Prev: VNC Ubuntu
Next: Determine IP address on machine
From: BB on 8 Feb 2006 06:47
Hi,
In my RHEL 4 system, I want to give a normal user permission
so that he/she can mount a nfs partition in one of his directories
inside his home directory.

I tried with SUDO like this:

visudo:

user1 ALL=/bin/mount /user1/home/mnt ,/bin/umount /user1/home/mnt
I checked /sbin/mount and found it "-rwsr-sr-x".

But when the user1 logs in and try to execute
sudo mount -t nfs xx.xx.xx.xx:/mnt/inst mnt

he gets "
Sorry, user user1 is not allowed to execute '/bin/mount -t nfs
xx.xx.xx.xx:/mnt/inst mnt/' as root on VmWare.localdomain."

where m I wrong in setting this up ? please guide. thanks


regards
BB

From: Robert Harris on 8 Feb 2006 07:47
BB wrote:
> Hi,
> In my RHEL 4 system, I want to give a normal user permission
> so that he/she can mount a nfs partition in one of his directories
> inside his home directory.
>
> I tried with SUDO like this:
>
> visudo:
>
> user1 ALL=/bin/mount /user1/home/mnt ,/bin/umount /user1/home/mnt
> I checked /sbin/mount and found it "-rwsr-sr-x".
>
> But when the user1 logs in and try to execute
> sudo mount -t nfs xx.xx.xx.xx:/mnt/inst mnt
>
> he gets "
> Sorry, user user1 is not allowed to execute '/bin/mount -t nfs
> xx.xx.xx.xx:/mnt/inst mnt/' as root on VmWare.localdomain."
>
> where m I wrong in setting this up ? please guide. thanks
>
>
> regards
> BB

You don't want to give your user permission to run mount (otherwise
s?he'll be able to mount anything). Do the mounting for user1 as system
administrator and add the mount to /etc/mtab if you always want them to
have their mount.

Robert

From: Ken K on 8 Feb 2006 08:05
Robert Harris wrote:

> BB wrote:
>> Hi,
>> In my RHEL 4 system, I want to give a normal user permission
>> so that he/she can mount a nfs partition in one of his directories
>> inside his home directory.
>>
>> I tried with SUDO like this:
>>
>> visudo:
>>
>> user1 ALL=/bin/mount /user1/home/mnt ,/bin/umount /user1/home/mnt
>> I checked /sbin/mount and found it "-rwsr-sr-x".
>>
>> But when the user1 logs in and try to execute
>> sudo mount -t nfs xx.xx.xx.xx:/mnt/inst mnt
>>
>> he gets "
>> Sorry, user user1 is not allowed to execute '/bin/mount -t nfs
>> xx.xx.xx.xx:/mnt/inst mnt/' as root on VmWare.localdomain."
>>
>> where m I wrong in setting this up ? please guide. thanks
>>
>>
>> regards
>> BB
>
> You don't want to give your user permission to run mount (otherwise
> s?he'll be able to mount anything). Do the mounting for user1 as system
> administrator and add the mount to /etc/mtab if you always want them to
> have their mount.
>
> Robert

I have this entry in my fstab which allows them to mount this specific mount
by hand:

192.168.0.5:/export/mp3 /mnt/mp3 nfs
noauto,noatime,rw,user 0 0

(it wrapped due to length)

From: Chris Davies on 8 Feb 2006 09:45
Robert Harris <robert.f.harris(a)blueyonder.co.uk> wrote:
> You don't want to give your user permission to run mount (otherwise
> s?he'll be able to mount anything).

The OP appears to have thought about that and has attempted to restrict
the mount to specific parameters.

Unfortunately I can't see what's wrong with the original configuration.

Chris
From: Keith Keller on 8 Feb 2006 10:56
On 2006-02-08, BB <b_baruah(a)hotmail.com> wrote:
>
> I tried with SUDO like this:
>
> visudo:
>
> user1 ALL=/bin/mount /user1/home/mnt ,/bin/umount /user1/home/mnt
> I checked /sbin/mount and found it "-rwsr-sr-x".
>
> But when the user1 logs in and try to execute
> sudo mount -t nfs xx.xx.xx.xx:/mnt/inst mnt
>
> he gets "
> Sorry, user user1 is not allowed to execute '/bin/mount -t nfs
> xx.xx.xx.xx:/mnt/inst mnt/' as root on VmWare.localdomain."

This is the same exact problem you had with your mount set up as a user
mount in /etc/fstab. The user's command doesn't match your sudoers
entry, so sudo rejects it. Try making the commands match.

--keith

--
kkeller-usenet(a)wombat.san-francisco.ca.us
(try just my userid to email me)
AOLSFAQ=http://wombat.san-francisco.ca.us/cgi-bin/fom
see X- headers for PGP signature information

 | 
Pages: 1
Prev: VNC Ubuntu
Next: Determine IP address on machine