Allow normal user to mount linux partitions, usb stick / pen device

Posted on in Categories CentOS, Debian Linux, File system, Hardware, Howto, Linux, Linux desktop, RedHat/Fedora Linux, Security, Ubuntu Linux, User Management last updated July 15, 2005

You need to use autofs. It is use to mount file system on demand. Usually autofs is invoked at system boot time with the start parameter and at shutdown time with the stop parameter. The autofs script can also manually be invoked by the system administrator to shut down, restart or reload the automounters.

autofs will consult a configuration file /etc/auto.master to find mount points on the system.

i) Install autofs if not installed. if you are using Debian / Ubuntu Linux, enter:
# apt-get install autofs
ii) Create dekstop group and add user jimmy to this group:
# groupadd desktop
# usermod -G video,desktop jimmy
# chmod -R a+rx /var/autofs/misc

iii) Configure autofs so that usb stick can be accessed:
# vi /etc/auto.misc

iv) Append following text to auto.misc:
usb -fstype=auto, user, sync, nodev, nosuid, gid=desktop, umask=002 :/dev/sda1
d -fstype=vfat, user, sync, nodev, nosuid,gid=desktop, umask=002 :/dev/hda2

Where,

  • usb : Is directory name, which can be accessed via /var/autofs/misc/usb directory. User in desktop group just need to type cd command (cd /var/autofs/misc/usb) to change the directory.
  • -fstype- auto, user, sync, nodev, nosuid, gid-desktop, umask-002 :- All these are options used to mount the file system by automounter.
  • auto: File system is automatically determined by kernel.
  • user: Normal user are allowed to mount devices
  • nodev: Do not interpret character or block special devices on the file system.
  • nosuid: Do not allow set-user-identifier or set-group-identifier bits to take effect. This is security feature.
  • gid=desktop: This allows file system mounted as as group dekstop. As we have added user jimmy to this group already.
  • umask=002: Setup umask so that users in group desktop can write data to device.

Please note that without gid and umask option normal user cannot write data to device.

v)Restart the autofs:
#/etc/init.d/autofs restart
vi) Test it as user jimmy (make sure usb stick/pen is inserted into usb port):
$ ls /var/autofs/misc/usb
$ cd /var/autofs/misc/usb
$ mkdir testdir
$ ls -l

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

3 comment

  1. pretty nice suggestion, don’t forget to say that you can specify a different mountpoint instead of /var/autofs/misc/usb just entering a fully qualified path instead of just a directory.
    now my konqueror uses it too.

  2. Note, it should be changed to:

    # usermod -a -G video,desktop jimmy

    I lost my sudo privileges when I executed your version. Without the -a, it replaces that users groups, rather than appending them.

Leave a Comment