Re: User unable to umount
On Thu, 2013-05-30 at 10:59 +0200, Erwan David wrote:
> On Thu, May 30, 2013 at 10:50:37AM CEST, Ralf Mardorf <ralf.mardorf@alice-dsl.net> said:
> > On Thu, 2013-05-30 at 09:05 +0200, Erwan David wrote:
> > > Hi have following line in my /etc/fstab
> > > //server/dir /mnt/dir cifs defaults,user,noauto,sec=krb5 0 0
> > >
> > > mounting works flawlessly, unsing the ticket obtained through pam_krb5 at login.
> > >
> > > However
> > >
> > > umount /mnt/it leads to :
> > >
> > > umount: only root can unmount //server/dir from /mnt/dir
> > >
> > > There is no point to allowing user to mount but forbiding them yo umount the directory they mounted.
> > >
> > > DO someone have an idea on this problem, or should I report a bug against umount ?
> >
> > You can use tools to mount and unmount as user, e.g. gvfs, something
> > that I've got removed from my Linux. What's edited in fstab isn't
> > mounted by the user. A regular mount and umount can only be done by
> > root.
>
> That's what the user option in fstab is for. The fact here is to allow
> cifs authentication using kerberos credentials, thus the mount must be
> done by the user.
>
> And it works well, except for unmounting...
I don't know this tool, but note, this tool seems to mount on a very low
system level, while gvfs is a tool used with GUI file browsers.
You shouldn't be allowed to simply unmount something on a low system
level, when you're running a multi-user OS.
I don't know what kind of security rules gvfs and what kind of rules
this thingy here does use, but I suspect it's not that easy just to
check, if a mounted dir is in use. Once it's mounted and a user has
permission, e.g. by a group, to mount and use mounted dirs, then it
could be, that a user planed to start a script in some minutes, that
does need the mounted dir, so it wouldn't be ok, if another user is
allowed to unmount this dir.
Reply to: