mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-18 22:15:46 +01:00
Add "-media" autofs map, to access data on removable media, such as CD
drives or flash keys. It can be enabled by uncommenting a single entry in default /etc/auto_master. It can also be easily modified to use fuse-based filesystems instead of in-kernel ones. There is still one deficiency - the mountpoints are permanent, they don't disappear when user removes the media. Fixing it needs some autofs changes. Differential Revision: https://reviews.freebsd.org/D1210 MFC after: 1 month Sponsored by: The FreeBSD Foundation
This commit is contained in:
parent
be3a49ee62
commit
d0ff09c9c0
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=275681
@ -3,3 +3,6 @@
|
||||
# Automounter master map, see auto_master(5) for details.
|
||||
#
|
||||
/net -hosts -nobrowse,nosuid
|
||||
# When using the -media special map, make sure to edit devd.conf(5)
|
||||
# to move the call to "automount -c" out of the comments section.
|
||||
#/media -media -nosuid
|
||||
|
@ -1,6 +1,6 @@
|
||||
# $FreeBSD$
|
||||
|
||||
FILES= include_ldap special_hosts special_null
|
||||
FILES= include_ldap special_hosts special_media special_null
|
||||
|
||||
NO_OBJ=
|
||||
FILESDIR= /etc/autofs
|
||||
|
93
etc/autofs/special_media
Executable file
93
etc/autofs/special_media
Executable file
@ -0,0 +1,93 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
# Print newline-separated list of devices available for mounting.
|
||||
# If there is a filesystem label - use it, otherwise use device name.
|
||||
print_available() {
|
||||
local _fstype _fstype_and_label _label _p
|
||||
|
||||
for _p in ${providers}; do
|
||||
_fstype_and_label="$(fstyp -l "/dev/${_p}" 2> /dev/null)"
|
||||
if [ $? -ne 0 ]; then
|
||||
# Ignore devices for which we were unable
|
||||
# to determine filesystem type.
|
||||
continue
|
||||
fi
|
||||
|
||||
_fstype="${_fstype_and_label%% *}"
|
||||
if [ "${_fstype}" != "${_fstype_and_label}" ]; then
|
||||
_label="${_fstype_and_label#* }"
|
||||
echo "${_label}"
|
||||
continue
|
||||
fi
|
||||
|
||||
echo "${_p}"
|
||||
done
|
||||
}
|
||||
|
||||
# Print a single map entry.
|
||||
print_one() {
|
||||
local _fstype _fstype_and_label _label _key _p
|
||||
|
||||
_key="$1"
|
||||
|
||||
_fstype="$(fstyp "/dev/${_key}" 2> /dev/null)"
|
||||
if [ $? -eq 0 ]; then
|
||||
echo "-fstype=${_fstype},nosuid :/dev/${_key}"
|
||||
return
|
||||
fi
|
||||
|
||||
for _p in ${providers}; do
|
||||
_fstype_and_label="$(fstyp -l "/dev/${_p}" 2> /dev/null)"
|
||||
if [ $? -ne 0 ]; then
|
||||
# Ignore devices for which we were unable
|
||||
# to determine filesystem type.
|
||||
continue
|
||||
fi
|
||||
|
||||
_fstype="${_fstype_and_label%% *}"
|
||||
if [ "${_fstype}" = "${_fstype_and_label}" ]; then
|
||||
# No label, try another device.
|
||||
continue
|
||||
fi
|
||||
|
||||
_label="${_fstype_and_label#* }"
|
||||
if [ "${_label}" != "${_key}" ]; then
|
||||
# Labels don't match, try another device.
|
||||
continue
|
||||
fi
|
||||
|
||||
echo "-fstype=${_fstype},nosuid :/dev/${_p}"
|
||||
done
|
||||
|
||||
# No matching device - don't print anything, autofs will handle it.
|
||||
}
|
||||
|
||||
# Obtain a list of (geom-provider-name, access-count) pairs, turning this:
|
||||
#
|
||||
# z0xfffff80005085d00 [shape=hexagon,label="ada0\nr2w2e3\nerr#0\nsector=512\nstripe=0"];
|
||||
#
|
||||
# Into this:
|
||||
#
|
||||
# ada0 r2w2e3
|
||||
#
|
||||
# XXX: It would be easier to use kern.geom.conftxt instead, but it lacks
|
||||
# access counts.
|
||||
pairs=$(sysctl kern.geom.confdot | sed -n 's/^.*hexagon,label="\([^\]*\)\\n\([^\]*\).*/\1 \2/p')
|
||||
|
||||
# Obtain a list of GEOM providers that are not already open - not mounted,
|
||||
# and without other GEOM class, such as gpart, attached. In other words,
|
||||
# grep for "r0w0e0". Skip providers with names containing slashes; we're
|
||||
# not interested in geom_label(4) creations.
|
||||
providers=$(echo "$pairs" | awk '$2 == "r0w0e0" && $1 !~ /\// { print $1 }')
|
||||
|
||||
if [ $# -eq 0 ]; then
|
||||
print_available
|
||||
exit 0
|
||||
fi
|
||||
|
||||
print_one "$1"
|
||||
exit 0
|
||||
|
@ -318,4 +318,16 @@ notify 0 {
|
||||
action "/usr/local/etc/rc.d/postgresql restart";
|
||||
};
|
||||
|
||||
# Discard autofs caches, useful for the -media special map. The one
|
||||
# second delay is for GEOM to finish tasting.
|
||||
#
|
||||
# XXX: We should probably have a devctl(4) event that fires after GEOM
|
||||
# tasting.
|
||||
#
|
||||
notify 100 {
|
||||
match "system" "DEVFS";
|
||||
match "cdev" "(da|mmcsd)[0-9]+";
|
||||
action "sleep 1 && /usr/sbin/automount -c";
|
||||
};
|
||||
|
||||
*/
|
||||
|
@ -27,7 +27,7 @@
|
||||
.\"
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd November 21, 2014
|
||||
.Dd November 22, 2014
|
||||
.Dt AUTO_MASTER 5
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -213,14 +213,17 @@ Supported special maps are:
|
||||
.Pp
|
||||
.Bl -tag -width "-hosts" -compact
|
||||
.It Li -hosts
|
||||
This map queries the remote NFS server and maps exported volumes.
|
||||
It is traditionally mounted on
|
||||
Query the remote NFS server and map exported shares.
|
||||
This map is traditionally mounted on
|
||||
.Pa /net .
|
||||
It enables access to files on a remote NFS server by accessing
|
||||
Access to files on a remote NFS server is provided through the
|
||||
.Pa /net/nfs-server-ip/share-name/
|
||||
directory, without the need for any further configuration.
|
||||
directory without any additional configuration.
|
||||
.It Li -media
|
||||
Query devices that are not yet mounted, but contain valid filesystems.
|
||||
Generally used to access files on removable media.
|
||||
.It Li -null
|
||||
This map prevents the
|
||||
Prevent
|
||||
.Xr automountd 8
|
||||
from mounting anything on the mountpoint.
|
||||
.El
|
||||
|
Loading…
Reference in New Issue
Block a user