1pmount(1) General Commands Manual pmount(1)
2
3
4
6 pmount - mount arbitrary hotpluggable devices as normal user
7
8
10 pmount [ options ] device
11
12 pmount [ options ] device label
13
14 pmount --lock [ options ] device pid
15
16 pmount --unlock [ options ] device pid
17
18 pmount
19
20
22 pmount ("policy mount") is a wrapper around the standard mount program
23 which permits normal users to mount removable devices without a match‐
24 ing /etc/fstab entry.
25
26 pmount also supports encrypted devices which use dm-crypt and have LUKS
27 metadata. If a LUKS-capable cryptsetup is installed, pmount will use it
28 to decrypt the device first and mount the mapped unencrypted device
29 instead.
30
31 pmount is invoked like this:
32
33 pmount device [ label ]
34
35 This will mount device to a directory below /media if policy is met
36 (see below). If label is given, the mount point will be /media/label,
37 otherwise it will be /media/device.
38
39 The device will be mounted with the following flags:
40 async,atime,nodev,noexec,noauto,nosuid,user,rw
41
42 Some applications like CD burners modify a raw device which must not be
43 mounted while the burning process is in progress. To prevent automatic
44 mounting, pmount offers a locking mechanism: pmount --lock device pid
45 will prevent the pmounting of device until it is unlocked again using
46 pmount --unlock device pid. The process id pid assigns the lock to a
47 particular process; this allows to lock a device by several processes.
48
49 During mount, the list of locks is cleaned, i. e. all locks whose asso‐
50 ciated process does not exist any more are removed. This prevents for‐
51 gotten indefinite locks from crashed programs.
52
53 Running pmount without arguments prints the list of mounted removable
54 devices, a bit in the fashion of mount (1).
55
56 Please note that you can use labels and uuids as described in fstab (5)
57 for devices present in /etc/fstab. In this case, the device name need
58 to match exactly the corresponding entry in /etc/fstab, including the
59 LABEL= or UUID= part.
60
61
62
64 The mount will succeed if all of the following conditions are met:
65
66
67 · device is a block device in /dev/
68
69 · device is not in /etc/fstab (if it is, pmount executes mount device
70 as the calling user to handle this transparently). See below for more
71 details.
72
73 · device is not already mounted according to /etc/mtab and /proc/mounts
74
75 · if the mount point already exists, there is no device already mounted
76 at it and the directory is empty
77
78 · device is removable (USB, FireWire, or MMC device, or
79 /sys/block/drive/removable is 1) or whitelisted in /etc/pmount.allow.
80
81 · device is not locked
82
83
85 -r, --read-only
86 Force the device to be mounted read only. If neither -r nor -w
87 is specified, the kernel will choose an appropriate default.
88
89
90 -w, --read-write
91 Force the device to be mounted read/write. If neither -r nor -w
92 is specified, the kernel will choose an appropriate default.
93
94
95 -s, --sync
96 Mount the device with the sync option, i. e. without write
97 caching. Default is async (write-back). With this option, write
98 operations are much slower and due to the massive increase of
99 updates of inode/FAT structures, flash devices may suffer heav‐
100 ily if you write large files. This option is intended to make it
101 safe to just rip out USB drives without proper unmounting.
102
103
104 -A, --noatime
105 Mount the device with the noatime option. Default is atime.
106
107
108 -e, --exec
109 Mount the device with the exec option. Default is noexec.
110
111
112 -t filesystem, --type filesystem
113 Mount as specified file system type. The file system type is
114 automatically determined if this option is not given. See at the
115 bottom for a list of currently supported filesystems.
116
117
118 -c charset, --charset charset
119 Use given I/O character set (default: utf8 if called in an UTF-8
120 locale, otherwise mount default). This corresponds with the
121 mount option iocharset (or nls for NTFS). This option is ignored
122 for file systems that do not support setting the character set
123 (see mount [22m(8) for details). Important note: pmount will now
124 mount VFAT filesystems with iocharset=iso8859-1 as
125 iocharset=utf8 currently makes the filesystem case-sensitive
126 (which is pretty bad...).
127
128
129 -u umask, --umask umask
130 Use specified umask instead of the default one. For UDF, the
131 default is '000', for VFAT and NTFS the default is '077'. This
132 value is ignored for file systems which do not support setting
133 an umask. Note that you can use a value of 077 to forbid anyone
134 else to read/write the files, 027 to allow your group to read
135 the files and 022 to allow anyone to read the files (but only
136 you can write).
137
138
139 --dmask dmask
140
141 --fmask fmask
142 Some filesystems (essentially VFAT and HFS) supports separate
143 umasks (see the -u option just above) for directories and files,
144 to avoid the annoying effect of having all files executable. For
145 these filesystems, you can specify separately the masks using
146 these options. By default, fmask is umask without all executable
147 permissions and dmask is umask. Most of the times, these set‐
148 tings should just do what you want, so there should be seldom
149 any need for using directly the --fmask and --dmask options.
150
151
152 -p file --passphrase file
153 If the device is encrypted (dm-crypt with LUKS metadata), read
154 the passphrase from specified file instead of prompting at the
155 terminal.
156
157
158 -h, --help
159 Print a help message and exit successfully.
160
161
162 -d, --debug
163 Enable verbose debug messages.
164
165
166 -V, --version
167 Print the current version number and exit successfully.
168
169
171 /etc/pmount.allow
172 List of devices (one device per line) which are additionally
173 permitted for pmounting. Globs, such as /dev/sda[123] are per‐
174 mitted. See see glob (7) for a more complete syntax.
175
176
178 pumount(1), mount(8)
179
180
182 For now, pmount supports the following filesystems: udf, iso9660, vfat,
183 ntfs, hfsplus, hfs, ext3, ext2, ext4, reiserfs, reiser4, xfs, jfs and
184 omfs. They are tried sequentially in that exact order when the
185 filesystem is not specified.
186
187 Additionally, pmount supports the filesystem types ntfs-fuse and
188 ntfs-3g to mount NTFS volumes respectively with ntfsmount (1) or
189 ntfs-3g (1). If the file /sbin/mount.ntfs-3g is found, then pmount will
190 mount NTFS filestystems with type ntfs-3g rather than plain ntfs. To
191 disable this behavior, just specify -t ntfs on the command-line, as
192 this happens only for autodetection.
193
194
196 pmount now fully resolve all symlinks both in its input and in the
197 /etc/fstab file, which means that if /dev/cdrom is a symlink to
198 /dev/hdc and you try to mount /dev/hdc directly, pmount will delegate
199 this to mount(1). This is a feature, and it contrasts with previous
200 unclear behavior of pmount about symlinks in /etc/fstab.
201
202
204 Though we believe pmount is pretty much free from security problems,
205 there are quite a few glitches that probably will never be fixed.
206
207
208 · pmount needs to try several different times to mount to get the
209 filesystem right in the end; it is vital that pmount does know which
210 precise filesystem to mount in order to give it the right options not
211 to cause security holes. This is rather different from the behaviour
212 of mount with the -t auto options, which can have a look at the
213 device it is trying to mount and find out what its filesystem is.
214 pmount will never try to open a device and look at it to find out
215 which filesystem it is, as it might open quite a few security holes.
216 Moreover, the order in which the filesystems are tried are what we
217 could call the most commonly used filesystems on removable media.
218 This order is unlikely to change as well. In particular, that means
219 that when you mount an ext3 filesystem using pmount, you might get a
220 lot of fs-related kernel error messages. Sorry !
221
222 NOTE: Starting from version 0.9.17, pmount uses the same mechanism as
223 mount [22m(1) to autodetect the filesystem type, so this kind of problems
224 should not happen anymore.
225
226
227
229 pmount was originally developed by Martin Pitt <martin.pitt@canoni‐
230 cal.com>. It is now maintained by Vincent Fourmond <four‐
231 mond@debian.org>.
232
233
234
235Martin Pitt August 27, 2004 pmount(1)