RHEL5 Mount USB readonly for security
Can anyone help with how to automount USB devices read-only for security? I've hunted around and I can't find a clear answer and my various attempts have failed. Here's where I'm at which isn't working.
I have RHEL5 and from what I can tell HALD manages the automounting. HAL seems to have 2 primary directories:
/etc/hal/fdi
-and-
/usr/share/hal/fdi
The difference between the two is unclear to me.
Based on some examples, I created the following file:
--------------------
<?xml version="1.0" encoding="UTF-8"?> <!-- -*- SGML -*- -->
<deviceinfo version="0.2">
<device>
<match key="@block.storage_device:storage.bus" string="usb">
<merge key="volume.policy.mount_option.ro" type="bool">true</merge>
</match>
</match>
</device>
</deviceinfo>
--------------------
No matter what I call this file or where I put it, any USB device still mounts RW. How do I fix this? (Note, I'm looking for the generic solution for any USB device, so I'm not looking to hardcode something into /etc/fstab.)
Thanks.
Responses
Hi Jerry,
hald is not the right spot to look at - try udev and implement a udev rule for the specific disc, mounting it read only.
Here is a good read how to do it:
http://www.redhat.com/magazine/002dec04/features/udev/
Cheers
Marko
Jerry,
If you are still in trouble have a look at /etc/auto.misc
maybe you can put an entry in there similar to
cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
James
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.