Re: Mounting EFI partition: default to `uid=0,gid=0`

To: steve@einval.com
Cc: pascal@plouf.fr.eu.org, debian-boot@lists.debian.org
Subject: Re: Mounting EFI partition: default to `uid=0,gid=0`
From: Danny van Heumen <danny@dannyvanheumen.nl>
Date: Tue, 21 Nov 2023 19:20:31 +0000
Message-id: <[🔎] CQosUVlRVPsdz75KYrX57xN963vAFdyIdH-19foMZe7QL4_8CWVrStwIDgGsLvgC3hAjTMmCz5VQHgtbkxaaaA4UCViiVboH9ClRavRJwRE=@dannyvanheumen.nl>
In-reply-to: <[🔎] 20231121155952.GZ2875529@tack.einval.com>
References: <[🔎] QxwVxam_SZKxS-RI2A0KBtWoR8cXz4HD7YMiLHamhwLV9zVR0X9fgOkFcEyTAFLfyg9rMYKLqPHapzc6O4iJduosNNLnOLDODyhMCUHxSGs=@dannyvanheumen.nl> <[🔎] fec9a69d-850d-46df-8fe4-6ed6d081f9d1@plouf.fr.eu.org> <[🔎] KQ8fZxR6mI65VgzELlalRH9ZLW5ESYm3zXNBumczil89ia3xkzEOosuHoyW893eP7rRFIPnr09r4VYM-IAZbXx3dzHy6KlX3lNC-YsdkVCk=@dannyvanheumen.nl> <[🔎] zRcjN266gH1yCNQ80Z-lAT2uS-Fg-tg471WwHvCXV6tVopEEdYr7F31gj0W5lVj7eRBbSq_Z80_ohnTGBr1hMcRs3kKkQZmBl5Uc1sHYRjs=@dannyvanheumen.nl> <[🔎] 20231121155952.GZ2875529@tack.einval.com>

Hi, see in-line.

-------- Original Message --------
On Nov 21, 2023, 4:59 PM, Steve McIntyre < steve@einval.com> wrote:
On Tue, Nov 21, 2023 at 03:16:42PM +0000, Danny van Heumen wrote: >Hi, > >AFAICT, there was no follow-up to this. Does this mean that it is >preferred that ownership is determined solely by the user who mounts >the EFI partition? In normal use, the EFI partition isn't mounted by a user. What are you trying to solve here?

I wanted to make the partition user-mountable such that I can mount it before upgrading packages. The partition would not be mounted by default. (`noauto,users`) Then I found out that it defaults to ownership of mounting users, which is not good.

As I mentioned previously, I would argue that the ESP should always mount with owner 0, even if my use case/experiment itself is an outlier. I spotted my mistake, but was surprised by how owner is chosen (in such a case).

Yes, even when using sudo this shouldn't be a problem, however the behavior does deviate from other filesystems which have their own permission bits therefore have "protection" (maybe a strong word) against this situation.

-- Steve McIntyre, Cambridge, UK. steve@einval.com < Aardvark> I dislike C++ to start with. C++11 just seems to be handing rope-creating factories for users to hang multiple instances of themselves.

Reply to:

Follow-Ups:
- Re: Mounting EFI partition: default to `uid=0,gid=0`
  - From: Steve McIntyre <steve@einval.com>

References:
- Mounting EFI partition: default to `uid=0,gid=0`
  - From: Danny van Heumen <danny@dannyvanheumen.nl>
- Re: Mounting EFI partition: default to `uid=0,gid=0`
  - From: Pascal Hambourg <pascal@plouf.fr.eu.org>
- Re: Mounting EFI partition: default to `uid=0,gid=0`
  - From: Danny van Heumen <danny@dannyvanheumen.nl>
- Re: Mounting EFI partition: default to `uid=0,gid=0`
  - From: Danny van Heumen <danny@dannyvanheumen.nl>
- Re: Mounting EFI partition: default to `uid=0,gid=0`
  - From: Steve McIntyre <steve@einval.com>

Prev by Date: Re: Mounting EFI partition: default to `uid=0,gid=0`
Next by Date: Re: Mounting EFI partition: default to `uid=0,gid=0`
Previous by thread: Re: Mounting EFI partition: default to `uid=0,gid=0`
Next by thread: Re: Mounting EFI partition: default to `uid=0,gid=0`
Index(es):
- Date
- Thread