LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-14-2008, 02:59 PM   #1
jo4
LQ Newbie
 
Registered: Sep 2007
Location: Norway
Distribution: Gentoo, Debian
Posts: 24

Rep: Reputation: 15
mount loop for users


Gentoo server with samba and lots of shares. some images though, and i apparently have to be root if i wanna mount them no matter what the permissions are set to. how can i bypass this lock? atleast for the things that require -o loop
 
Old 01-14-2008, 03:15 PM   #2
b0uncer
LQ Guru
 
Registered: Aug 2003
Distribution: CentOS, OS X
Posts: 5,131

Rep: Reputation: Disabled
Granting passwordless sudo to "mount -o loop imagename" could do perhaps..though you do want to check out the possible security issues of that, I haven't thought about them. You're better off if you can come up with something group-permissions related, for example.
 
Old 01-14-2008, 03:22 PM   #3
jo4
LQ Newbie
 
Registered: Sep 2007
Location: Norway
Distribution: Gentoo, Debian
Posts: 24

Original Poster
Rep: Reputation: 15
well, if someone use a windows with daemon tools, it's no problem. but mount insists on being root. damnit!

how can i grant passwd free access to "sudo mount -o loop"?

sounds a bit scary. i don't like the idea that the idiots on my network can sudo anything frankly
 
Old 01-14-2008, 03:50 PM   #4
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671
Are you trying to mount the image locally or remotely. If locally, you could create an entry in /etc/fstab similar to:
/home/jschiwal/testimage.img /home/jschiwal/test ext3 loop,defaults,users,rw 0 0

This will allow me to mount it with the command: "mount testimage.img" or "mount test".
It is the "users" command that does the trick. You can control who can mount it by controlling who can read it.

If it is an ext3 or other native linux image, you can use chown and chmod on the mounted mount point to change the permissions on the mounted filesystem. Another user will be able to mount it with the "user" or "users" option if the image were in /tmp/ for example and, for example, it was mounted on /tmp/test, but they wouldn't be able to enter the directory if you used:
sudo chown <yourusername> /tmp/test
chmod go-rwx

If the mount point in /etc/fstab can't be reached by another user, they won't be able to mount it.

For some filesystems, you can't use chmod. You can explicitly control the user with a boot option. Look in "man mount" for the options for particular filesystems.

----
ps. I forgot about the "noauto" option which would defer mounting during boot up. That is an option you might want to use.

Last edited by jschiwal; 01-14-2008 at 03:57 PM.
 
Old 01-14-2008, 04:20 PM   #5
jo4
LQ Newbie
 
Registered: Sep 2007
Location: Norway
Distribution: Gentoo, Debian
Posts: 24

Original Poster
Rep: Reputation: 15
i should have specified more on the current setup.

bad user is mapped to nobody and nobody is member of smbshare which is the group of all the current samba shares. smbshare has r and x access to the files

i cannot use the fstab option, but thanks for the effort put into the post ;D

the shares that currently hold image files are updated pretty often and it's not like i do mount -a or reboot often.
 
Old 01-15-2008, 08:56 AM   #6
jo4
LQ Newbie
 
Registered: Sep 2007
Location: Norway
Distribution: Gentoo, Debian
Posts: 24

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by b0uncer View Post
Granting passwordless sudo to "mount -o loop imagename" could do perhaps..though you do want to check out the possible security issues of that
how can i do that?
 
Old 01-15-2008, 11:23 PM   #7
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671
You edit the /etc/sudoers file using the "visudo" program. The file has a commented line with an example for mounting a cdrom. You can base your entry on that one. If you are on a remote location, you will need to ssh into it before you mount the image. I don't know how well it would work to mount an image that is accessed on a samba share.

One other option is to include /etc/fstab entries on the server and mount them on the server. You could offer the directory used as the mount point as a samba share. It would be as if you were sharing the cdrom itself, only it's just an image. I keep my install dvd image on my laptop.

There is an /etc/fstab entry for it:
/suse/openSUSE-10.3-GM-DVD-x86_64.iso /suse/suse iso9660 ro,loop,defaults 0 0

I have this offered as a guest share:
Code:
[openSUSE103]
        path = /suse
        guest ok = Yes
This share could be used as an installation source on any other OpenSuSE10.3 64 bit distro on the lan, meaning that a disc isn't necessary if I want to install another package for my desktop.

Being an iso9660 image, it is a readonly filesystem so it isn't possible to change its contents. If the directory on the server share contains just images, you could offer the mount points as services instead of the images themselves.

Doing this, you would need to mount them manually the first time, but afterwards they would be mounted if you rebooted and you wouldn't have to bother. From another computer on the LAN, you would just need to browse the service to access the contents of the image you wanted.

Last edited by jschiwal; 01-15-2008 at 11:35 PM.
 
Old 01-16-2008, 10:03 AM   #8
jo4
LQ Newbie
 
Registered: Sep 2007
Location: Norway
Distribution: Gentoo, Debian
Posts: 24

Original Poster
Rep: Reputation: 15
thanks for the post. but the fstab solution has a big problem for me. that is that i will have to update fstab manually or with a script whenever i put on new files or delete files. and then do mount -a

edit: it works with two images, but not when there's 500 of them

Last edited by jo4; 01-16-2008 at 03:23 PM.
 
Old 01-17-2008, 06:42 AM   #9
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671Reputation: 671
Mounting an iso9660 image existing on a samba share locally will work. I don't know if that would be the best solution however. Doing it this way, root or sudo access could be limited to the users machine rather than the server.

I just tried it out to make sure.

I'm at my laptop and opened my home directory on the desktop.
On the desktop is an iso CD image file: openSUSE-10.3-GM-Addon-NonOss-BiArch.iso
Code:
sudo mount -t iso9660 /mnt/samba/openSUSE-10.3-GM-Addon-NonOss-BiArch.iso testdir/ -o loop,uid=jschiwal,gid=jschiwal
jschiwal@hpamd64:~> ls testdir
ARCHIVES.gz  GPLv3.txt   SuSEgo.ico ...
I am a member of the wheel group on the laptop, however I could have had an /etc/sudoers line like:
%users ALL=/sbin/mount -t iso9660 -o loop NOPASSWD:
I haven't tested this. It should allow running the mount command as a normal user without a password. I haven't tested if it would enforce only mounting with these particular options to prevent abuse. Since, like you said you have something like 500 image files on the share, an entry like:
%users ALL=/sbin/mount -t iso9660 -o loop /mnt/image1.iso /mnt/image1 NOPASSWD:
wouldn't be practical.

On some systems like Fedora Core, sudo is configured so that the user enters their own password. This allows using sudo without needing to share the root password.

Check in the documentation how your systems support sudo and the %wheel group and be sure to test it.

Last edited by jschiwal; 01-17-2008 at 08:11 AM.
 
  


Reply

Tags
samba mount permission


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
nfs export and loop mount problem thomasd Linux - Networking 9 06-01-2010 02:47 PM
Cedega and mount -o loop soulxcavtor Linux - Software 3 05-24-2006 03:02 AM
can't mount iso 'could not find any loop device' dethree Slackware 1 06-23-2005 02:14 AM
Loop-mount image of harddrive addy86 Linux - General 6 06-14-2005 07:06 AM
can't mount cdrom (after mounting .iso once, using -o loop) cmbguy Linux - Newbie 4 03-21-2005 12:25 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 10:11 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration