FreeBSD Allow Normal Users To Mount CDROMs/DVDs/USB Devices

Author: Vivek Gite Last updated: June 1, 2018 3 comments

How do I allow any ordinary users (such as my son or wife) to mount CD-ROMs, DVDs, USB drives, and other removable media on our home server powered by FreeBSD operating systems?

Introduction: You need to use the sysctl command to set or get FreeBSD kernel state to allow FreeBSD users to mount CDROMs / DVDs / USB devices. Under FreeBSD unprivileged users may mount and unmount file systems based on CDROMs or DVDs or USB devices by setting a special kernel variable called vfs.usermount.

Syntax for FreeBSD to allow normal users to mount devices

You need to run the following command as root user:
sysctl vfs.usermount sysctl vfs.usermount=1
The value 1 indicates that you need to setup permission so that FreeBSD allow normal users to mount CDROMs, DVDs, USB pen drive and so on. Next, you need to add and set a device permissions in /etc/devfs.conf file for users.

Example: FreeBSD Allow Normal Users To Mount CDROMs / DVDs / USB Devices

Edit /etc/sysctl.conf using a text editor such as ee command or vim command, enter:
# vi /etc/sysctl.conf
Append the following variable so that it can load persist across reboots:
vfs.usermount=1
Save and close the file in vim text editor. Type the following command for current session:
# sysctl vfs.usermount=1
Sample outputs:

vfs.usermount: 0 -> 1

Find device names

Use camcontrol devlist or egrep 'ad[0-9]|cd[0-9]' /var/run/dmesg.boot commands to find out CD/DVD/USB device names under FreeBSD:
# camcontrol devlist
OR
# egrep 'ad[0-9]|cd[0-9]' /var/run/dmesg.boot

Update /etc/devfs.conf

The device owner and permissions will be reset the next time the system is restarted, in order to make this change permanent you need to edit /etc/devfs.conf. In this example, I need to allow user vivek to mount my cdrom called /dev/cd0. Edit /etc/devfs.conf, enter:
# vi /etc/devfs.conf
Add the following two line so that all users can mount a USB drive if they are in operator group:

own       /dev/da0       root:operator
perm      /dev/da00      0666

Also, add the following two line so that all users can mount a /dev/cd0 drive if they are in operator group:

## allow member of operator to mount cdrom
own	   /dev/cd0	   root:operator
perm      /dev/cd0	   0660

Save and close the file. Feel free to replace /dev/cd0 and /dev/da0 as per your system configuration. You need to add user to a group called operator using the pw command, run:
# pw groupmod operator -m vivek
Verify new group membership, run:
# id vivek
Sample outputs:

uid=1001(vivek) gid=1001(vivek) groups=1001(vivek),0(wheel),5(operator)

User command to mount devices

Normal users can now mount devices they could read onto a directory that they own such as $HOME using the mount_cd9600 command:
% mkdir ~/cdrom % mount_cd9660 /dev/cd0 ~/cdrom % mount
Sample outputs:

/dev/ada0p2 on / (ufs, local, journaled soft-updates)
devfs on /dev (devfs, local, multilabel)
/dev/cd0 on /usr/home/vivek/cdrom (cd9660, local, nosuid, read-only, mounted by vivek)

User command to unmount devices

Unmounting the device is simple:
% umount ~/cdrom
For more info see FreeBSD devfs.conf(5) and sysctl man pages.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 3 comments so far... add one ↓

Related Tutorials

Category	List of Unix and Linux commands
File Management	cat
Firewall	Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04
Network Utilities	dig • host • ip • nmap
OpenVPN	CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04
Package Manager	apk • apt
Processes Management	bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time
Searching	grep • whereis • which
User Information	groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w
WireGuard VPN	Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04

3 comments… add one

vic Nov 12, 2012 @ 6:31

I think it’s better take instruction for USB drive from handbook

#This is accomplished by adding these lines to /etc/devfs.rules:
[localrules=5] add path 'da*' mode 0660 group operator
#You also have to enable your devfs.rules(5) ruleset in your /etc/rc.conf file:
devfs_system_ruleset="localrules"
reason:
The devfs.conf file provides an easy way to set ownership and permissions, or create links for devices available at boot. It does not work for devices plugged in and out after the system is up and running, e.g. USB devices. See devfs.rules(5) for setting ownership and permissions for all device nodes, and devd.conf(5) for actions to be
taken when devices are attached or detached.

Reply Link
Juanjo Jan 5, 2013 @ 12:50

You can also add the mount command in /etc/fstab with
noauto so that users could do mount filedirectory without
spelling out the specific device.

In my case for usb:
# device Mountpoint FStype options Dump Pass#
/dev/da0s1 /mnt/juanjo msdosfs rw,noauto 0 0

Reply Link
randy flask Jun 26, 2015 @ 14:09

Thanks, awesome tutorial, Its woks!

umount ~/cdrom

Reply Link

Use HTML <pre>...</pre> for code samples. Problem posting comment? Email me @ webmaster@cyberciti.biz