Jump to content

I can't disable automount in Ubuntu 14.04

Wamukota

By Wamukota
in Bruno's All Things Linux

 Share

Recommended Posts

Wamukota

Wamukota

Posted
Posted

Hey guys,

 

I am using Ubuntu 14.04. I need to disable the automount for USB and CD on a per user basis, so that I have full automount, but the guest accounts don't.

 

I thought I'd go to System > Administration > Users and Groups, then select the user and head to the Advanced Settings > User Privileges tab and

uncheck the boxes corresponding to the Access External Storage Devices Automatically option, the Mount Userspace Filesystems, and Use CD-ROM Drives option, so that when mounting anything, a password would be required.

 

But, unless I am mistaken, (which at my age is a possiblity ;) ) I do not find anything that resembles a Users and Group entry in Unity

 

I find User Account in the System Settings, but there is no advanced settings button and obviously no way to alter the settings of the guest user, except his login settings.

 

I could install KUser , but I hate to drag in half of KDE just for such a basic thing.

 

Anyone?

Link to comment
Share on other sites
V.T. Eric Layton

V.T. Eric Layton

Posted
Posted

Alain! How are you? Long time, no see...

 

It's been a while since I had a Debian-based system up and running on any of my machines. However, I can tell you about an old trick that Bruno taught me. I've used it in all my setups ever since. If you want specific access to auto-mounted devices/partitions, you can create directories within your own personal home directory and then use the fstab configuration file to over-ride all auto-mount options by directing it to auto-mount the devices/partitions in question on your /home/alain/.

 

For example, I mount a common partition between my Windows/Linux installations within my own home directory like this:

 

Partition: /dev/sdb2

Mount point: /home/vtel57/vtel57_common

Permissions: ls -l /home/vtel57/vtel57_common --> drwx------ 17 vtel57 users 16384 Dec 31 1969 vtel57_common

/etc/fstab entry: /dev/sdb2 /home/vtel57/vtel57_common vfat rw,uid=vtel57 0 0

 

I'm not for sure/certain with regards to Ubuntu that this will work. It won't hurt to try it. Just make an fstab backup before you edit.

 

Luck!

 

~Eric

Link to comment
Share on other sites
Wamukota

Wamukota

Posted
  • Author
Posted

Hoi Eric,

 

yes, long time no see. Had some other stuff to do and being retired means less time for me... :D

 

I didn't explain my problem well enough I think. What I am doing is, that I am writing a topic for my blog about hardening your Linux Desktop Environment. One of the topics is preventing 'the other unknown passant' from gaining access to your system using pen-drives and CD's using the automount feature.

 

Alas, in Unity, I cannot find the tools to modify the users rights. The tool 'User and Groups' seems to be gone. And my target group are not the ones who will switch to a terminal and start hitting keys on the command-line.

 

I used to do it in earlier versions of Ubuntu. Strange...

Link to comment
Share on other sites
Wamukota

Wamukota

Posted
  • Author
Posted (edited)

Urmas,

 

you found it. Thanks a lot. :clap2:

 

I wonder why I didn't find this website. Anyhow, So Long, and Thanks for All the Fish

Edited by Wamukota
  • Like 2
Link to comment
Share on other sites
Hedon James

Hedon James

Posted
Posted

You're on the right track Wamukota, but Ubuntu doesn't install the advanced settings for users/groups by default. Urmas' link is exactly what you're looking for, FWIW!

Link to comment
Share on other sites
V.T. Eric Layton

V.T. Eric Layton

Posted
Posted

Alain,

 

Bottom line here is if I have physical access to your machine, "all your data are mine," as the old saying goes. I can access anything on your hard drives with a portable Linux on a USB flash drive. Your only defense against that, as far as I know, is to encrypt your data or disable booting from external devices in your BIOS or EUFI (if you have that option).

 

Or, maybe I'm still not understanding fully what you're trying to communicate to us here???

 

EDIT: Trust ol' Urmie to find anything related to Ubuntu. :w00t:

  • Like 1
Link to comment
Share on other sites
Wamukota

Wamukota

Posted
  • Author
Posted

Eric,

 

yes, I know that once you gain physical access to my box, you'll take off with my deepest and dirtiest secrets. :drooling:

 

But the point is that most people are unaware that even a Linux box, is only as safe as you make it. Some little hardening can be done even by new ex-XP Linux users.

 

So, I am only showing the guys who follow me on my blog, that little tweaks can make it just that tiny bit harder for a cracker that he'd rather be off to another machine, instead of waisting time or lacking the will to persue his 'drive-by' attack.

 

One of the things is preventing the automount, but I couldn't figure out where on earth Unity had hidden the User & Groups front end and when stuck, you call in the help of the people who know where to find what you couldn't find.

 

I am happy that I'll be able to finish my post this weekend.

 

CU

 

A.J.

  • Like 1
Link to comment
Share on other sites
securitybreach

securitybreach

Posted
Posted

Alain,

 

Bottom line here is if I have physical access to your machine, "all your data are mine," as the old saying goes. I can access anything on your hard drives with a portable Linux on a USB flash drive. Your only defense against that, as far as I know, is to encrypt your data or disable booting from external devices in your BIOS or EUFI (if you have that option).

 

Or you simply use a bios password so it asks when you turn it on before booting anything.

  • Like 1
Link to comment
Share on other sites
Wamukota

Wamukota

Posted
  • Author
Posted

I often go to a computer fair where together with some mates we set up a little desk, roll-out our laptops en try to make the passers-by aware that Windows only holds a small portion of the world.

We all run different flavors of Linux and people are free to 'play' on the boxes. You'd be amazed at how many of them try to insert a pendrive in the machines. I don't care what is on the pendrive, as the account active at that time is locked down and there is no data on the box. The pendrive is not recognized nor mounted automagically.

 

One of my buddies was running Ubuntu and had taken his laptop to the fair, created a new account, but didn't know that his personal $HOME folder was open to the world, as is standard by Ubuntu (drwxr-xr-x rights). It took 1 guy a few seconds to be browsing in his personal stuff. Thay was an eye-opener for me, and since then I began to look in the default safety settings of Linux, and was amazed how 'open' (pun intended) my OS was.

I try to lock-down my account, not because I have earth scattering stuff on it, but because I hate to lose time by having to go through everything to see if nothing was tampered with, or something was inserted (like child porn) while my laptop is on display.

 

All my lessons learned are put into laymans terms on my blog, as most of the guys visiting my site are visitors on Seniorennet (a website dedicated to the 50+ ) and are more like 60 or 70 than 30.

 

It is a fun thing. I have to do research, learn quite a lot, and I can help someone else.

  • Like 1
Link to comment
Share on other sites
Wamukota

Wamukota

Posted
  • Author
Posted

I always wonder if the topics I write on my blog http://baudrez.be should be translated in English.

 

Translating the text isn't that hard, but all screenshots are from Dutch localized distros. I would have to make a second user on my box and have it use English en redo all the shots.

And probably all I wrote is already available on an English page somewhere in cyberspace.

 

that beind the case, you shouldn't brush up your foreign language skills...

  • Like 2
Link to comment
Share on other sites
V.T. Eric Layton

V.T. Eric Layton

Posted
Posted

It would be a lot of work. I'd read it if you did it, though. :)

 

Eventually, the entire world will be speaking Chinese. That'll make it easier, huh? ;)

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...