SUMMARY: newfs (on floppy disks)

From: Robert J. Cronin (
Date: Tue Jan 11 1994 - 03:37:53 CST

X-Sun-Data-Type: text
X-Sun-Data-Description: text
X-Sun-Data-Name: text
X-Sun-Content-Lines: 86

The answers are in...

It doesn't appear newfs can be coerced into changing its behavior with
regard to filesystem top level directory ownership or permissions.

I liked Rick Heaton's advice the best:

> I don't think you can get newfs to do that, BUT:
> If you already have a suid "C" program to do the mounting, you could
> have it check the ownership. If the owner is root, change the owner to
> be the user who mounts it this first time. That way, other users can't
> mount and change the floppy (unless, of course, they know more than the
> average personnel manager about Unix) once it has been mounted for the
> first time.

This seems the safest work-around and gives the most desirable
results. (I might consider chmod 700 as well.)

Two of the respondents asked for the public domain program for end-user
mounts. I have included the source code which is quite compact. I
believe I hand typed it from a magazine article, and modified it
slightly to make it floppy disk specific.

Much thanks to:

>From: Larry Belvin <> Christoph Rothlin Rick Heaton
>From: (james mularadelis)
>From: (Jay Novello)
>From: (SrA Bruce R Baier)
>From: bernards@ECN.NL (Marcel Bernards)
pluto! Perry Hutchison Ilan Hochman

Bob Cronin


> Environment: SunOS 4.1.1 & 4.1.3
> SPARCstations
> We are trying to make it easy for our users to format, newfs, and mount
> UNIX filesystem floppy disks. (So managers can keep personnel type
> files off-line, etc.)
> Mounting of floppies by end-users has been taken care of with a (public
> domain) suid "C" program.
> My LAST obstacle is trying to get write permission for the user on the
> mounted floppy. For whatever reason, '/usr/etc/newfs' makes the top
> level directory root owned with 755 permissions. Therefore, the user
> can not write files to the floppy when it is mounted.
> My script (which is called from the user's OpenWindows menu) looks like this:
> #!/bin/sh
> #
> #
> umask 000
> echo 'Laying down UNIX format on floppy...'
> /usr/ucb/yes | fdformat | sed -e 's/Press ret.*/UNIX format complete./'
> echo 'Installing UNIX filesystem on floppy...'
> /usr/etc/newfs /dev/rfd0c && echo 'Filesystem installation complete.'
> #
> #
> #
> I had my hopes up that newfs would respect the umask setting, but
> apparently not. (Incidentally, the man page says "You must be
> super-user to use this command.", but this is not the case.)
> Can anyone help me get newfs to give 777 permisions to, or user
> ownership of, the top level directory?
X-Sun-Data-Type: c-file
X-Sun-Data-Name: Mount.c
X-Sun-Content-Lines: 147

/* !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
*** Program: Extra-Root Mount (Umount)
*** Copyleft, 1991 by Don Trimmer, Delta Microsystems, Inc.
*** (Distribute freely and do not restrict use if incorporated in
your own software.)
*** Purpose: Allows anyone to mount/umount file systems from
                specified devices, while preventing anyone except
                root (superuser) from mount/umounting other file
*** Usage: Mount args
                Umount args
                args: Normal mount/umount arguments
*** Notes: The following shell script builds the executable:
                # The following two lines build a test version. To
                # build the real version, comment out the next two
                # lines and remove the leading '# ' from the
                # following two commands:
                echo "Compiling test version (echo mount arguments)"
                cc -DTEST -o Mount Mount.c
                # echo "Compiling and loading Mount"
                # cc -o Mount Mount.c
                echo "Changing Mount ownership and permissions"
                chown root Mount
                chmod 4555 Mount
                echo "Linking Umount to Mount
                /bin/rm Umount | echo -n ""
                ln Mount Umount
                /bin/ls -l Mount Umount
                echo "Done!"
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! */
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/param.h>
#include <errno.h>

#define CLEAR 0
#define SET 1
#define REEXPLEN 80
#define NEWMOUNTCOM "mount_floppy"
#define NEWUMOUNTCOM "umount_floppy"

#ifdef TEST
#define MOUNTCOM "echo"
#define UMOUNTCOM "echo"
#define MOUNTPATH "/bin/"
#define UMOUNTPATH "/bin/"
#else TEST
#define MOUNTCOM "mount"
#define UMOUNTCOM "umount"
#define MOUNTPATH "/usr/etc/"
#define UMOUNTPATH "/usr/etc/"
#endif TEST

/* "devices" is an array of strings. Each string is a regular ex-
pression which matches a device that everyone will be allowed to
mount or unmount. An arbitrary number of regular expressions may be
defined. The last entry should be a NULL string (""). The following
example allows everyone to mount all partitions from devices
/dev/smo0, /dev/smo1, and the a, g, and h partitions from device
/dev/smo2. */

char devices[][REEXPLEN] = {
/* "/dev/smo[0-1][a-h]",
        "/dev/smo2[agh]", */

main(argc,argv) int argc; char *argv[]; {
        int i,j,k; /* Index */
        int ValidatedFlag=CLEAR; /* OK to proceed flag */
        char Path[MAXPATHLEN]; /* Path of mount/umount */
        char Name[MAXPATHLEN]; /* mount or umount */
        struct stat stbuf; /* File status structure */

        if(getuid()) {
                /* UID not root, so validate permission */
                for(i=0;devices[i][0] && !ValidatedFlag;i++) {
                        if(re_comp(devices[i])) {
                                "%s %s (errno=%d)\n",
                                "Can't compile regular expression",
                        for(j=1;j<argc;j++) {
                                if(re_exec(argv[j]) == 1) {
                                        /* Match found */
                                        ValidatedFlag = SET;
                if(ValidatedFlag) {
                        * Check to make sure no other arguments
                        * are block special files in case someone
                        * is trying to fake us out.
                        for(k=1;k<argc;k++) {
                                if(k == j)
                                if(!stat(argv[k],&stbuf)) {
#ifdef S_ISBLK
                                if(S_ISBLK(stbuf.st_mode)) {
                                if(S_IFBLK & stbuf.st_mode) {
                                        /* AHA! A Hacker!! */
                                        ValidatedFlag = CLEAR;
                                } /* } */

        if(!ValidatedFlag) {
                fprintf(stderr, "Permission denied.\n");

* If we got here, OK to perform (u)mount. Build mount/umount
* command and reset argv[0] to point at new command name

if(!strcmp(argv[0],NEWMOUNTCOM)) {
} else {

argv[0] = Name;

/* Should never get here */
fprintf(stderr,"Error exec'ing command (errno=%d)\n",errno);

This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:08:54 CDT