-   Linux - Newbie (
-   -   filesystem permission problem (

bennett 10-08-2003 05:25 AM

filesystem permission problem

My redhat 9 mount my vfat hd at the boot time. But, I don't want other user see that hd or access to that driver except root or specific user.

I read the fstab man page. I couldn't find any info about that. Is there any one who can give me a hint or show me answer?

Thanx in advance.

JZL240I-U 10-08-2003 09:53 AM

Re: filesystem permission problem

Originally posted by bennett
... I read the fstab man page. I couldn't find any info about that.
Read again ;).

If you look at your /etc/fstab you will perhaps note some entry like

/dev/hdax /your/directory vfat rw,users 0 0

or some such. Now, users is (one of) the groups (of user types) -- for example root is another group or perhaps video or what ever.

The command groups shows to what groups you already belong.

newgrp <new group here> creates a new group. Create one with a name to your liking and change the line in /etc/fstab from the above "users" to "your new group name" (without the "'s).

Then you have to give the lucky few permission by adding them th the new group. And here I am not sure :( I think it is done with

addgrp <lucky user> your new group name

After rebooting this should work.

Also man groups / newgrp / addgrp. :)

aaa 10-08-2003 10:02 AM

You can specify the permissions for a vfat filesystem in fstab using the 'umask=<#>' option. If you wanted to give root and the group the drive belong's to rwx permissions, you can out 'umask=770' That way, users who are not in the right group won't be able to access it.

bennett 10-08-2003 03:28 PM

Hi ... thanx to the two experts above.

I slove my problem. This is how I slove it.
Redhat 9 mount my vfat hd by default( 755 ).

First, I add root to mygroup(gid=500). Then edit fstab like this:

/dev/hda7 /data vfat gid=500 0 0

This setting sets my vfat hd group as 500. But other user still can enter that /data folder since defualt is 755. So, I add umask

/dev/hda7 /data vfat gid=500,umask=007 0 0

I had test this setting, it works fine.
If the setting is unsecure, please let me know. :p

Thanx you guys help.


All times are GMT -5. The time now is 06:56 PM.