d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Mention the oddities and requirements for mount operations executed by

Browse Source 
non-root users.

PR:		docs/42651
Submitted by:	Thomas Seck <tmseck@netcologne.de>
MFC after:	3 days
This commit is contained in:
Joerg Wunsch 2003-01-13 19:42:21 +00:00
parent 81075acb51
commit b4206324a5
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=109186
2 changed files with 20 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
lib/libc/sys/mount.2
View File

@ -74,6 +74,13 @@ at the time
of a successful mount are swept under the carpet so to speak, and of a successful mount are swept under the carpet so to speak, and
are unavailable until the file system is unmounted. are unavailable until the file system is unmounted.
.Pp .Pp
By default only the super-user may call the
.Fn mount
function.
This restriction can be removed by setting the sysctl
.Em vfs.usermount
to a non-zero value.
.Pp
The following The following
.Fa flags .Fa flags
may be specified to may be specified to
@ -81,17 +88,19 @@ suppress default semantics which affect file system access.
.Bl -tag -width MNT_SYNCHRONOUS .Bl -tag -width MNT_SYNCHRONOUS
.It Dv MNT_RDONLY .It Dv MNT_RDONLY
The file system should be treated as read-only; The file system should be treated as read-only;
Even the super-user may not write on it. even the super-user may not write on it.
Specifying MNT_UPDATE without this option will upgrade Specifying MNT_UPDATE without this option will upgrade
a read-only file system to read/write. a read-only file system to read/write.
.It Dv MNT_NOEXEC .It Dv MNT_NOEXEC
Do not allow files to be executed from the file system. Do not allow files to be executed from the file system.
.It Dv MNT_NOSUID .It Dv MNT_NOSUID
Do not honor setuid or setgid bits on files when executing them. Do not honor setuid or setgid bits on files when executing them.
This flag is set automatically when the caller is not the super-user.
.It Dv MNT_NOATIME .It Dv MNT_NOATIME
Disable update of file access times. Disable update of file access times.
.It Dv MNT_NODEV .It Dv MNT_NODEV
Do not interpret special files on the file system. Do not interpret special files on the file system.
This flag is set automatically when the caller is not the super-user.
.It Dv MNT_SUIDDIR .It Dv MNT_SUIDDIR
Directories with the SUID bit set chown new files to their own owner. Directories with the SUID bit set chown new files to their own owner.
.It Dv MNT_SYNCHRONOUS .It Dv MNT_SYNCHRONOUS
@ -178,7 +187,8 @@ The
system call will fail when one of the following occurs: system call will fail when one of the following occurs:
.Bl -tag -width Er .Bl -tag -width Er
.It Bq Er EPERM .It Bq Er EPERM
The caller is not the super-user. The caller is neither the super-user nor the owner of
.Ar dir .
.It Bq Er ENAMETOOLONG .It Bq Er ENAMETOOLONG
A component of a pathname exceeded 255 characters, A component of a pathname exceeded 255 characters,
or the entire length of a path name exceeded 1023 characters. or the entire length of a path name exceeded 1023 characters.
@ -261,7 +271,9 @@ The
system call may fail with one of the following errors: system call may fail with one of the following errors:
.Bl -tag -width Er .Bl -tag -width Er
.It Bq Er EPERM .It Bq Er EPERM
The caller is not the super-user. The caller is neither the super-user nor the user who issued the corresponding
.Xr mount 2
call.
.It Bq Er ENOTDIR .It Bq Er ENOTDIR
A component of the path is not a directory. A component of the path is not a directory.
.It Bq Er ENAMETOOLONG .It Bq Er ENAMETOOLONG
@ -290,6 +302,7 @@ mounted.
.Sh SEE ALSO .Sh SEE ALSO
.Xr lsvfs 1 , .Xr lsvfs 1 ,
.Xr mount 8 , .Xr mount 8 ,
.Xr sysctl 8 ,
.Xr umount 8 .Xr umount 8
.Sh BUGS .Sh BUGS
Some of the error codes need translation to more obvious messages. Some of the error codes need translation to more obvious messages.

4
sbin/mount/mount.8
View File

@ -159,6 +159,8 @@ Disable write clustering.
Do not interpret character or block special devices on the file system. Do not interpret character or block special devices on the file system.
This option is useful for a server that has file systems containing This option is useful for a server that has file systems containing
special devices for architectures other than its own. special devices for architectures other than its own.
This option is set automatically when the user does not have super-user
privileges.
.It Cm noexec .It Cm noexec
Do not allow execution of any binaries on the mounted file system. Do not allow execution of any binaries on the mounted file system.
This option is useful for a server that has file systems containing This option is useful for a server that has file systems containing
@ -169,6 +171,7 @@ Note: this option is worthless if a public available suid or sgid
wrapper like wrapper like
.Xr suidperl 1 .Xr suidperl 1
is installed on your system. is installed on your system.
It is set automatically when the user does not have super-user privileges.
.It Cm nosymfollow .It Cm nosymfollow
Do not follow symlinks Do not follow symlinks
on the mounted file system. on the mounted file system.
@ -430,6 +433,7 @@ file system table
.Xr mount_udf 8 , .Xr mount_udf 8 ,
.Xr mount_umapfs 8 , .Xr mount_umapfs 8 ,
.Xr mount_unionfs 8 , .Xr mount_unionfs 8 ,
.Xr sysctl 8 ,
.Xr umount 8 .Xr umount 8
.Sh BUGS .Sh BUGS
It is possible for a corrupted file system to cause a crash. It is possible for a corrupted file system to cause a crash.