users can't execute certain setuid commands
Hello,
I'm running CentOS 6.5 with 3.10.32-11.el6.centos.alt.x86_64 kernel.
I have the usual /etc/fstab set up to allow users to mount USB memory sticks, DVDs etc. However, sometimes I'd like to mount a device using
a different file system than that specified in /etc/fstab and I noticed that even though /bin/mount is setuid, normal users can't do
'mount -t': I get a message saying "mount: only root can do that".
Why is that, and is there anything else I can do to allow users to do
'mount -t'? I thought the whole point of setuid is that whoever executes the command does so as root?
Similarly, in new versions of linux, normal users can no longer execute ifup and ifdown, even though the relevant ifcfg- file has the line
USERCTL=yes
(There is no error message - when a user tries to execute ifup, it
just does nothing until CTL-C is pressed.) Changing the permissions
of ifup/ifdown to setuid has no effect. Again, why is that?
Of course, I know I can use 'sudo', but setuid for certain commands
seems to be a less cumbersome solution, and what is the point of setuid if normal users still can't execute those commands?
Thanks in advance for any help.
Terence
|