Download your favorite Linux distribution at LQ ISO.
Go Back > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Slackware This Forum is for the discussion of Slackware Linux.


  Search this Thread
Old 06-24-2008, 10:37 PM   #1
LQ Newbie
Registered: Jun 2008
Posts: 7

Rep: Reputation: 1
Forcing noexec as a HAL mount option


YAHI (yet another HAL issue) I'm afraid. Does anybody know if
it's possible to force mount options on devices using HAL?
Specifically, I want to force the noexec option on removable media
mounted by HAL. This is a slack 12.0 issue. I haven't tried it
on 12.1, yet.

I've tried variations of this:

cat /etc/hal/fdi/policy/10-removable.fdi

<?xml version="1.0" encoding="UTF-8"?>
<deviceinfo version="0.2">
   <match key="block.is_volume" bool="true">
       <match key="@block.storage_device:storage.hotpluggable" bool="true">
         <append key="volume.mount.additional_options" type="strlist">noexec</append>
       <match key="@block.storage_device:storage.removable" bool="true">
         <append key="volume.mount.additional_options" type="strlist">noexec</append>
With combinations of these things:


I've also tried the deprecated volume.policy.mount_option.noexec
option, but that's completely fruitless, too.

The keys all get added to the devices in question, but get ignored
by hal-storage-mount.

As yet, the only way I've managed to force this is by changing
line 70 of hal-storage-mount.c from

#define MOUNT_OPTIONS "nosuid,nodev"


#define MOUNT_OPTIONS "noexec,nosuid,nodev"

Is there a better way (without mucking about with KDE)?


a) Have I understood it correctly that HAL is designed
specifically only to provide a list of valid mount options to some
user proggy like a KDE app? Can any user proggy - given that
it's authorised via a group (eg plugdev) membership to speak to
HAL via the message bus - decide what options to use or NOT to
use and request hald, a root process, to do its bidding?

b) Is it true that whilst HAL provides for a list of allowed mount
options (volume.mount.valid_options), it provides no way of
enforcing important options like nosuid, nodev and noexec (BY
DESIGN)? Is it true that it is up to the discretion of a user
proggy what it uses and doesn't use to mount? So if
hal-storage-mount.c did not define nosuid at line 70, then there
would be no method available in HAL's complex xml config files of
stopping users mounting their disks, and gaining root privs.

c) Does this demonstrate something very broken in HAL's design?
If not, what am I missing?


Old 06-25-2008, 06:54 PM   #2
Senior Member
Registered: Sep 2005
Distribution: Slackware
Posts: 1,442

Rep: Reputation: 71
I think what you really want is a custom udev rule.
Old 06-26-2008, 02:42 PM   #3
LQ Newbie
Registered: Jun 2008
Posts: 7

Original Poster
Rep: Reputation: 1

Thanks for getting back to me. I guess there are many
ways of auto-mounting, and imposing policies. I really
was posting to see if I was wrong regarding
one's inability to impose system mount policies in HAL
without resorting to patching the hal-storage-mount.c. I'm
still unsure if I'm right or wrong.

I think they (or David Zeuthen) removed volume.policy.mount_option
because people were putting stuff in there that they should have
been devolved to the user proggy, an that broke their/his vision, and
the cleanness of the idea. For me, it makes HAL less of a system.

Thanks, anyway, for getting back to me.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
DVD (auto)mount problem, gnome-mount, hal, Fedora C 5 lazarion Linux - Hardware 5 01-10-2007 05:45 AM
hal auto mount classic Linux - General 9 09-18-2006 04:19 AM
hal auto mount classic Linux From Scratch 2 09-06-2006 02:44 PM
can mount C not D FAT: invalid media value (0x45) mount: wrong fs type, bad option Emmanuel_uk Linux - Newbie 10 11-29-2005 03:47 AM
strange problem with smb mount -> noexec ? poison Slackware 2 01-06-2004 03:48 AM > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 01:52 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration