Is ther no more /usr/share/pcmanfm/mount.rules?

The dedicated forum for PCMan File Manager - http://wiki.lxde.org/en/PCManFM
Locked
AdmiralThrawn
Posts: 4
Joined: Thu Aug 25, 2016 9:53 am

Is ther no more /usr/share/pcmanfm/mount.rules?

Post by AdmiralThrawn »

Hello!

I'd like to ask whether the configuration file mount.rules no longer exists? If so, is there a replacement for it? I'm currently in the process of rebuilding a Knoppix-based solution we use for teaching (and exams) in our University, and we used this handy little file to manage disk access on the GUI.

It was quite easy to give/take disk mounting capabilities from/to users online by changing this file remotely when using pcmanfm 0.5.x.

Now, the new system uses pcmanfm-1.2 (with LXDE 8.2), and I couldn't find any similar configuration file for this. I'm not just worried about automounting, but about being able to mount file systems as a user at all.

Is there any way to do this in any pcmanfm configuration file, like it used to be in the past?

Or should I be looking elsewhere for this?

Thanks!
Rex Bouwense
Posts: 1093
Joined: Sat Aug 27, 2011 5:44 pm
Location: Sierra Vista, Arizona USA
Contact:

Re: Is ther no more /usr/share/pcmanfm/mount.rules?

Post by Rex Bouwense »

Hi AdmiralThrawn. I am not sure that I understand your question because I use PCMan FM and the auto-mount function is fully functional providing you check it under preferences. Are you trying to prevent auto-mount?
Rex
drooly
Posts: 791
Joined: Mon Apr 08, 2013 6:45 am

Re: Is ther no more /usr/share/pcmanfm/mount.rules?

Post by drooly »

what was the content of that file?
what was pcmanfm doing with it?
what are you trying to achieve exactly? automounting of usb storage?

since you mentioned pcmanfm 0.5.x, i remember that ignorantguru had an important reason to continue developing an old branch of pcmanfm, now called spacefm.
AdmiralThrawn
Posts: 4
Joined: Thu Aug 25, 2016 9:53 am

Re: Is ther no more /usr/share/pcmanfm/mount.rules?

Post by AdmiralThrawn »

I can't just switch to spacefm easily I fear..

What I want to do is to prevent mounting, yes. Not just auto-mount, but all mounts done by PCMANFM. The contents of the file looked like this (snippet, already modified):

Code: Select all

[vfat]
mount_options=umask=777;
#mount_options=shortname=mixed;uid=;utf8;umask=077;exec

# mount_options=shortname=mixed;uid=;utf8;umask=077;exec;usefree
# Sometimes, adding a 'usefree' option is required due to bugs in the kernel.
# See: https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/133567

[udf]
mount_options=umask=777;
#mount_options=uid=;exec

[ntfs-3g]
mount_options=umask=777;
#mount_options=locale=;exec

[ntfs]
mount_options=umask=777;
#mount_options=umask=222;utf8;exec
#fstype_override=ntfs-3g

[iso9660]
mount_options=umask=777;
#mount_options=uid=;utf8;exec
By altering the umask, one could very easily block mounts, giving an access denied error back to the user, just like we wanted. At times, when we do want to allow stuff like USB sticks, we would simply execute a script on a server, that would push a different mount.rules to the clients, which immediately made the chosen file systems accessible.

I found that pcmanfm mounts can also be blocked with mounts properly specified in /etc/fstab. While Knoppix's script populating the fstab isn't quite suitable for what we want (or I'm too stupid to make it do what I want without bugs), I could just write my own script for that, that would be pushed to the clients and executed on demand.

Still, the config file above was a much, much easier way to achieve this.
drooly
Posts: 791
Joined: Mon Apr 08, 2013 6:45 am

Re: Is ther no more /usr/share/pcmanfm/mount.rules?

Post by drooly »

well if you start reading ignorantguru's stuff, there's mention of utilities that can be used for automounting, instead of the usual udisks, and why ignorantguru thinks udisks sucks (and their utilities are better?).
https://igurublog.wordpress.com/downloads/
so what you really want to get rid of is udisks, i guess.
and maybe use udevil instead, or nothing.
AdmiralThrawn
Posts: 4
Joined: Thu Aug 25, 2016 9:53 am

Re: Is ther no more /usr/share/pcmanfm/mount.rules?

Post by AdmiralThrawn »

I did it differently. Ultimately, if I could've run KNOPPIX' usr/sbin/rebuildfstab interactively without bugs / weird behavior, it would've been ok. In the end though, I wrote my own supplemental fstab rebuilder to be called manually, that would also do unmounts and device ejects as needed based on a simple analysis of /proc/partitions, /sys/block/<blockdevice>/removable and /sys/block/<device>/device/scsi_disk. Also, it would set device writeability using the blockdev command, just like the original KNOPPIX script. Additionally to that, I am swapping out usr/sbin/rebuildfstab to alter KNOPPIX' automount behavior as needed.

When the lecturer presses the "Enable/Disable removable storage" button on the control machine, the server will SSH into all clients, swap KNOPPIX' own fstabrebuild script (changing the permissions that are applied when a user hotplugs a USB stick), and run my homemade fstab rebuilder, kicking out all mounted USB sticks etc., rebuilding fstab cleanly (at least in our system configurations), and eeeverything works as intended in pcmanfm (and on the shell too).

It's a bit of a dirty hack, but through all my tests this ran pretty neatly and pcmanfm either allows mounts by users or gives back neat "permission denied" messages. Was a bit of extra work to accomplish this, but it gets the job done...

Usage is something like "fstabrebuilder.sh usbon|usboff"

Code: Select all

#!/bin/bash
# Written by <CENSORED>
#
# This does what I think is a quicker, easier and most of
# all working KNOPPIX fstab rebuilder. It also sets blockdev
# writeable stati. To be called interactively only!

name=''
basename=''
options=''
comment='# Added by KNOPPIX'
param=$1

if ! ( [[ $param == "usbon" ]] || [[ $param == "usboff" ]] )
then
  echo 'Wrong or no parameter given to $0!'
  echo 'Valid parameters are usbon|usboff!'
  exit 1
fi

# Purging autogenerated entries from /etc/fstab:

sed -itmp -e '/^'"$comment"'/ { N; d; }' /etc/fstab

# Writing a new one. We get partitions from /proc/partitions,
# then we get removable/fixed status for each block device
# from /sys/block/<device>/removable and set the block device
# level r/w status. Also we write a new fstab entry for each
# partition on the device with options based on disk type
# and security configuration for KNOPPIX USB/ODD disk access:
while read partline
do
  name=`echo $partline | cut -f4 -d" " - | grep -P 'sd[a-z]\d{1}|sr\d{1}'`      # Get partition / block device names
  if [[ ! -z $name ]]                                   # Omit empty lines
  then
    if [[ $name == sd* ]]
    then
      basename=`printf '%s\n' "${name//[[:digit:]]/}"`  # Disk partitions like sda2 etc. have a base device name of sda
    else
      basename=$name                                    # ODDs like sr0 have a base device name of sr0, not sr!
    fi

    # Deciding on security based on whether a block device is removable,
    # like optical discs or USB sticks or whether it's an internal disk,
    # which we should NEVER touch!
    if [[ `cat /sys/block/$basename/removable` == 0 ]]
    then
      if [[ `grep $name /etc/mtab` ]]; then umount -l -f /dev/$name; fi         # Unmount (Fixed disks should NEVER be mounted
                                                                                # in the first place!!!
      blockdev --setro /dev/$basename 1>/dev/null 2>&1                          # Fixed disk => read only
      options="ro,noexec,noauto,uid=root,gid=root,umask=777"                    # fstab options
    else
      case $param in       # For removable media we need to decide if it's the time to let
        usbon)              # users access them or whether we don't want that.
          if [[ `grep $name /etc/mtab` ]]; then umount -l -f /dev/$name; fi     # Unmount
          if [[ -d /sys/block/$basename/device/scsi_disk ]]                     # If removable disk (and not ODD)...
          then
            eject /dev/$name 1>/dev/null 2>&1                                   # ...eject
          fi
          blockdev --setrw /dev/$basename 1>/dev/null 2>&1                      # Device => read/write
          options="rw,exec,users,noauto,uid=knoppix,gid=knoppix,umask=000"      # fstab options
          ;;
        usboff)
          if [[ `grep $name /etc/mtab` ]]; then umount -l -f /dev/$name; fi     # Unmount
          if [[ -d /sys/block/$basename/device/scsi_disk ]]                     # If removable disk (and not ODD)...
          then
            eject /dev/$name 1>/dev/null 2>&1                                   # ...eject
          fi
          blockdev --setro /dev/$basename 1>/dev/null 2>&1                      # Device => read only
          options="ro,noexec,noauto,uid=root,gid=root,umask=777"                # fstab options
          ;;
        *)
          echo 'This part should never be reached!'
          exit 1
          ;;
      esac
    fi
    echo $comment >> /etc/fstab
    printf '%s\n' "/dev/$name   /media/$name    auto    $options        0 0" >> /etc/fstab
  fi
done < /proc/partitionsi

exit 0
Optical disc drives aren't being ejected, because this would be troublesome. Some machines have notebook-style slim drives, where the tray cannot be retracted by software, and it would generally be bad to eject+retract all trays in a room with 40-80 machines. But pcmanfm doesn't present CDs/DVDs to the user anyway (at least not the version on KNOPPIX 7.6.1), so it should be ok I guess.

I mean, this is probably seriously BAD bash code ('m not really good at this), but yeah...
Rex Bouwense
Posts: 1093
Joined: Sat Aug 27, 2011 5:44 pm
Location: Sierra Vista, Arizona USA
Contact:

Re: Is ther no more /usr/share/pcmanfm/mount.rules?

Post by Rex Bouwense »

Hey a "dirty hack" that works for you is better than one that doesn't. Thanks for sharing your solution. I didn't know how to make it work.
Rex
AdmiralThrawn
Posts: 4
Joined: Thu Aug 25, 2016 9:53 am

Re: Is ther no more /usr/share/pcmanfm/mount.rules?

Post by AdmiralThrawn »

I just need to check how it behaves when booting Knoppix from a USB pendrive. I need to see whether it force-ejects/unmounts the root partition in that case, because that would be seriously bad! ;) If so, I need to check for that as well, so this might not be a "complete" solution yet, needs more testing, but yeah.
Locked