How to access loop-aes mounted vfat filesystem as non-root user - help required!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

My apologies if this is an overly naive question.
I've found little help on this via google or in the
loop-aes README or similar places and I've looked
hard.

I have been writing some scripts for myself to
simplify creating & mounting loop-aes (aes256) loop
devices.

Please tell me if the following observations are
correct:

1. Loop devices must be mounted as root (using the
builtin loop-handling features of mount).

2. There's no need to write anything to /etc/fstab. If
the loop device is formatted with ext2, you can chown
& chmod the mount point directory after mounting to
provide a non-root user(s) with access to that
directory.

3. BUT trying to chown & chmod a mount point directory
for a loop device that was formatted with vfat results
in a "operation not allowed" error and it can't be
done. Writing anything to /etc/fstab makes no
difference. So ENCRYPTED LOOP DEVICES THAT HAVE BEEN
FORMATTED WITH VFAT, MSDOS ETC CAN ONLY BE ACCESSED AS
ROOT.

Is this correct or not?

The only thing I could find was from a web-board
posting concerning something similar with dm-crypt.
One poster said that THE FAT PERMISSIONS OPTIONS FOR
`MOUNT` (see MAN MOUNT) DO NOT WORK AT ALL FOR
LOOPBACK DEVICES, so these can't be used to solve
this.

Since vfat etc have no memory for permissions, they
inherit root permissions from mount running as root,
and if you attempt to change these permissions these
cannot be 'remembered'. Someone said that IT WAS
POSSIBLE TO CHANGE PERMISSIONS SO THAT EXISTING FILES
IN THE MOUNT PONT DIRECTORY COULD BE ACCESSED BY A
NON-ROOT USER, BUT ANY NEW FILES WOULD ONLY BE
ACCESSIBLE AS ROOT. I haven't been able to achieve
this.

HOW DO YOU DO THIS?

I'd really appreciate a crystal-clear walk-through of
the above issues and I'm sure other newbies might too.

Many thanks in advance.






__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

-
Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/
[Index of Archives]     [Kernel]     [Linux Crypto]     [Gnu Crypto]     [Gnu Classpath]     [Netfilter]     [Bugtraq]
  Powered by Linux