselves some "extra" things into the script before running it as root.
For my personal computer, I gave myself full sudo privileges and added an alias to my shell config allowing me to quickly "dock" my usb drive in my home directory:
alias dock="sudo mount /home/blaise/dock" alias udock="sudo umount /home/blaise/dock"
It is worth noting, however, that giving unrestricted NOPASSWD sudo privileges to a user is an egregious security violation, as it makes it possible to compromise the system at a root level with only a single account and password.
