Announcement

Collapse
No announcement yet.

How to mount a certain thumb drive as read-only every time in Linux

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    How to mount a certain thumb drive as read-only every time in Linux

    Hi,

    I'm running Linux OpenSuSE Tumbleweed and I have a certain thumb drive that I want to automount but I want it mounted as read-only. I only want that thumb drive mounted read-only. I want other thumb drives mounted as read-write. The filesystem is FAT32.

    I think I can accomplish what I want using a custom udev rule.

    I create the file /etc/udev/rules.d/10-usbkey.rules and add the following text:
    Code:
    SUBSYSTEMS=="usb", ATTRS{manufacturer}=="Kingston", ATTRS{product}=="DataTraveler 2.0", ATTRS{serial}=="<my serial number>", MODE="0555"
    Where <my serial number> is the actual serial number of the thumb drive.

    I grabbed those values from running:
    Code:
    root@eugene:[/]# udevadm info -a -n /dev/sdc1
    ...
     looking at parent device '/devices/pci0000:00/0000:00:1d.7/usb5/5-1':
      KERNELS=="5-1"
      SUBSYSTEMS=="usb"
      DRIVERS=="usb"
      ATTRS{authorized}=="1"
      ATTRS{avoid_reset_quirk}=="0"
      ATTRS{bConfigurationValue}=="1"
      ATTRS{bDeviceClass}=="00"
      ATTRS{bDeviceProtocol}=="00"
      ATTRS{bDeviceSubClass}=="00"
      ATTRS{bMaxPacketSize0}=="64"
      ATTRS{bMaxPower}=="200mA"
      ATTRS{bNumConfigurations}=="1"
      ATTRS{bNumInterfaces}==" 1"
      ATTRS{bcdDevice}=="0110"
      ATTRS{bmAttributes}=="80"
      ATTRS{busnum}=="5"
      ATTRS{configuration}==""
      ATTRS{devnum}=="6"
      ATTRS{devpath}=="1"
      ATTRS{idProduct}=="1d00"
      ATTRS{idVendor}=="13fe"
      ATTRS{ltm_capable}=="no"
      ATTRS{manufacturer}=="Kingston"
      ATTRS{maxchild}=="0"
      ATTRS{product}=="DataTraveler 2.0"
      ATTRS{quirks}=="0x0"
      ATTRS{removable}=="unknown"
      ATTRS{serial}=="<my serial number>"
      ATTRS{speed}=="480"
      ATTRS{urbnum}=="3585"
      ATTRS{version}==" 2.00"
    ...
    I reload the udev rules by running:
    Code:
    udevadm control --reload-rules
    I pop the thumb drive in and it gets mounted as read-write, not read-only. Mount shows:
    Code:
    /dev/sdc1 on /run/media/spork/SSH KEYS type vfat (rw,nosuid,nodev,relatime,uid=1000,gid=100,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,showexec,utf8,flush,errors=remount-ro,uhelper=udisks2)
    When I run udevadm test $(udevadm info -q path -n /dev/sdc1) I can see where my 10-usbkey.rules gets loaded and processed, but when I plug in the thumb drive, mount still shows it as read-write, not read-only.

    Any ideas what I'm doing wrong?

    Thanks!
    Last edited by Spork Schivago; 01-19-2017, 04:19 PM.
    -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full

    #2
    Re: How to mount a certain thumb drive as read-only every time in Linux

    try this ..
    insert usb drive ..
    let it open to see files ..
    right click on empty space . select properties .then select permissions ..
    might not work sorry ..i just tried it ..
    Last edited by petehall347; 01-19-2017, 04:17 PM.

    Comment


      #3
      Re: How to mount a certain thumb drive as read-only every time in Linux

      Here's the output from udevadm test:
      Code:
      root@eugene:[/]# udevadm test $(udevadm info -q path -n /dev/sdc1)
      ...
      Parsed configuration file /usr/lib/systemd/network/99-default.link
      Created link configuration context.
      timestamp of '/etc/udev/rules.d' changed
      Reading rules file: /usr/lib/udev/rules.d/10-dm.rules
      Reading rules file: /run/udev/rules.d/10-root-symlink.rules
      Reading rules file: /etc/udev/rules.d/10-usbkey.rules
      Reading rules file: /usr/lib/udev/rules.d/11-dm-lvm.rules
      Reading rules file: /usr/lib/udev/rules.d/13-dm-disk.rules
      Reading rules file: /usr/lib/udev/rules.d/40-libgphoto2.rules
      Reading rules file: /usr/lib/udev/rules.d/40-usb-blacklist.rules
      Reading rules file: /usr/lib/udev/rules.d/40-usb-media-players.rules
      Reading rules file: /usr/lib/udev/rules.d/40-usb_modeswitch.rules
      Reading rules file: /usr/lib/udev/rules.d/42-hd-audio-pm.rules
      Reading rules file: /usr/lib/udev/rules.d/50-udev-default.rules
      Reading rules file: /usr/lib/udev/rules.d/55-Argyll.rules
      IMPORT found builtin 'usb_id --export %p', replacing /usr/lib/udev/rules.d/55-Argyll.rules:110
      Reading rules file: /etc/udev/rules.d/55-libsane.rules
      Reading rules file: /usr/lib/udev/rules.d/55-scsi-sg3_id.rules
      Reading rules file: /etc/udev/rules.d/56-sane-backends-autoconfig.rules
      Reading rules file: /usr/lib/udev/rules.d/58-scsi-sg3_symlink.rules
      Reading rules file: /usr/lib/udev/rules.d/60-block.rules
      Reading rules file: /usr/lib/udev/rules.d/60-cdrom_id.rules
      Reading rules file: /usr/lib/udev/rules.d/60-drm.rules
      Reading rules file: /usr/lib/udev/rules.d/60-evdev.rules
      Reading rules file: /usr/lib/udev/rules.d/60-persistent-alsa.rules
      Reading rules file: /usr/lib/udev/rules.d/60-persistent-input.rules
      Reading rules file: /usr/lib/udev/rules.d/60-persistent-storage-tape.rules
      ...
      
      rules contain 393216 bytes tokens (32768 * 12 bytes), 44401 bytes strings
      31884 strings (269041 bytes), 27859 de-duplicated (228666 bytes), 4026 trie nodes used
      MODE 0555 /etc/udev/rules.d/10-usbkey.rules:1
      GROUP 6 /usr/lib/udev/rules.d/50-udev-default.rules:55
      LINK 'disk/by-id/usb-Kingston_DataTraveler_2.0_<my serial number>-0:0-part1' /usr/lib/udev/rules.d/60-persistent-storage.rules:38
      LINK 'disk/by-path/pci-0000:00:1d.7-usb-0:1:1.0-scsi-0:0:0:0-part1' /usr/lib/udev/rules.d/60-persistent-storage.rules:61
      IMPORT builtin 'blkid' /usr/lib/udev/rules.d/60-persistent-storage.rules:76
      probe /dev/sdc1 raid offset=0
      LINK 'disk/by-uuid/C9D8-2EF5' /usr/lib/udev/rules.d/60-persistent-storage.rules:79
      LINK 'disk/by-label/SSH\x20KEYS' /usr/lib/udev/rules.d/60-persistent-storage.rules:80
      handling device node '/dev/sdc1', devnum=b8:33, mode=0555, uid=0, gid=6
      preserve permissions /dev/sdc1, 060555, uid=0, gid=6
      preserve already existing symlink '/dev/block/8:33' to '../sdc1'
      found 'b8:33' claiming '/run/udev/links/\x2fdisk\x2fby-id\x2fusb-Kingston_DataTraveler_2.0_<my serial number>-0:0-part1'
      creating link '/dev/disk/by-id/usb-Kingston_DataTraveler_2.0_<my serial number>0:0-part1' to '/dev/sdc1'
      preserve already existing symlink '/dev/disk/by-id/usb-Kingston_DataTraveler_2.0_<my serial number>-0:0-part1' to '../../sdc1'
      found 'b8:33' claiming '/run/udev/links/\x2fdisk\x2fby-label\x2fSSH\x5cx20KEYS'
      creating link '/dev/disk/by-label/SSH\x20KEYS' to '/dev/sdc1'
      preserve already existing symlink '/dev/disk/by-label/SSH\x20KEYS' to '../../sdc1'
      found 'b8:33' claiming '/run/udev/links/\x2fdisk\x2fby-path\x2fpci-0000:00:1d.7-usb-0:1:1.0-scsi-0:0:0:0-part1'
      creating link '/dev/disk/by-path/pci-0000:00:1d.7-usb-0:1:1.0-scsi-0:0:0:0-part1' to '/dev/sdc1'
      preserve already existing symlink '/dev/disk/by-path/pci-0000:00:1d.7-usb-0:1:1.0-scsi-0:0:0:0-part1' to '../../sdc1'
      found 'b8:33' claiming '/run/udev/links/\x2fdisk\x2fby-uuid\x2fC9D8-2EF5'
      creating link '/dev/disk/by-uuid/C9D8-2EF5' to '/dev/sdc1'
      preserve already existing symlink '/dev/disk/by-uuid/C9D8-2EF5' to '../../sdc1'
      created db file '/run/udev/data/b8:33' for '/devices/pci0000:00/0000:00:1d.7/usb5/5-1/5-1:1.0/host10/target10:0:0/10:0:0:0/block/sdc/sdc1'
      .ID_FS_TYPE_NEW=vfat
      .MM_USBIFNUM=00
      ACTION=add
      DEVLINKS=/dev/disk/by-id/usb-Kingston_DataTraveler_2.0_<my serial number>-0:0-part1 /dev/disk/by-path/pci-0000:00:1d.7-usb-0:1:1.0-scsi-0:0:0:0-part1 /dev/disk/by-label/SSH\x20KEYS /dev/disk/by-uuid/C9D8-2EF5
      DEVNAME=/dev/sdc1
      DEVPATH=/devices/pci0000:00/0000:00:1d.7/usb5/5-1/5-1:1.0/host10/target10:0:0/10:0:0:0/block/sdc/sdc1
      DEVTYPE=partition
      ID_BUS=usb
      ID_DRIVE_THUMB=1
      ID_FS_LABEL=SSH_KEYS
      ID_FS_LABEL_ENC=SSH\x20KEYS
      ID_FS_TYPE=vfat
      ID_FS_USAGE=filesystem
      ID_FS_UUID=C9D8-2EF5
      ID_FS_UUID_ENC=C9D8-2EF5
      ID_FS_VERSION=FAT32
      ID_INSTANCE=0:0
      ID_MODEL=DataTraveler_2.0
      ID_MODEL_ENC=DataTraveler\x202.0
      ID_MODEL_ID=1d00
      ID_PART_ENTRY_DISK=8:32
      ID_PART_ENTRY_FLAGS=0x80
      ID_PART_ENTRY_NUMBER=1
      ID_PART_ENTRY_OFFSET=63
      ID_PART_ENTRY_SCHEME=dos
      ID_PART_ENTRY_SIZE=1007553
      ID_PART_ENTRY_TYPE=0xb
      ID_PART_ENTRY_UUID=000e7df5-01
      ID_PART_TABLE_TYPE=dos
      ID_PART_TABLE_UUID=000e7df5
      ID_PATH=pci-0000:00:1d.7-usb-0:1:1.0-scsi-0:0:0:0
      ID_PATH_TAG=pci-0000_00_1d_7-usb-0_1_1_0-scsi-0_0_0_0
      ID_REVISION=PMAP
      ID_SCSI=1
      ID_SERIAL=Kingston_DataTraveler_2.0_<my serial number>-0:0
      ID_SERIAL_SHORT=<my serial number>
      ID_TYPE=disk
      ID_USB_DRIVER=usb-storage
      ID_USB_INTERFACES=:080650:
      ID_USB_INTERFACE_NUM=00
      ID_VENDOR=Kingston
      ID_VENDOR_ENC=Kingston
      ID_VENDOR_ID=13fe
      MAJOR=8
      MINOR=33
      PARTN=1
      SCSI_MODEL=DataTraveler_2.0
      SCSI_MODEL_ENC=DataTraveler\x202.0
      SCSI_REVISION=PMAP
      SCSI_TPGS=0
      SCSI_TYPE=disk
      SCSI_VENDOR=Kingston
      SCSI_VENDOR_ENC=Kingston
      SUBSYSTEM=block
      TAGS=:systemd:
      USEC_INITIALIZED=435979360087
      Unload module index
      Unloaded link configuration context.
      Last edited by Spork Schivago; 01-19-2017, 04:23 PM.
      -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full

      Comment


        #4
        Re: How to mount a certain thumb drive as read-only every time in Linux

        I think I misunderstood the MODE. I think the udev rule is working. I noticed it set the mode of /dev/sdc1 to 0555. How can I setup the custom udev rule so it always mount this specific thumb drive as read-only? Any thoughts?
        -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full

        Comment


          #5
          Re: How to mount a certain thumb drive as read-only every time in Linux

          http://askubuntu.com/questions/25055...read-only-mode

          Comment


            #6
            Re: How to mount a certain thumb drive as read-only every time in Linux

            dupe link.
            Last edited by diif; 01-19-2017, 04:49 PM.

            Comment


              #7
              Re: How to mount a certain thumb drive as read-only every time in Linux

              Originally posted by petehall347 View Post
              try this ..
              insert usb drive ..
              let it open to see files ..
              right click on empty space . select properties .then select permissions ..
              might not work sorry ..i just tried it ..
              I can set the file permissions so I don't have write access to them, but I need to auto-mount the filesystem on this specific thumb drive itself as read-only.

              I tried this:

              Code:
              # See if it's the usb key we want to use, and if it is, then mount read-only
              SUBSYSTEMS=="usb", ATTRS{manufacturer}=="Kingston", ATTRS{product}=="DataTraveler 2.0", ATTRS{serial}=="<my serial number>", ENV{UDISKS_MOUNT_OPTIONS}="ro"
              But it still mounted as read-write. I know my rule is being processed, because if I replace ENV{UDISKS_MOUNT_OPTIONS}="ro" with MODE="0555", I see /dev/sdc1 is being created with the 0555 file permissions....from the reading I've done, the ENV{UDISKS_MOUNT_OPTIONS}="ro" should work. I don't understand why it's not working.


              I've posted on a Linux forum as well. Maybe they'll have some ideas there. One guy seemed to know a good deal about udev rules. Perhaps he knows how to do what I want to do. I'll update this thread if I figure out a solution.
              Last edited by Spork Schivago; 01-19-2017, 07:15 PM.
              -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full

              Comment


                #8
                Re: How to mount a certain thumb drive as read-only every time in Linux

                did you follow instructions in the link ?

                Comment


                  #9
                  Re: How to mount a certain thumb drive as read-only every time in Linux

                  I don't see how this link helps. Maybe I'm missing something though? I know how to mount a drive read-only. That's not what I'm trying to accomplish.

                  I want a specific thumb drive to automount read-only every time, but ONLY a specific thumb drive. It has a unique serial number, but I also check for the make and model, just to make sure I'm getting the proper thumb drive. I need it to automount read-only, where I don't have to type anything to remount it.

                  Does the article you linked me to explain how to do that? I was reading through it, and from what I could tell, they're just showing how to disable automount and how to remount a thumb drive read-only, but they don't seem to show how to change it so a specific thumb drive always mounts read-only.

                  Thanks!
                  -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full

                  Comment


                    #10
                    Re: How to mount a certain thumb drive as read-only every time in Linux

                    Originally posted by petehall347 View Post
                    did you follow instructions in the link ?
                    No, I did not follow them. I read through them and really don't think that's what I want, unless I'm missing something there.
                    -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full

                    Comment


                      #11
                      Re: How to mount a certain thumb drive as read-only every time in Linux

                      Googling "udev rule read only flash drive" produces plenty of results that are probably more useful.

                      Comment


                        #12
                        Re: How to mount a certain thumb drive as read-only every time in Linux

                        Diif,

                        I've done that but none of them do what I want or simply don't seem to work. There's some requirements I should have explained.

                        The thumb drive needs to be mounted in the normal location, which on OpenSuSE is under /run/media/<username>/<filesystem ID label>

                        If it wasn't for the username part, I could just run mount from udev and mount it manually.

                        I found instructions that are outdated and no longer work at all (various programs have been replaced).
                        I found instructions that talk about using /etc/fstab, but I don't think that'll work. That assumes I know the device name, which can change, but also, the fstab options would more or less be for all thumb drives, not a specific one.
                        I found a mailing list that shows how to do it, using the ENV{UDISKS_MOUNT_OPTIONS}="ro" way,
                        but for some reason, that doesn't work. I'm thinking there's more to this.

                        mount shows we're using some sort of udisk2 helper. I'm wondering if that has something to do with it. Perhaps the Linux community could provide more help.
                        -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full

                        Comment


                          #13
                          Re: How to mount a certain thumb drive as read-only every time in Linux

                          Diif, after all the googling I've done, I'm wondering if this isn't possible. I've ran gnome-disks (which I believe is a frontend GUI to udisks / udisks2. I noticed the mount options are greyed out when automount is set for the device. If I turn off automount, then I can set the various options, but then I'd have to mount the thumb drive every time, which defeats the purpose. Maybe I cannot set the UDISKS_MOUNT_OPTIONS when automount is turned on? I'd hope not. That'd really suck.
                          -- Law of Expanding Memory: Applications Will Also Expand Until RAM Is Full

                          Comment

                          Working...
                          X