How can ubuntu/truecrypt be configured so users can mount volumes if-and-only-if they have proper permissions...
Answer "Justification for travel support" in conference registration form
Would "lab meat" be able to feed a much larger global population
If a prion is a protein, why is it not disassembled by the digestive system?
¿Por qué el español no introdujo el C con cedilla, Ç? – Why did Spanish not introduce the C with cedilla, Ç?
Accidentally deleted the "/usr/share" folder
Why do we use caret (^) as the symbol for ctrl/control?
Can I get a paladin's steed by True Polymorphing into a monster that can cast Find Steed?
Selecting a secure PIN for building access
Would a 1/1 token with persist dying trigger on death effects a second time?
Did we get closer to another plane than we were supposed to, or was the pilot just protecting our delicate sensibilities?
In a Latex Table, how can I automatically resize cell heights to account for superscripts?
In Avengers 1, why does Thanos need Loki?
What is the most remote airport from the center of the city it supposedly serves?
CRT Oscilloscope - part of the plot is missing
Manager is threatning to grade me poorly if I don't complete the project
What does this colon mean? It is not labeling, it is not ternary operator
I caught several of my students plagiarizing. Could it be my fault as a teacher?
Why is Arya visibly scared in the library in S8E3?
How could a planet have most of its water in the atmosphere?
What does a yield inside a yield do?
60s (or earlier) SF short story with FTL Travel using electron psychology aka addiclenendar technology
What are the differences between credential stuffing and password spraying?
How to improve/restore vintage Peugeot bike, or is it even worth it?
Can Ghost kill White Walkers or Wights?
How can ubuntu/truecrypt be configured so users can mount volumes if-and-only-if they have proper permissions on the mount-point?
What sudoer spec allows users to mount cifs shares?Make all files under a directory read-only without changing permissions?How to mount a Truecrypt container with a timeout from the command line?Why does mount require root privileges?How to mount an encrypted TrueCrypt partition always in the same point?How can I semi-automatically mount a TrueCrypt volume using built in system tools?Do I need to chmod 777 mounted volumes?Why do different partitions on the same disk not have the same mount point?How to delete unknown file that doesn't have proper permissionsHow to limit users permissions to only use mysqlRunning Bash Script in a Browser Even with Apache Permissions Set
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
If I add the line: ALL= /usr/bin/truecrypt to the sudoers file this lets all users mount volumes at arbitrary mount-points. The problem is a user could create a truecrypt volume and then mount it at /etc/apache2 or /var/www -- directories which they shouldn't be able to tamper with.
If a user doesn't have sudo rights to run /usr/bin/truecrypt then truecrypt fails after prompting for the administrator/user password.
What's the proper way to configure the system/truecrypt so users can mount volumes in a sane/safe way? e.g. they can only mount volumes to mount-points which they own (or have write-access to)?
permissions mount truecrypt
asked Mar 23 '12 at 6:44
sentesente
12114
bumped to the homepage by Community♦ 34 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
If I add the line: ALL= /usr/bin/truecrypt to the sudoers file this lets all users mount volumes at arbitrary mount-points. The problem is a user could create a truecrypt volume and then mount it at /etc/apache2 or /var/www -- directories which they shouldn't be able to tamper with.
If a user doesn't have sudo rights to run /usr/bin/truecrypt then truecrypt fails after prompting for the administrator/user password.
What's the proper way to configure the system/truecrypt so users can mount volumes in a sane/safe way? e.g. they can only mount volumes to mount-points which they own (or have write-access to)?
permissions mount truecrypt
asked Mar 23 '12 at 6:44
sentesente
12114
bumped to the homepage by Community♦ 34 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
See this question for some pointers...
– jasonwryan
Mar 23 '12 at 6:48
add a comment |
If I add the line: ALL= /usr/bin/truecrypt to the sudoers file this lets all users mount volumes at arbitrary mount-points. The problem is a user could create a truecrypt volume and then mount it at /etc/apache2 or /var/www -- directories which they shouldn't be able to tamper with.
If a user doesn't have sudo rights to run /usr/bin/truecrypt then truecrypt fails after prompting for the administrator/user password.
What's the proper way to configure the system/truecrypt so users can mount volumes in a sane/safe way? e.g. they can only mount volumes to mount-points which they own (or have write-access to)?
permissions mount truecrypt
asked Mar 23 '12 at 6:44
sentesente
12114
If I add the line: ALL= /usr/bin/truecrypt to the sudoers file this lets all users mount volumes at arbitrary mount-points. The problem is a user could create a truecrypt volume and then mount it at /etc/apache2 or /var/www -- directories which they shouldn't be able to tamper with.
If a user doesn't have sudo rights to run /usr/bin/truecrypt then truecrypt fails after prompting for the administrator/user password.
What's the proper way to configure the system/truecrypt so users can mount volumes in a sane/safe way? e.g. they can only mount volumes to mount-points which they own (or have write-access to)?
permissions mount truecrypt
permissions mount truecrypt
asked Mar 23 '12 at 6:44
sentesente
12114
asked Mar 23 '12 at 6:44
sentesente
12114
asked Mar 23 '12 at 6:44
sentesente
12114
asked Mar 23 '12 at 6:44
sentesente
12114
asked Mar 23 '12 at 6:44
sentesente
12114
12114
bumped to the homepage by Community♦ 34 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ 34 mins ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
See this question for some pointers...
– jasonwryan
Mar 23 '12 at 6:48
add a comment |
See this question for some pointers...
– jasonwryan
Mar 23 '12 at 6:48
See this question for some pointers...
– jasonwryan
Mar 23 '12 at 6:48
See this question for some pointers...
– jasonwryan
Mar 23 '12 at 6:48
add a comment |
1 Answer
1
active
oldest
votes
I would suggest you attempt adding your mounts to your fstab. It can be found at /etc/fstab on most systems.
fstab will allow you to restrict who has access and who can mount which devices to which mount points. The option you are looking for will most likely be uid. You can determine a user's UID by examining /etc/passwd. Typically, you will be using uid 1000 as the first user created on the system.
sshfs#server.local:/mnt/Mountpoint /mnt/LocalDir fuse comment=sshfs,noauto,users,exec,uid=1000,gid=1000,allow_other,reconnect,transform_symlinks,BatchMode=yes,IdentityFile=/home/me/.ssh/server 0 0
This example shows how I mount a remote filesystem locally using sshfs. I have restricted it so that only my user is allowed to do such a thing. There are additional options in this sshfs example that you will most likely not need, but I think if you take a look it might clear things up.
further reading
Mount TrueCrypt volumes as a normal user
tl;dr
Set up uid and even guid in your fstab to restrict access to certain users. This will restrict mounting/unmounting as well as file access if set up correctly. Also, investigate whether or not you are utilizing FUSE, as that can cause additional conflict.
edited Nov 17 '13 at 10:21
Patrick
51.8k11137184
answered Mar 24 '12 at 4:28
earthmeLonearthmeLon
8101615
Link is broken.
– Wildcard
Aug 15 '18 at 16:51
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f34816%2fhow-can-ubuntu-truecrypt-be-configured-so-users-can-mount-volumes-if-and-only-if%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I would suggest you attempt adding your mounts to your fstab. It can be found at /etc/fstab on most systems.
fstab will allow you to restrict who has access and who can mount which devices to which mount points. The option you are looking for will most likely be uid. You can determine a user's UID by examining /etc/passwd. Typically, you will be using uid 1000 as the first user created on the system.
sshfs#server.local:/mnt/Mountpoint /mnt/LocalDir fuse comment=sshfs,noauto,users,exec,uid=1000,gid=1000,allow_other,reconnect,transform_symlinks,BatchMode=yes,IdentityFile=/home/me/.ssh/server 0 0
This example shows how I mount a remote filesystem locally using sshfs. I have restricted it so that only my user is allowed to do such a thing. There are additional options in this sshfs example that you will most likely not need, but I think if you take a look it might clear things up.
further reading
Mount TrueCrypt volumes as a normal user
tl;dr
Set up uid and even guid in your fstab to restrict access to certain users. This will restrict mounting/unmounting as well as file access if set up correctly. Also, investigate whether or not you are utilizing FUSE, as that can cause additional conflict.
edited Nov 17 '13 at 10:21
Patrick
51.8k11137184
answered Mar 24 '12 at 4:28
earthmeLonearthmeLon
8101615
Link is broken.
– Wildcard
Aug 15 '18 at 16:51
add a comment |
I would suggest you attempt adding your mounts to your fstab. It can be found at /etc/fstab on most systems.
fstab will allow you to restrict who has access and who can mount which devices to which mount points. The option you are looking for will most likely be uid. You can determine a user's UID by examining /etc/passwd. Typically, you will be using uid 1000 as the first user created on the system.
sshfs#server.local:/mnt/Mountpoint /mnt/LocalDir fuse comment=sshfs,noauto,users,exec,uid=1000,gid=1000,allow_other,reconnect,transform_symlinks,BatchMode=yes,IdentityFile=/home/me/.ssh/server 0 0
This example shows how I mount a remote filesystem locally using sshfs. I have restricted it so that only my user is allowed to do such a thing. There are additional options in this sshfs example that you will most likely not need, but I think if you take a look it might clear things up.
further reading
Mount TrueCrypt volumes as a normal user
tl;dr
Set up uid and even guid in your fstab to restrict access to certain users. This will restrict mounting/unmounting as well as file access if set up correctly. Also, investigate whether or not you are utilizing FUSE, as that can cause additional conflict.
edited Nov 17 '13 at 10:21
Patrick
51.8k11137184
answered Mar 24 '12 at 4:28
earthmeLonearthmeLon
8101615
Link is broken.
– Wildcard
Aug 15 '18 at 16:51
add a comment |
I would suggest you attempt adding your mounts to your fstab. It can be found at /etc/fstab on most systems.
fstab will allow you to restrict who has access and who can mount which devices to which mount points. The option you are looking for will most likely be uid. You can determine a user's UID by examining /etc/passwd. Typically, you will be using uid 1000 as the first user created on the system.
sshfs#server.local:/mnt/Mountpoint /mnt/LocalDir fuse comment=sshfs,noauto,users,exec,uid=1000,gid=1000,allow_other,reconnect,transform_symlinks,BatchMode=yes,IdentityFile=/home/me/.ssh/server 0 0
This example shows how I mount a remote filesystem locally using sshfs. I have restricted it so that only my user is allowed to do such a thing. There are additional options in this sshfs example that you will most likely not need, but I think if you take a look it might clear things up.
further reading
Mount TrueCrypt volumes as a normal user
tl;dr
Set up uid and even guid in your fstab to restrict access to certain users. This will restrict mounting/unmounting as well as file access if set up correctly. Also, investigate whether or not you are utilizing FUSE, as that can cause additional conflict.
edited Nov 17 '13 at 10:21
Patrick
51.8k11137184
answered Mar 24 '12 at 4:28
earthmeLonearthmeLon
8101615
I would suggest you attempt adding your mounts to your fstab. It can be found at /etc/fstab on most systems.
fstab will allow you to restrict who has access and who can mount which devices to which mount points. The option you are looking for will most likely be uid. You can determine a user's UID by examining /etc/passwd. Typically, you will be using uid 1000 as the first user created on the system.
sshfs#server.local:/mnt/Mountpoint /mnt/LocalDir fuse comment=sshfs,noauto,users,exec,uid=1000,gid=1000,allow_other,reconnect,transform_symlinks,BatchMode=yes,IdentityFile=/home/me/.ssh/server 0 0
This example shows how I mount a remote filesystem locally using sshfs. I have restricted it so that only my user is allowed to do such a thing. There are additional options in this sshfs example that you will most likely not need, but I think if you take a look it might clear things up.
further reading
Mount TrueCrypt volumes as a normal user
tl;dr
Set up uid and even guid in your fstab to restrict access to certain users. This will restrict mounting/unmounting as well as file access if set up correctly. Also, investigate whether or not you are utilizing FUSE, as that can cause additional conflict.
edited Nov 17 '13 at 10:21
Patrick
51.8k11137184
answered Mar 24 '12 at 4:28
earthmeLonearthmeLon
8101615
edited Nov 17 '13 at 10:21
Patrick
51.8k11137184
edited Nov 17 '13 at 10:21
Patrick
51.8k11137184
edited Nov 17 '13 at 10:21
Patrick
51.8k11137184
51.8k11137184
answered Mar 24 '12 at 4:28
earthmeLonearthmeLon
8101615
answered Mar 24 '12 at 4:28
earthmeLonearthmeLon
8101615
answered Mar 24 '12 at 4:28
earthmeLonearthmeLon
8101615
8101615
Link is broken.
– Wildcard
Aug 15 '18 at 16:51
add a comment |
Link is broken.
– Wildcard
Aug 15 '18 at 16:51
Link is broken.
– Wildcard
Aug 15 '18 at 16:51
Link is broken.
– Wildcard
Aug 15 '18 at 16:51
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f34816%2fhow-can-ubuntu-truecrypt-be-configured-so-users-can-mount-volumes-if-and-only-if%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
See this question for some pointers...
– jasonwryan
Mar 23 '12 at 6:48