https://bugzilla.novell.com/show_bug.cgi?id=463524
User werner.flamme@ufz.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c13
--- Comment #13 from Werner Flamme 2009-02-10 03:03:10 MST ---
@Jan: How short "oodles of time" may be... ;-) Your citation says
"Note that commenting out mntoptions will give you the defaults. ": I did not
comment it out, I have a non-commented '<mntoptions deny="suid,dev" />' entry
in the file. The bazillion samples are commented out, of course.
"You will need to explicitly initialize it with the empty string to reset the
defaults to nothing": Again, I do not think to have a problem here. Do I have
to "reset the defaults to nothing" though having a valid configuration entry?
Does <mntoption /> require multiple settings? Isn't it enough to give
'<mntoptions deny="suid,dev" />', must I have an additional '<mntoptions
allow="*" />' entry?
I use pam_mount for years (SUSE 8.2, I think), and even in oS 11.0 this was not
the case. I had to have one entry for mntoptions, and that was it. And this is
the way I understand "Note: you must make sure that a required option is
permitted (either by including it in options_allow, or by not including it in
options_deny)" from Michael's citation.
In openSUSE 10.3 (just 2 SUSE versions ago), the respective comment was:
---snip---
# These directives determine which options may be specified in a user config
# file (luserconf). You must include one of these directives if you have a
# luserconf directive. You may not include both directives.
#
# If you have an options_allow directive, then the options listed in that
# directive wil be allowed, and all others rejected. If you have an
# options_deny directive, then the options listed will be denied, and all
others
# permitted.
#
# You may use the wildcard '*' to match all options.
# I recommend not permitting the suid and dev options.
#
#options_allow nosuid,nodev,loop,encryption,fsck
options_deny suid,dev
#options_allow *
#options_deny *
---pins---
So, here ist was "You must include one of these directives[...] You may not
include both directives." Who ever it was that said "I recommend not permitting
the suid and dev options", I followed this recommendation... and I still do.
Regards,
Werner
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.