Wednesday, December 19

Mounting Floppy Disks and Removable Media






In order to read floppy disks and other removable media, you need to mount the device. Linux usually adds the proper settings to /etc/fstab and default mount points to the /mnt directory.


The defaul mount points are straightforward; for example, floppy are mounted on /mnt/floppy, CD's are mounted on /mnt/cdrom. You can do this using the following command:

#mount -t vfat /dev/fd0 /mnt/floppy

the -t switch specifies the type of filesystem(vfat). The device file /dev/fd0 represents the first floppy drive; /mnt/floppy is the directory through which you can access the files after mounting.


If you take a look at your /etc/fstab entry and you will see something like the ff:

/dev/fd0 /mnt/floppy auto noauto,owner,kudzu 0 0



This /etc/fstab line sets the default configuration for he first floppy drive (/dev/fd0). The ormat is auto which means that the mount command searches the filesystems and so all you need to mount the floppy is he following command:

#mount /dev/fd0 /mnt/floppy



Similarly, the device for your CD-ROM is normally /dev/cdrom. To mount an ISO9660 CD-ROM, run he command:

#mount -rt iso9660 /dev/cdrom /mnt/cdrom

Now you can read he contents of /mnt/cdrom or /mnt/floppy as if it were a normal filesystem on your system. You don't have to use /mnt/floppy or /mnt/cdrom directories rather you can use any available empty directory of your choice.


You can add the cd-rom entry on your /etc/fstab config file just like this:

/dev/cdrom /mnt/cdrom udf,iso9660 noauto,owner,kudzu,ro 0 0

Asyou can see, iso9660 is already specified as the default CD filesystem and CD's are mounted as read-only(ro) by default. Therefore, all you need to command in mounting the CD is either one of the following:

#mount /mnt/cdrom
#mount /dev/cdrom

To unmount floppy or cdrom, use the umount command:

#umount /mnt/floppy
#umount /mnt/cdrom

Take note that it is imprtant to unmount floppy disk before removing them. Otherwise, you may lose the data which might still be in he cache.







Tuesday, December 18

Restricting User's Login

When we talk about forcing a user to log off, what we’re really talking about is time restrictions on certain account system access and services. The easiest way I’ve found to implement time restrictions is by using software called Linux-PAM.

Pluggable Authentication Module (PAM) is a mechanism for authenticating users. Specifically, we’re going to use the pam_time module to control timed access for users to services.

Using the pam_time module, we can set access restrictions to a system and/or specific applications at various times of the day as well as on specific days. Depending on the configuration, you can use this module to deny access to individual users based on their name, the time of day, the day of week, the service they’re applying for, and their terminal from which they’re making the request.

When using pam_time, you must terminate the syntax or rule in the /etc/security/time.conf file with a newline.

Always remeber that pound sign [#] is a comment and the system will ignore that text inline to it.

This is an example configuration file for the pam_time module.

Its syntax was initially based heavily on that of the shadow package (shadow-960129).

The syntax of the lines is as follows:

services;ttys;users;times

  1. The first field — services = list of PAM service names.
  2. The second field — tty =logic list of terminal names.
  3. The third field — user = is a logic list of users or a netgroup of users.
  4. The fourth field — times =indicates the applicable times.

Here’s an example of a typical set of rules:

login ; * ; !ron ; MoTuWeThFr0800-2000
login ; * ; !root ; !Al0000-2400
http ; * ; !ron ; MoTuWeThFr0800-2000
http ; * ; !root; !Al0000-2400
ftp ; * ; !ron ; MoTuWeThFr0800-2000
ftp ; * ; !root; !Al0000-2400


These rules restrict user ron from logging on between the hours of 0800 and 2000, and they also restrict http and ftp access during these hours.

Root would be able to logon at any time and browse the Internet during all times as well.