|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
Doas.conf question
I am trying to set up my desktop with OpenBSD 6.4 to easily allow a user (myself) to mount and umount usb sticks.
So far I have been unable to mount or unmount as a user. This is what I have in my /etc/doas.conf file: permit nopass staus as root cmd /sbin/mount permit nopass staus as root cmd /sbin/umount doas -C /etc/doas.conf exits without error, I think. If I run doas -C /etc/doas.conf mount, I will get deny. (I also cannot mount the usb stick to my home directory, if I run doas mount /dev/sd2i <my dir>. I have all the latest syspatches installed. Any ideas. It is driving me nuts going through man pages and internet searches. |
|
|||
|
|
|||
Does this mean that 6.4 does not support user mounting?
If so, the man pages are woefully out of date. I don't mind switching to root to mount a memory stick, but I was hoping to make it more convenient. Thanks for the information. |
|
|||
When want to mount drive or usb using doas, I copy the doas.conf file in the /etc/examples directory up to the /etc directory.
Then I mount with:: doas mount /dev/sd1i /mnt Where: 1 is drive number i is partition letter And unmount with: doas umount /mnt If it gets annoying typing your user password every time, you can add 'persist' to the 'permit' command like so: permit persist keepenv :wheel |
|
|||
I am _pretty sure_ that when you use the nopass option with the full path specified, it requires that you use the exact string (i.e. the full path) in the config file.
So with your current config ... Code:
doas /sbin/mount /some/device /some/directory If you change the config file to just "mount" and "umount" I think that it will work like you expect it to, BUT that could be less secure, I remember reading somewhere in the man pages (can't find it now) that anyone could make a script called "mount" or "unmount" and run it with the nopass option, if your doas.conf is configured without the full path to the executable. Last edited by vns3; 5th November 2018 at 12:13 AM. |
|
|||
Thanks to all for your inputs. I created a usermount group. doas now works fairly well with my blackbox menu. No password required to mount dvds or usb memory sticks.
I'm very impressed with 6.4. So far it works well on my laptops and desktop. I may give up on Slackware eventually. |
|
||||
https://https.www.google.com.tedunan...t/doas-mastery 2 years old by now, and I'm late to the party, but I always find this one useful. (As most folks know, the persist option doesn't work on FreeSBD.
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Restrict doas.conf to syspatch only | bsd007 | OpenBSD Security | 19 | 19th October 2018 01:05 AM |
httpd rc.conf.local question | psypro | OpenBSD General | 3 | 30th October 2016 05:54 PM |
N00b question - /etc/man.conf | bceverly | OpenBSD Packages and Ports | 2 | 16th June 2015 05:28 PM |
dhcpd.conf question | bsdsource | OpenBSD General | 4 | 11th May 2014 05:30 AM |
pf.conf label question | toro7 | OpenBSD Security | 9 | 5th January 2012 08:56 PM |