HAL, ivman and mounting options

By default, all disks marked as removable by HAL (pendrives in particular) are mounted by ivman with the noexec option. It doesn’t break browsing through them or performing simple operations such as copying files. Problems emerge when you want to launch a program or a script directly from a medium mounted in that manner.

To eliminate the obstacle, create an FDI file in /etc/hal/fdi/policy directory, called e.g. 20-pendrive.fdi. The contents of that file may look like the following:

<device>
  <match key="block.is_volume" bool="true">
    <match key="@block.storage_device:storage.hotpluggable" bool="true">
      <merge key="volume.policy.mount_option.exec" type="bool">true</merge>
    </match>
    <match key="@block.storage_device:storage.removable" bool="true">
      <merge key="volume.policy.mount_option.exec" type="bool">true</merge>
    </match>
  </match>
</device>

Instead of exec you may supply any mounting option you want to modify. Yet, you need to remember it has to be a “positive” option. So for example if you want to turn off saving last access time for every file on the mounted filesystem, entering the attribute key with a value of atime in the merge tag and setting it to false won’t work – you need to define a “positive analogy” of such an entry, which is attribute key with a value of noatime and setting it to true.

After this modification restarting HAL and ivman should be enough to achieve correct behavior.

This entry was inspired by an article from the Arch Linux wiki.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s