i'd like to do this before any user actually logs in.

i'm using fedora 7.
i can edit /etc/fstab
but i'm not sure what exactly to put yet. i have some idea, but...

here is my fdisk -l output:
/dev/sda1 1 653 5245191 82 Linux swap / Solaris
/dev/sda2 654 60801 483138810 5 Extended
/dev/sda5 654 1306 5245191 b W95 FAT32
/dev/sda6 * 1307 7833 52428096 83 Linux
/dev/sda7 7834 27414 157284351 83 Linux
/dev/sda8 27415 40468 104856223+ 83 Linux
/dev/sda9 40469 48301 62918541 83 Linux
/dev/sda10 48302 51565 26218048+ b W95 FAT32

all linux partitions are ext3
i'm only trying to mount the ext3 ones on startup. (sda 7 through 9)

i want to have the ext3 partitions only accessible to one user (except for the sda6, that's where my sys is installed)

i don't want any other normal user to write and possibly even read what's on those partitions too.

i've been having trouble setting this up for weeks because i can't figure out the correct syntax, or i have and i don't understand why i can't or shouldn't set it up the way i wanted to (the way i know how)

basically, i've learned you can't use uid or gid options for ext3.
they work great for vfat, and i don't have any prob manually mounting them after login using a console.
i don't even know for sure how to mount the vfat's on startup but i don't have much need to.. this whole lack of knowledge is preventing me from doing that too if it ever comes up.

many times i've read the mount --help, the info, the manual, and for fstab too.
i also have questions about mount options like dev or nodev, i don't have a clue what the option descriptions mean... it's like they're not written for linux noobs... where as some of the options are.

but anyway. after searching google and other forums and things, i've sen a few things that say it's not wise to set ownership to a partition. i don't have any clue as to why or why not it would be.

and also, i can manually mount ext3 once im at the desktop and use a console, and then use chown to change the user and group.. but having to do this every time i log in is starting to be a pain.
i'm hoping that i can just use fstab to mount them and already have my ownership set and ready to just read/write/etc to it without having to do many extra steps.

uid and gid mount options don't exist becuase you don't need them. you use options like that with vfat because compared to ext3, vfat is a seriously stupid filesystem. ext3 is a POSIX compliant system, i.e a unix file system, which can hold a uid and gid and associated attributes on a per file basis.

once a posix filesystem is mounted, be it a disk, an NFS file system etc... what it actually is is totally irrelevant. THe fact that it is a dedicated partition is of no interest whatsoever. you just change the permissions of each directory / file as you see fit. in your case i guess you just want to chown a directory and it's contents (if there are contents) so "chown -R thatuser:thatgroup /var/share/data" for example.

well, then how do i prevent other users from being able to access those partitions?
is that done by them not knowing the root password and setting up their own stuffs? since i guess by default, they have none to begin with except maybe a home directory... which is good
i just don't want other users to store -anything- on the other partitions at all.


also... if i set the top level folder to forbid "looking" into it by other users, does that also apply to sub folders? or is that particular folder not see'able only?

is it possible to have a directory structure such as /a/b/c/d/
and be set folder c to be hidden to everybody else somehow?
possibly do a mount so that folder d is seen in folder b, so as to put it like /a/b/d/ and so on..?

would like it to be hidden from other users, not just forbidden to see contents... since folder names would give away what's inside anyway.


also fstab's automount stuff isn't working as expected o.O

i have the options async,rw,exec,auto,dev,user,suid
but when use a console and check mount it reports back that they're all set to rw,noexec,nodev
...what's the deal with that? lol
------
saw on a bug board somewhere that to fix the exec/noexec problem.. to place the option 'user' before 'noexec'
after doing this, the only thing that mount reports now is the option rw lol so what happend to all the other ones? are they there and i just can't see them? i cna't find a way to show all the options stuck into it all x.X
is this another bug? lol

A "chmod 770 top-level-directory" will only permit the owner and those in the group to access the directory. If all you want is for the user to access the directory, then use 700 as the permission.

The same chmod advice applies to any directory, at any level. Generally when user accounts are created, the home directory of the user is set to 700, however on more liberal systems it is set to 740 or 744.

as above, note that the partition and the files / directories on it have nothing in common in terms of the way they are managed. mount the partition and then forget completely that it's on a sepreate drive or whatever. draw a line, and change your question to "how do i stop someone accessing a directory" and nothing else. and to answer that, as above, it's chmod to change permissions and chown to change ownership.

i think i got it... im having trouble comprehending it.. but i believe it to be because im so used to windows and how they manage files and partitions.
i understand it i think, but i have to think in order to understand it.. lol if i just let my autopilot think for me, it will try to translate what i see to what i used to know >.>


anyway.. i went and found a neat tutorial about chmod on the web : http://catcode.com/teachmod/index.html

i believe i can fiddle around with the files and folders now to get to where i want things to be for my my machine.

i still have some questions as to why mount is doing what it's doing though :S ( the ones from above )

yeah there's a definite paradigm shift, but the unix side really does make a lot more sense... i'd guessed you'd never questioned what on earth a "C:" drive is... wtf is C: ??? (and so it goes on...)