Adding a user to sudoers file to allow mount & umount

Support for security such as Firewalls and securing linux
Post Reply
pasan
Posts: 2
Joined: 2012/01/20 05:10:43

Adding a user to sudoers file to allow mount & umount

Post by pasan » 2012/01/20 05:47:38

Hi everyone, this is my first post on this forum. Over the past couple of days I installed CentOS 6.2 and slowly made my way through configuring the system to my everyday use. I am having a small issue with configuring the sudoers file to allow a non-admin user to use mount and umount commands.
Now the user by default belongs to the user group like say john:john so I entered the following into the sudoers file.

%john ALL=(root) NOPASSWD:/bin/mount
%john ALL=(root) NOPASSWD:/bin/umount

And when I go try to use the command mount as the user john I get:

mount: only root can do that

What am I doing wrong? Would it have something to do with selinux policy? Previously I have done this in Fedora exactly the same way, but the difference being I added the user to a new group and used that group in the suders file. Also on that machine I was running selinux in permissive mode. Any help would be great as I'm not sure what is causing this.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Adding a user to sudoers file to allow mount & umount

Post by TrevorH » 2012/01/20 09:42:40

Is there something wrong with the "user" option in /etc/fstab for this file system?

pschaff
Retired Moderator
Posts: 18276
Joined: 2006/12/13 20:15:34
Location: Tidewater, Virginia, North America
Contact:

Adding a user to sudoers file to allow mount & umount

Post by pschaff » 2012/01/20 20:22:46

I don't see anything wrong with the sudoers syntax. Are you editing the file with [b]visudo[/b]? Are you sure the group is valid? You could try [b]visudo -s[/b] for strict checking. Have you tried just the user name?
[code]john ALL=(root) NOPASSWD: /bin/mount
john ALL=(root) NOPASSWD: /bin/umount[/code]

pasan
Posts: 2
Joined: 2012/01/20 05:10:43

Re: Adding a user to sudoers file to allow mount & umount

Post by pasan » 2012/01/24 06:24:46

Yeah the syntax is correct. I tried creating a separate group and adding that to sudoers syntax no avail. Also set selinux to permissive mode and still get permission denied. So it is not that either. For some reason my system is hell bent on only root being able to mount/umount :S

r_hartman
Posts: 711
Joined: 2009/03/23 15:08:11
Location: Netherlands
Contact:

Re: Adding a user to sudoers file to allow mount & umount

Post by r_hartman » 2012/01/24 08:43:20

[quote]
pasan wrote:
And when I go try to use the command mount as the user john I get:

mount: only root can do that[/quote]

It would have been more helpful to provide the command with the error, like
[code]$ mount /dev/cdrom /mnt/cdrom
mount: only root can do that[/code]
as I supect this is what you did. 'mount' will not suddenly magically work just because you are 'john', who happens to be in the sudoers file.

What you should have done is
[code]$ sudo mount /dev/cdrom /mnt/cdrom[/code]

Post Reply