Solved Unmount not permitted (user) root ok

[fjdlr]

Hi!
I encountered a strange problem:
usb drive configuration ok (automount), user rights ok access (read write)
file /etc/rc.conf

autofs_enable = "YES"
automount_enable = "YES"
automountd_enable = "YES"
autounmountd_enable = "YES"
fusefs_enable = "YES"

In console mode "unmount users not permitted"
In X mode (openbox, thunar or pcmanfm, automount ok)
but msg.box "unmount user not permitted"
The fs is UFS with unix rights ok
Sorry my english is weak

 

[m0nkey_]

You need to enable the user mount sysctl.
sysctl vfs.usermount=1
You can make this permanant by editing /etc/sysctl.conf and adding:

vfs.usermount=1

You also need to make sure your user account is part of the operator group.

 

[fjdlr]

You need to enable the user mount sysctl.
sysctl vfs.usermount=1
You can make this permanant by editing /etc/sysctl.conf and adding:

vfs.usermount=1

You also need to make sure your user account is part of the operator group.

thank you so much,
I forgot to specify it, sysctl vfs.usermount = 1 is in /etc/sysctl.conf
and user operator and wheel group ok

 

[fjdlr]

After verifications, I'm still with this problem, I must do a sudo umount to properly disconnect the usb drive, I do not understand anything, ideas, thank you

 

[twllnbrck]

The autofs(8) subsystem doesn't support automatic unmount and it is IMO not very suitable to desktop usage. You could change the ownership of the usb device in /etc/devfs.rules in order to avoid sudo but this is probably a bad idea.
Try another solution like sysutils/dsbmd or sysutils/automount. I use sysutils/automount and its fulfilling its purpose very well.

 

[fjdlr]

Thanks for answering, yes I use automount and I'm happy, my problem is for umount only root or [COLOR=rgb(0, 0, 0)]sudo[/COLOR] can do it correctly.
for dsbmd the same thing, message "unmount user not permitted"
in / etc / devfs.rules I gave the rights

 

[twllnbrck]

Do you use the native autofs/automount or the sysutils/automount package? I mean the latter

 

[SirDice]

Users are not allowed to mount or unmount anything. You can enable vfs.usermount which will enable users to mount and unmount but only if they also own the mountpoint. And they can only unmount what they themselves have mounted. The filesystem you're trying to unmount is probably mounted by root through autofs(5). Users are never allowed to unmount root owned mounts. Regardless of vfs.usermount.

 

[twllnbrck]

Take a look at vermaden's nice guide on automounting to find a solution what meets your demands..

 

[fjdlr]

Do you use the native autofs/automount or the sysutils/automount package? I mean the latter

Hello, Lanakus thank you for helping me (again)
pkg inf automount
sysutils / automount

 

[fjdlr]

Users are not allowed to mount or unmount anything. You can enable vfs.usermount which will enable users to mount and unmount but only if they also own the mountpoint. And they can only unmount what they themselves have mounted. The filesystem you're trying to unmount is probably mounted by root through autofs(5). Users are never allowed to unmount root owned mounts. Regardless of vfs.usermount.

Hello SirDice
Thank you for helping me I start to see more clearly:
/etc/sysctl.conf vfs.usermount = 1 is already present
in the file I just commented in /boot/loader.conf autofs_load = YES
And I see that in /etc/rc.conf autofs_enable = YES I should deactivate too
I will review all this, reboot and try again!

 

[fjdlr]

Take a look at vermaden's nice guide on automounting to find a solution what meets your demands..

Yes his site is precious, vermaden I have read and apply (not good) his tutorial.
because if I understood several contradictory directives in my rc files, I will regularize and arrive at something correct.
I have work to correct some linuxisms
Thank you again for your help.

 

[twllnbrck]

When you use sysutils/automount you should configure it via /usr/local/etc/automount.conf.

I think you were getting confused with sysutils/automount which is a 3rd party package/port and the freebsd native automount which consists of the automounter filesystem autofs(5) and the daemon for handling automountd(8). These are two different approaches to automounting on FreeBSD. But I wont recommend the latter solution for desktop use.

Since you have installed sysutils/automount start to configure it. First delete or outcomment all autofs, automount and automountd lines in /etc/rc.conf and /boot/loader.conf.
Then edit your /usr/local/etc/automount.conf file. Mine looks like this:

USERUMOUNT=YES
ATIME=NO
REMOVEDIRS=YES
FM="pcmanfm"
USER=InsertYourUserName
ENCODING=en_US.UTF-8
CODEPAGE=cp858

Insert your username, filemanager and encoding. Thats it!

For additional filesystem support install fusefs-exfat (exFAT), fusefs-ntfs (NTFS), fusefs-simple-mtpfs and x11/zenity (MTP), fusefs-ext4fuse (ext4), fusefs-lkl (XFS), fusefs-hfsfuse (HFS) depending on your needs

 

[fjdlr]

When you use sysutils/automount you should configure it via /usr/local/etc/automount.conf.

I think you were getting confused with sysutils/automount which is a 3rd party package/port and the freebsd native automount which consists of the automounter filesystem autofs(5) and the daemon for handling automountd(8). These are two different approaches to automounting on FreeBSD. But I wont recommend the latter solution for desktop use.

Since you have installed sysutils/automount start to configure it. First delete or outcomment all autofs, automount and automountd lines in /etc/rc.conf and /boot/loader.conf.
Then edit your /usr/local/etc/automount.conf file. Mine looks like this:

USERUMOUNT=YES
ATIME=NO
REMOVEDIRS=YES
FM="pcmanfm"
USER=InsertYourUserName
ENCODING=en_US.UTF-8
CODEPAGE=cp858

Insert your username, filemanager and encoding. Thats it!

For additional filesystem support install fusefs-exfat (exFAT), fusefs-ntfs (NTFS), fusefs-simple-mtpfs and x11/zenity (MTP), fusefs-ext4fuse (ext4), fusefs-lkl (XFS), fusefs-hfsfuse (HFS) depending on your needs

Thank you, I just applied your instructions, and the tutorial vermaden but I still have the message "unmount not permitted" (for user).
Inserting the usb disk after the user login
in the output tail /var/log/automount.log:

/ dev / da0: attach
/ dev / da0: filesystem not supported or no filesystem
/ dev / da0p1: random wait for '0.4' seconds before 'attach' action
/ dev / da0p1: attach
/ dev / da0p1: fsck_ufs ** / dev / da0p1
/ dev / da0p1: fsck_ufs FILE SYSTEM CLEAN; SKIPPING CHECKS
/ dev / da0p1: clean fsck_ufs, 18389598 free (1158 frags, 2298555 blocks, 0.0% fragmentation)
/ dev / da0p1: mount (ufs)

maybe the FS UFS does not allow disassembly by the user?
I do not need fat or ntfs or ext2, so UFS is for me the best choice

 

[twllnbrck]

maybe the FS UFS does not allow disassembly by the user?

It has nothing to do with ufs. To let users mount filesystems you have to set the sysctl vfs.usermount to 1. Users can then mount any device they have permission to access on a mountpoint they own. So your user can not mount at /media, but he could mount on /home/YourUser/media. Anyway, automounting differ in detail but is in the broadest sense related to this.

What have you put in your /etc/devfs.conf and /etc/devfs.rules? And if you specified any rules, have you enabled them in /etc/rc.conf? What does your /usr/local/etc/automount.conf look like?

 

[fjdlr]

It has nothing to do with ufs. To let users mount filesystems you have to set the sysctl vfs.usermount to 1. Users can then mount any device they have permission to access on a mountpoint they own. So your user can not mount at /media, but he could mount on /home/YourUser/media. Anyway, automounting differ in detail but is in the broadest sense related to this.

What have you put in your /etc/devfs.conf and /etc/devfs.rules? And if you specified any rules, have you enabled them in /etc/rc.conf? What does your /usr/local/etc/automount.conf look like?

Ok and thank you again, my /etc/sysctl.conf:

kern.vt.enable_bell=0
vfs.usermount=1
kern.coredump=0
kern.ipc.shm_allow_removed=1
kern.ipc.shmmax=67108864
kern.ipc.shmall=32768
kern.sched.preempt_thresh=224
kern.maxfiles=200000
# Disable PC Speaker
hw.syscons.bell=0

my /etc/devfs.conf

    # Allow all users to access optical media
perm    /dev/acd0       0666
perm    /dev/acd1       0666
perm    /dev/cd0        0666
perm    /dev/cd1        0666
 recipient_maps     
   #  Allow all USB Devices to be mounted
perm    /dev/da0        0666
perm    /dev/da1        0666
perm    /dev/da2        0666
perm    /dev/da3        0666
perm    /dev/da4        0666
perm    /dev/da5        0666
perm    /dev/da0p*        0666   
    # Misc other devices
perm    /dev/pass0      0666
perm    /dev/xpt0       0666
perm    /dev/uscanner0  0666
perm    /dev/video0     0666
perm    /dev/tuner0     0666
perm    /dev/dvb/adapter0/demux0    0666
perm    /dev/dvb/adapter0/dvr       0666
perm    /dev/dvb/adapter0/frontend0 0666

my /etc/devfs.rules

[devfsrules_common=7]
add path 'da*'  mode 0666 group operator
add path 'da*s*' mode 0666 group operator
add path 'da*p*' mode 0666 group operator
add path 'cd*'  mode 0666 group operator
add path 'uscanner*' mode 0666 group operator
add path 'xpt*'  mode 660 group operator
add path 'pass*' mode 666 group operator
add path 'md*'  mode 0660 group operator
add path 'msdosfs/*' mode 0660 group operator
add path 'ext2fs/*' mode 0660 group operator
add path 'usb/*' mode 0670 group operator

my /etc/rc.conf

allscreens_flags="green"
clear_tmp_enable="YES"
keymap="fr.acc.kbd"
sshd_enable="YES"
ntpdate_enable="yes"
powerd_enable="NO"
dumpdev="NO"
ntpd_sync_on_start="yes"
devfs_system_ruleset="localrules"
fsck_y_enable="YES"
microcode_update_enable="YES"
powerdxx_enable="YES"
fusefs_enable="YES"
dbus_enable="YES"
mixed_enable="YES"
devfs_system_ruleset="devfsrules_common"
postfix_enable="YES"

and my /usr/local/etc/automount.conf

#MNTPREFIX="/media"
USERMOUNT=YES
USER=jose
ATIME=NO
REMOVEDIRS=YES
ENCODING=fr_FR.UTF-8
FM="pcmanfm"
CODEPAGE=cp858

For the automount everything is ok, the rights write an read ok
mount point /media/daop1
chown -R user: operator

 

[twllnbrck]

Okay, at first glance sysctl.conf, devfs.conf and automount.conf look good.
In /etc/rc.conf you have loaded 2 rulesets but have only 1 specified in /etc/devfs.rules (devrules_common). Uncomment devfs_system_ruleset="localrules".
And in /etc/devfs.rules you use two ruleset actions ( mode and group) within a line. Set one action per line e.g.

# Change group owner of devices
add path 'da[0-9]\*' group operator
# Assign permissions to the devices in octal form
add path 'da[0-9]\*' mode 0666

 

[SirDice]

There's no point in adding a user to the operator group if you set all the permissions to 0666. Those permissions will allow any account and any process unfettered read/write access to your disks. That's probably not what you intended and would actually be a severe security risk. The whole point of using the operator group and setting permissions for that group is to limit and control the access so only members of that group are able to read/write to those devices.

It's like putting a big massive iron gate on your front door and leaving the keys hanging right next to it.

 

[fjdlr]

Okay, at first glance sysctl.conf, devfs.conf and automount.conf look good.
In /etc/rc.conf you have loaded 2 rulesets but have only 1 specified in /etc/devfs.rules (devrules_common). Uncomment devfs_system_ruleset="localrules".
And in /etc/devfs.rules you use two ruleset actions ( mode and group) within a line. Set one action per line e.g.

# Change group owner of devices
add path 'da[0-9]\*' group operator
# Assign permissions to the devices in octal form
add path 'da[0-9]\*' mode 0666

I just made the necessary changes and always the msg box:

umount: unmount of / media / da0p1 failed: Operation not permitted

Good I continue to search, thank you for your help

 

[fjdlr]

There's no point in adding a user to the operator group if you set all the permissions to 0666. Those permissions will allow any account and any process unfettered read/write access to your disks. That's probably not what you intended and would actually be a severe security risk. The whole point of using the operator group and setting permissions for that group is to limit and control the access so only members of that group are able to read/write to those devices.

It's like putting a big massive iron gate on your front door and leaving the keys hanging right next to it.

Hello, thank you for your help
I know that giving bad rights or execivs, is not the right method.
This is a personal machine in my house, only used by me, access is restraint, no one will come with a usb stick, it is on the second floor.
Of course for a production machine must not have rights 0666
Sorry for my english

 

[Beastie]

I know that giving bad rights or execivs, is not the right method.
This is a personal machine in my house, only used by me, access is restraint, no one will come with a usb stick, it is on the second floor.
Of course for a production machine must not have rights 0666

That's not the point. The point is that, aside from being terrible securitywise, it just does not serve any good purpose. 0660 would be more appropriate. As usual the Handbook comes to the rescue.

 

[fjdlr]

Hi, now everything is ok, the problem came from the file:
/usr/local/etc/devd/automount_devd.conf
I added some "bugs"
I reinstalled pkg automount 1.5.8 and umount users right are ok
Thank you very much Lanakus for your help and your patient
Merci !

 

[fjdlr]

That's not the point. The point is that, aside from being terrible securitywise, it just does not serve any good purpose. 0660 would be more appropriate. As usual the Handbook comes to the rescue.

Okay considering that the user is in the operator group I give the right rights 0660 and I would see the use, thank you all for helping me