DaemonForums  

Go Back   DaemonForums > Miscellaneous > Guides

Guides All Guides and HOWTO's.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 23rd October 2008
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,150
Thanked 182 Times in 149 Posts
Default HOWTO: mounting an USB device as normal non-root user in OpenBSD

HOWTO: mounting an USB device as normal non-root user in OpenBSD
  • 1.1 Abstract
  • 1.2 Read the mount man page
  • 1.3 Determine the partition label
  • 1.4 Create the node or directory serving as mount point.
  • 1.5 Set sysctl ' kern.usermount' to '1'
  • 1.6 Get read and write permissions for the 'sd0' device
  • 1.7 Mount the disk as as normal non-root user
  • 1.8 User mounting example with mount point under '/mnt'

1.1 Abstract

How reading the OpenBSD mount man page can help us in mounting devices as normal user without superuser powers, or without using 'sudo'. An external USB hard drive is used as example.


1.2 Read the mount man page

Code:
SYNOPSIS
     mount [-Aadfruvw] [-t type]
     mount [-dfrsuvw] special | node
     mount [-dfruvw] [-o options] [-t type] special node

DESCRIPTION
     The mount command invokes a file system specific program to prepare and
     graft the special device or remote node (rhost:path) on to the file sys-
     tem tree at the point node.  If either special or node are not provided,
     the appropriate information is taken from the fstab(5) file.

     For disk partitions, the special device must correspond to a partition
     registered in the disklabel(5).

     The system maintains a list of currently mounted file systems.  If no ar-
     guments are given to mount, this list is printed.

     A mount point node must be an existing directory for a mount to succeed
     (except in the special case of /, of course).  Only the superuser may
     mount file systems unless kern.usermount is nonzero (see sysctl(8)), the
     special device is readable and writeable by the user attempting the
     mount, and the mount point node is owned by the user attempting the
     mount.
So in short the requirements for mounting are:
  • If ' special device' is a disk partition, it must have a label in supplied by the 'disklabel(5)' program.

  • A node is an existing directory.

  • Only if the sysctl kern.usermount is non-zero, a non-root user is allowed to mount.

  • The special device is readable and writeable by the the user attempting the mount.

  • The node, the directory used as mount point, must be readable and writeable by the the user attempting the mount.


1.3 Determine the partition label

After inserting an USB hard disk, we see the following in '/var/log/messages':

Code:
umass0 at uhub0 port 3 configuration 1 interface 0
umass0: Prolific Technology Inc. Mass Storage Device, rev 2.00/1.00, addr 2
umass0: using SCSI over Bulk-Only
scsibus1 at umass0: 2 targets
sd0 at scsibus1 targ 1 lun 0: <HTS42404, 0M9AT00, MA2O> SCSI0 0/direct fixed
sd0: 38154MB, 4864 cyl, 255 head, 63 sec, 512 bytes/sec, 78140160 sec total
The USB disk is treated as a SCSI device with the sd driver. We check what 'fdisk' and 'disklabel' have to say about 'sd0'.

Code:
$ fdisk sd0
Disk: sd0       geometry: 4864/255/63 [78140160 Sectors]
Offset: 0       Signature: 0xAA55
          Starting         Ending        LBA Info:
 #: id      C   H  S -      C   H  S [       start:        size ]
------------------------------------------------------------------------
*0: 0C      0   1  1 -   4863 254 63 [          63:    78140097 ] Win95 FAT32L
 1: 00      0   0  0 -      0   0  0 [           0:           0 ] unused      
 2: 00      0   0  0 -      0   0  0 [           0:           0 ] unused      
 3: 00      0   0  0 -      0   0  0 [           0:           0 ] unused 

$ disklabel sd0
disklabel: warning, DOS partition table with no valid OpenBSD partition
# /dev/rsd0c:
type: SCSI
disk: SCSI disk
label: 0M9AT00         
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 4864
total sectors: 78140160
rpm: 3600
interleave: 1
trackskew: 0
cylinderskew: 0
headswitch: 0           # microseconds
track-to-track seek: 0  # microseconds
drivedata: 0 

16 partitions:
#                size           offset  fstype [fsize bsize  cpg]
  c:         78140160                0  unused      0     0      
  i:         78140097               63   MSDOS
From this information we conclude that we have to use the 'sd0i' disklabel.

Code:
$ mount -t msdos /dev/sd0i node

1.4 Create the node or directory serving as mount point.

The simplest way is to create this directory in our home directory.

Code:
$ mkdir usb ; ls -ld usb
drwxr-xr-x  2 j65nko  j65nko  512 Oct 14 00:44 usb
We are the owner of the directory and thus have read and write permission.
Another possibility is to have 'root' create a subdirectory under '/mnt'. and give us read and write permissions of that subdirectory.
After creating the node 'usb' we have all parameters for the 'mount' command:

Code:
$ mount -t msdos /dev/sd0i usb 

1.5 Set sysctl ' kern.usermount' to '1'

Code:
$ sysctl -a | grep mount
kern.usermount=0
[snip]
The current value is '0'. To set it to 1

Code:
# sysctl kern.usermount=1

kern.usermount: 0 -> 1
This is a temporary measure, which will be lost on reboot. To have this enabled at boot time, edit the '/etc/sysctl.conf' file and add a line like this:

Code:
kern.usermount=1	# allow non-root users to mount devices.

1.6 Get read and write permissions for the 'sd0' device

We have a look at the 'sd0i' device:

Code:
$ ls -l /dev/sd0i
brw-r-----  1 root  operator    4,   8 Sep  5  2007 /dev/sd0i
The easiest way is to join the 'operator' group and to give this group write permissions for 'sd0'.

We check this group:

Code:
# grep operator /etc/group
operator:*:5:root
We add ourselves to the 'operator' group and for a change, check our membership with 'groupinfo' instead of 'grep'.

Code:
# usermod -G operator j65nko 
# groupinfo operator
name    operator
passwd  *
gid     5
members root j65nko
We are added to the 'operator' group.

As a beneficial side-effect, we also can 'shutdown' our computer as normal user.

Code:
$ ls -l $(which shutdown)

-r-sr-x---  1 root  operator  192368 Aug 28  2007 /sbin/shutdown
Give the group read and write permissions:

Code:
$ sudo chmod g=rw /dev/sd0*
$ ls -l /dev/sd0*

brw-rw----  1 root  operator    4,   0 Sep  5  2007 /dev/sd0a
brw-rw----  1 root  operator    4,   1 Sep  5  2007 /dev/sd0b
brw-rw----  1 root  operator    4,   2 Sep  5  2007 /dev/sd0c
brw-rw----  1 root  operator    4,   3 Sep  5  2007 /dev/sd0d
brw-rw----  1 root  operator    4,   4 Sep  5  2007 /dev/sd0e
brw-rw----  1 root  operator    4,   5 Sep  5  2007 /dev/sd0f
brw-rw----  1 root  operator    4,   6 Sep  5  2007 /dev/sd0g
brw-rw----  1 root  operator    4,   7 Sep  5  2007 /dev/sd0h
brw-rw----  1 root  operator    4,   8 Sep  5  2007 /dev/sd0i
brw-rw----  1 root  operator    4,   9 Sep  5  2007 /dev/sd0j
brw-rw----  1 root  operator    4,  10 Sep  5  2007 /dev/sd0k
brw-rw----  1 root  operator    4,  11 Sep  5  2007 /dev/sd0l
brw-rw----  1 root  operator    4,  12 Sep  5  2007 /dev/sd0m
brw-rw----  1 root  operator    4,  13 Sep  5  2007 /dev/sd0n
brw-rw----  1 root  operator    4,  14 Sep  5  2007 /dev/sd0o
brw-rw----  1 root  operator    4,  15 Sep  5  2007 /dev/sd0p
Now members of the 'operator' group can read as well write to all labels of a 'sd0' device.


1.7 Mount the disk as as normal non-root user

Code:
$ mount /dev/sd0i usb
$ mount

/dev/wd0a on / type ffs (local, noatime, softdep)
/dev/sd0i on /home/j65nko/usb type msdos (local, nodev, nosuid, uid=1000, gid=1000)
You see that the OpenBSD 'mount' can infer the fileystem type from the disklabel. So we can omit the '-t msdos' option.

A peek inside:

Code:
$ ls -l usb
drwxr-xr-x  1 j65nko  j65nko      32768 Oct 14 00:46 7.1
drwxr-xr-x  1 j65nko  j65nko      32768 Sep  3  2007 AMD64
-rwxr-xr-x  1 j65nko  j65nko         70 Sep  7 09:05 MD5
drwxr-xr-x  1 j65nko  j65nko      32768 Nov  2  2006 bup
-rwxr-xr-x  1 j65nko  j65nko       4788 Aug 20  2007 dmesg.amd64
-rwxr-xr-x  1 j65nko  j65nko  362014720 Sep  7 09:04 hercules-j65nko-homedir.dump
drwxr-xr-x  1 j65nko  j65nko      32768 Sep  8  2007 snap
-rwxr-xr-x  1 j65nko  j65nko     914180 Sep  2 23:43 vmstat-html.xwd
-rwxr-xr-x  1 j65nko  j65nko     673705 Sep  2 23:43 vmstat-xml.xwd
-rwxr-xr-x  1 j65nko  j65nko      33718 Sep 23 22:48 yaconrep.tgz
Mission accomplished. We can do sudo-less mounts.


1.8 User mounting example with mount point under '/mnt'

The following transcript shows how to mount the OpenBSD root partition 'a' residing on the second hard disk 'wd1'.

Code:
# mkdir /mnt/j65nko && chown j65nko /mnt/j65nko
# ls -ld /mnt/j65nko/
drwxr-xr-x  2 j65nko  wheel  512 Oct 22 22:30 /mnt/j65nko/
# exit

$ mount -o ro /dev/wd1a /mnt/j65nko
$ mount

/dev/wd0a on / type ffs (local, noatime, softdep)
/dev/wd1a on /mnt/j65nko type ffs (local, nodev, nosuid, read-only)

$ cd /mnt/j65nko/
$ ls -l

drwxr-xr-x   2 root  wheel      512 Oct 20 21:09 altroot
drwxr-xr-x   2 root  wheel     1024 Oct 20 21:13 bin
-r-xr-xr-x   1 root  wheel    42388 Oct 22 03:20 boot
-rw-r--r--   1 root  wheel  7361204 Oct 22 03:19 bsd
-rw-r--r--   1 root  wheel  7475098 Oct 22 03:19 bsd.mp
-rw-r--r--   1 root  wheel  6354960 Oct 22 03:19 bsd.rd
drwxr-xr-x   3 root  wheel    20992 Oct 22 19:23 dev
drwxr-xr-x  20 root  wheel     2048 Oct 22 19:23 etc
drwxr-xr-x   3 root  wheel      512 Oct 22 14:09 home
drwxr-xr-x   2 root  wheel      512 Oct 20 21:09 mnt
drwx------   2 root  wheel      512 Oct 22 14:20 root
drwxr-xr-x   2 root  wheel     1536 Oct 20 21:14 sbin
drwxr-xr-x   2 root  wheel      512 Oct 20 21:09 stand
lrwxr-xr-x   1 root  wheel       11 Oct 22 03:19 sys -> usr/src/sys
drwxrwxrwt   4 root  wheel      512 Oct 22 19:23 tmp
drwxr-xr-x  17 root  wheel      512 Oct 17 20:09 usr
drwxr-xr-x  23 root  wheel      512 Oct 17 20:09 var
One of the reasons for opting for the read-only mount option:

Code:
$ ls -l /dev/wd1a
brw-r-----  1 root  operator    0,  16 Sep  5  2007 /dev/wd1a
You understand?

$Id: USBusermounting.xml,v 1.3 2008/10/23 00:23:08 j65nko Exp $
$Id: vbul-html.xsl,v 1.14 2008/09/12 03:44:16 j65nko Exp $
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mounting USB as a normal user rex FreeBSD General 23 5th March 2012 01:52 PM
How to Run K3B with normal user openBSD 4.4 mfaridi OpenBSD General 6 12th November 2008 10:25 PM
Wireshark not run in normal user mfaridi FreeBSD Ports and Packages 2 7th November 2008 09:49 PM
Mounting samba share as normal user rex FreeBSD General 4 27th October 2008 05:17 PM
command launched by normal user... maurobottone OpenBSD General 4 1st June 2008 03:45 AM


All times are GMT. The time now is 10:07 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick