On Fri, Oct 8, 2010 at 16:35, Greg KH <greg@xxxxxxxxx> wrote: > On Fri, Oct 08, 2010 at 10:25:31AM -0400, Ryan Lawrie wrote: >> Could you give me some simple instructions on how to write a udev rule to >> do this (I've never worked with udev before) .... or direct me to a good >> tutorial website perhaps. I will do some more web hunting on that. >> Â(I guess I will have to take care of the CD burner also. I want that to be >> readable by everyone but not writable. Would udev rules work for this >> also?) > > Well, block devices get "wierd" in that HAL is probably doing the > mounting of the device when it is seen by the system automatically. ÂSo > you need to tell it to only mount it 'read-only'. ÂAnd I think that > falls back to policykit to handle properly, so I don't think writing a > udev here will help you out at all, sorry. Right, udev is not in the game here besides that it handles the device events, and broadcasts them to system services. It does no permissions at all for these devices. User-sessions/logged-in users can request mounting of storage devices from the system, on behalf of the user. Untrusted users can cause privileged operations to happen that way. The guard here is polkit, it say yes or no these requests. The details of all this are explained here: http://people.redhat.com/davidz/Plumbers-2009-Sievers-Zeuthen-Replugging-The-Modern-Desktop.pdf Kay -- To unsubscribe from this list: send the line "unsubscribe linux-hotplug" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
