Re: /media -> /run/media???

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This issue came up recently for me.

I asked this on superuser:
https://superuser.com/questions/775882/what-do-i-have-to-do-so-i-can-get-2-users-to-be-able-to-access-disk-drives-par

What do I have to do so I can get 2 users to be able to access disk
drives / partitions at the same time?

I mounted a disk drive using UserA ==> /run/media/userA/myDisk .

userB is a member of the same group of userA.

Why can userB not access the mountpoints?

What do I have to do so I can get 2 users to be able to access disk
drives / partitions at the same time?

Also to note the disks are encrypted.

I do not want chmod the files or directory to 777

==================

I really liked the answer:

udisks2 intentionally makes removable devices private to the user. (By
design, Linux is a multi-user system, and can potentially have several
people having separate seats (displays, keyboards, USB ports) and
connecting their own USB drives, so they should be separate from each
other.) So all per-user directories under /run/media are limited to
their owner only.

To make udisks2 place all mountpoints under /media, which it used to
do in the past, you can install a n udev rule by placing the following
in /etc/udev/rules.d/90-udisks2-shared.rules:

SUBSYSTEM=="block", ENV{UDISKS_FILESYSTEM_SHARED}="1"

Alternatively, you could move a specific device by configuring it in
/etc/fstab, e.g.:

/dev/mapper/luks-backups /mnt/backup auto noauto,nosuid,nodev,nofail,x-gvfs-show

In fact, you should always use /etc/fstab for internal or otherwise fixed disks.

However, this will only allow other users to reach the mountpoint, it
will not automatically allow them to browse files inside – you will
need to change the files' permissions. This depends on the filesystem
your disk is using.

If you use ext4, btrfs, or generally any filesystem that supports Unix
file ownership & permissions, use groupadd to create a dedicated group
for users allowed to access the disk; gpasswd -a to add them to the
group; then mount the disk and chown -R it to the newly created group.
Use chmod -R g+rwX to make all files group-accessible, and find
/mnt/disk -type d -exec chmod g+s {} + to make them inherit the group
ownership.

If you use fat32/vfat, do the same, but changing ownership or
permissions will not work; instead, you will need to add the gid=...
mount option in /etc/fstab. (The option should have the actual ID of
the group that you just added.)

========

I followed the first step and now I am able to access the mounts from
another user. The location now for me is /media


On Mon, Aug 4, 2014 at 9:30 AM, Lennart Poettering <mzerqung@xxxxxxxxxxx> wrote:
> On Mon, 04.08.14 18:13, Marcin Juszkiewicz (mjuszkiewicz@xxxxxxxxxx) wrote:
>
>> Can someone point me to discussion which ended in /media being symlink
>> to /run/media directory?
>>
>> I am now looking at Picasa rescanning 40GB of pictures just because
>> /media/storage/ dissapeared after upgrade of packages (which moved
>> /media/ to /media.rpmmoved/ one).
>>
>> Should I create /my-own-directory-do-not-even-think-about-touching-it/
>> and keep mountpoints of all hard drives there just to hope that it will
>> stay there for next year?
>
> Yes, you should.
>
> /media was supposed to be the place where removable media is
> automatically mounted. There are no rules on how things are named for
> it, not whether the directory names are stable in any way. hal and
> udisks used to mount stuff there, but they haven't done that since quite
> a while now, since removable media should be private to the user, and a
> system-wide namespace is inappropriate for that really. Thus it moved to
> a user-private directory in /run/media/$USER/ instead, which nobody but
> the user who is active on the seat the media was inserted to has access
> to. This fixes a number of security problems since the namespace is
> now private to the user, and a rogue user cannot confuse another user's
> apps by taking possession of the /media path where they'd expect a
> device to show up...
>
> Now, while /run/media (and formerly /media) are under strictly automatic
> control by udisks, the directory hierarchy /mnt is supposed to be under
> admin control. If you want to mount arbitrary stuff to fixed places
> following your own naming scheme, that's where you are supposed to mount
> your stuff. If you want your removable media device to show up there,
> simply edit /etc/fstab and add a line of your choice.
>
> To make this more confusing, to my knowledge Ubuntu (or is it Debian as
> its upstream?) actually patches /run/media/$UID back into /media. Or at
> least I did that. It's stupid, and a security hole, and they should stop
> doing that, but they know better...
>
> The /media directory should probably be dropped from FHS, as it it's
> really pointless, and is nothing one would ever use today. In fact, our
> filesystem.rpm package should really stop shipping that (but then again,
> I mean, it also ships /var/gopher, ...)
>
> Lennart
>
> --
> Lennart Poettering, Red Hat
> --
> devel mailing list
> devel@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/devel
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux