I did it differently. Ultimately, if I could've run KNOPPIX'
usr/sbin/rebuildfstab interactively without bugs / weird behavior, it would've been ok. In the end though, I wrote my own supplemental fstab rebuilder to be called manually, that would also do unmounts and device ejects as needed based on a simple analysis of
/proc/partitions,
/sys/block/<blockdevice>/removable and
/sys/block/<device>/device/scsi_disk. Also, it would set device writeability using the blockdev command, just like the original KNOPPIX script. Additionally to that, I am swapping out
usr/sbin/rebuildfstab to alter KNOPPIX' automount behavior as needed.
When the lecturer presses the "Enable/Disable removable storage" button on the control machine, the server will SSH into all clients, swap KNOPPIX' own fstabrebuild script (changing the permissions that are applied when a user hotplugs a USB stick), and run my homemade fstab rebuilder, kicking out all mounted USB sticks etc., rebuilding fstab cleanly (at least in our system configurations), and eeeverything works as intended in pcmanfm (and on the shell too).
It's a bit of a dirty hack, but through all my tests this ran pretty neatly and pcmanfm either allows mounts by users or gives back neat "permission denied" messages. Was a bit of extra work to accomplish this, but it gets the job done...
Usage is something like "fstabrebuilder.sh usbon|usboff"
Code: Select all
#!/bin/bash
# Written by <CENSORED>
#
# This does what I think is a quicker, easier and most of
# all working KNOPPIX fstab rebuilder. It also sets blockdev
# writeable stati. To be called interactively only!
name=''
basename=''
options=''
comment='# Added by KNOPPIX'
param=$1
if ! ( [[ $param == "usbon" ]] || [[ $param == "usboff" ]] )
then
echo 'Wrong or no parameter given to $0!'
echo 'Valid parameters are usbon|usboff!'
exit 1
fi
# Purging autogenerated entries from /etc/fstab:
sed -itmp -e '/^'"$comment"'/ { N; d; }' /etc/fstab
# Writing a new one. We get partitions from /proc/partitions,
# then we get removable/fixed status for each block device
# from /sys/block/<device>/removable and set the block device
# level r/w status. Also we write a new fstab entry for each
# partition on the device with options based on disk type
# and security configuration for KNOPPIX USB/ODD disk access:
while read partline
do
name=`echo $partline | cut -f4 -d" " - | grep -P 'sd[a-z]\d{1}|sr\d{1}'` # Get partition / block device names
if [[ ! -z $name ]] # Omit empty lines
then
if [[ $name == sd* ]]
then
basename=`printf '%s\n' "${name//[[:digit:]]/}"` # Disk partitions like sda2 etc. have a base device name of sda
else
basename=$name # ODDs like sr0 have a base device name of sr0, not sr!
fi
# Deciding on security based on whether a block device is removable,
# like optical discs or USB sticks or whether it's an internal disk,
# which we should NEVER touch!
if [[ `cat /sys/block/$basename/removable` == 0 ]]
then
if [[ `grep $name /etc/mtab` ]]; then umount -l -f /dev/$name; fi # Unmount (Fixed disks should NEVER be mounted
# in the first place!!!
blockdev --setro /dev/$basename 1>/dev/null 2>&1 # Fixed disk => read only
options="ro,noexec,noauto,uid=root,gid=root,umask=777" # fstab options
else
case $param in # For removable media we need to decide if it's the time to let
usbon) # users access them or whether we don't want that.
if [[ `grep $name /etc/mtab` ]]; then umount -l -f /dev/$name; fi # Unmount
if [[ -d /sys/block/$basename/device/scsi_disk ]] # If removable disk (and not ODD)...
then
eject /dev/$name 1>/dev/null 2>&1 # ...eject
fi
blockdev --setrw /dev/$basename 1>/dev/null 2>&1 # Device => read/write
options="rw,exec,users,noauto,uid=knoppix,gid=knoppix,umask=000" # fstab options
;;
usboff)
if [[ `grep $name /etc/mtab` ]]; then umount -l -f /dev/$name; fi # Unmount
if [[ -d /sys/block/$basename/device/scsi_disk ]] # If removable disk (and not ODD)...
then
eject /dev/$name 1>/dev/null 2>&1 # ...eject
fi
blockdev --setro /dev/$basename 1>/dev/null 2>&1 # Device => read only
options="ro,noexec,noauto,uid=root,gid=root,umask=777" # fstab options
;;
*)
echo 'This part should never be reached!'
exit 1
;;
esac
fi
echo $comment >> /etc/fstab
printf '%s\n' "/dev/$name /media/$name auto $options 0 0" >> /etc/fstab
fi
done < /proc/partitionsi
exit 0
Optical disc drives aren't being ejected, because this would be troublesome. Some machines have notebook-style slim drives, where the tray cannot be retracted by software, and it would generally be bad to eject+retract all trays in a room with 40-80 machines. But pcmanfm doesn't present CDs/DVDs to the user anyway (at least not the version on KNOPPIX 7.6.1), so it should be ok I guess.
I mean, this is probably seriously BAD bash code ('m not really good at this), but yeah...