You are not logged in.

#1 2017-11-19 12:08:45

vince66
Banned
Registered: 2017-11-18
Posts: 11

run and mount external devices in arch linux

Hello everybody,
I'm new of this forum, so I apologize with you in advance if i'm wronging the correct list where i'm posting my question.

I'm interesting in Arch Linux (grub loader) because probably it will satisfy my need. For this reason I'm writing to pose the following question.

I'd like to know if:

1- it runs and mounts automatically any external devices attached to PC (in particular the usb sticks and IDE/SATA hard disks). In other words if it autoruns and automounts any external devices.

2- If so, if these services can be disabled and in which way.

3- If not, if the attached devices:
   A- are completely write protected in the sense that the BIOS/UEFI can not implicitly do writing operations to them (Fix: "implicitly" means whitout an explicit command from the user).
   B- "lives in a fluctuant state", that is they are suitable to be written by an external event.

I hopeto hear you soon.
Best Regards.

Vuncenzo.

Offline

#2 2017-11-19 12:53:36

V1del
Forum Moderator
Registered: 2012-10-16
Posts: 21,427

Re: run and mount external devices in arch linux

Since Arch does not configure anything by default, the answer to each of these questions is yes and no, depending on what configuration/setup (in general: most big DE's will have a mount helper, most standalone WMs won't) you intend to run.

More specifically, for 1 and 2 what mount helpers use to make this happen and where this should be configured: https://wiki.archlinux.org/index.php/Udisks (and again, this isn't going to be there by default but depends on your setup choices)

I don't really understand what you are going on about in 3, but it's likely to not be preventable on the OS side if the BIOS decides to screw with your drive.

Offline

#3 2017-11-19 13:28:32

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,449
Website

Re: run and mount external devices in arch linux

While I agree with the above, I'll take a more direct approach to the question: the answer is not yes and no - it's just no, and emphatic no.

You've asked if "it" (meaning arch linux) will automount and autorun anything: definitely not.  If you want to mount a device/partition you use the `mount` command.  This can be automated with any number of tools such as the one listed above, and if you just install some big DE with all it's bells and whistles, one of these tools probably comes with it.

As for "autorun" I don't know of any linux tools that do this, though if you want this too happen, it's be trivially easy to write one except for the fact that all autorun content I'm aware of is OS specific: it'd be trivially easy to write a tool that autoruns an autorun.sh shell script, but autorun.bat or a similar DOS batch file would not be practical (there are dos emulators for linux, but they have their limits).


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#4 2017-11-19 13:41:14

seth
Member
Registered: 2012-09-03
Posts: 49,992

Re: run and mount external devices in arch linux

I assume this is an xy question, notably because of a fundamental misconception in

are completely write protected in the sense that the BIOS/UEFI can not implicitly do writing operations to them

If you worry about I/O from below the OS, it's completely irrelevant what the OS does itfp. Whether or not the BIOS (and esp. UEFI) takes control over attached HW and writes to it does NOT depend on whether and how the device is mounted by the OS.

=> You should elaborate on your actual concern rather than asking on things that you believe are relevant to it.

Offline

#5 2017-11-19 14:58:31

vince66
Banned
Registered: 2017-11-18
Posts: 11

Re: run and mount external devices in arch linux

Thanks for your reply. I'm going to read the  https://wiki.archlinux.org/index.php/Udisks.

I'm agree with you about the fact that the answer can be yes or no depending onwhat configuration I intend to run. So I try to be more clear. I'm intersted in an Arch configuration that, at kernel level, allows me to attach an external drive that Arch recognizes exclusively as is (that is a usb device or a IDE/SATA device), avoiding to undertand if this periferals are bootable or not, or, moreover, avoiding to try to mount their filesystem.
Question: Does exist a simmilar configuration ? Tips are welcome. If so, can you assit me to reach this goal ? Are there articles that you can suggest me ?

I hope my question is clear now, but I can explain better it, if necessary and if I have not been exhaustive.

Best Regards.

Vincenzo.

Offline

#6 2017-11-19 15:05:39

jasonwryan
Anarchist
From: .nz
Registered: 2009-05-09
Posts: 30,424
Website

Re: run and mount external devices in arch linux

This sounds like a classic X-Y problem.


Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438

Offline

#7 2017-11-19 15:21:13

seth
Member
Registered: 2012-09-03
Posts: 49,992

Re: run and mount external devices in arch linux

Short answer(?): automounting is generally not available by default and certainly not by installing a most basic system.

You need to install a capable userspace stack and usually to explicitly activate it. Some userspace tools (file browsers) will mount on access (ie. you click the device icon and that mounts it)
However, even mounting won't do much past this. You then have the devices FS accessible in your root FS.

The autoRUN insanity where you plug a USB key to install a virus is possible to achieve but not nearly the default, not preconfigured and no good idea at all.

Since Jason supports my guess: what is your *actual* worry?

Offline

#8 2017-11-19 15:31:12

vince66
Banned
Registered: 2017-11-18
Posts: 11

Re: run and mount external devices in arch linux

Thanks everybody.

Please, let me more and more clear. Foundamentally I want to freeze the state of the memory of an USB stick or an IDE/SATA hard disk.
So, about the autorun/automount, my question is:

is it possible configure Arch so that it can realize the write protection of the attached devices (USB and or IDE/SATA). A little bit the command blockdev do: blockdev --setro /dev/sdxx.
Only i'm interesting that this writing block could happen at kernel level (and no at user level).

Please, can I obtain this result with Arch ?

Thanks in advance.

Vincenzo.

Offline

#9 2017-11-19 15:33:08

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,449
Website

Re: run and mount external devices in arch linux

Yes you can mount a drive read only.


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#10 2017-11-19 15:40:12

seth
Member
Registered: 2012-09-03
Posts: 49,992

Re: run and mount external devices in arch linux

"blockdev --setro /dev/sdxx" does NOT achieve "freeze the state of the memory of an USB stick" - at least not if you desire what i STILL ASSUME you're after.

There're USB keys with a HW write protection switch (there's also scam, but the amazon comments or some ech review will tell you whether the device is genuine) and that is the ONLY way to ensure the device isn't written to. Everything else is a kind request to the system, but provides ZERO protection against a compromised system.

If you really just want to blockdev/hdparm on devices, that's possible via udev rules BUT IT DOES NOT PROVIDE RELIABLE PROTECTION AGAINST MALICIOUS BEHAVIOR.

Offline

#11 2017-11-19 15:45:04

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,449
Website

Re: run and mount external devices in arch linux

I may be missing something: is this question about how an archlinux system you would install and adminsiter would treat a device, or how to make a device permanently untouchable?  There is nothing one can do from within archlinux that will write protect the device on other OSs and other systems (that may have malicious software running).

If you're worried about malicious code on your archlinux system, that is a separate issue.  If a device is mounted read-only, the only way to write to it would be for the malicious code to be running as root.  So don't run random crap as root.  If some malicious code runs and gets root access to your system without your knowledge/consent, then you're f***ed anyways, so there's not much point considering how to cope with that possibility (avoid it, don't cope with it).


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#12 2017-11-19 15:55:33

vince66
Banned
Registered: 2017-11-18
Posts: 11

Re: run and mount external devices in arch linux

ok ... it seems that seth has centered the reply.

If I've well undertood the only way is to use the udev rules. So, this means that I can operate the write blocking at user level and not at kernel level.  In other words i can obtain a "light" (not strong) write protection.
Is it correct this conclusion ?

Thanks a lot !

Vincenzo.

Offline

#13 2017-11-19 16:46:30

vince66
Banned
Registered: 2017-11-18
Posts: 11

Re: run and mount external devices in arch linux

The reply of the users suggests to me to summarize my question with an example.

SCENARIO: someone give me a suspect usb stick (or IDE/SATA hdd) containing user data (docx, jpeg, mp4 files). You can assume that this device has been used on a windows machine.

THE GOAL: I need to realize the "dd" image of thie suspect device (image_usb.dd, for example), storing it on a brand new usb stick.

PROBLEM: The must is: the dd copy of the suspect device MUST be realized absolutely avoiding that the user data are modified (for example, avoiding modifications of the file timestamps stored in the metadata).

QUESTION: I connect the suspect drive at a Arch Linux workstation to take the dd image. In which a way for you I need to configure my Arch Linux workstation so that there is no possibilities that its data changes ?

Tips are welcome.

Thanks in advance.

Vincenzo.

Offline

#14 2017-11-19 16:56:07

seth
Member
Registered: 2012-09-03
Posts: 49,992

Re: run and mount external devices in arch linux

"Not" - you don't dd a FS but a device.
If you don't worry about the Arch machine being compromised and you did't explicitly setup something to automount and manipulate the device, just plugging in the usb key and "sudo dd if=/dev/sdb of=/path/to/image.img" will not write to the device. If you don't trust dd, setting the blocking writing ioctls via udisks will do.
If you don't trust the Archbox, don't plug in the usb key.

Offline

#15 2017-11-19 16:59:56

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 29,449
Website

Re: run and mount external devices in arch linux

So this is not an XY problem, it is an XYZ problem, and really I'm still expecting more changes (XYZABC problem).

What you described is how dd works.  Period.  Udev rules are unnecessary and irrelevant for what you describe.

What concerns me is it sounds like you've put your self in a position to offer some sort of tech support (data recovery, or malware removal, etc) but you aren't even remotely close to competent enough to do so.  We can't help with that.

Last edited by Trilby (2017-11-19 17:01:35)


"UNIX is simple and coherent..." - Dennis Ritchie, "GNU's Not UNIX" -  Richard Stallman

Offline

#16 2017-11-19 22:23:51

vince66
Banned
Registered: 2017-11-18
Posts: 11

Re: run and mount external devices in arch linux

Seth you gave me the correct reply. I was only waiting for confirmation of what I was thinking. And it is right, because linux works exactly in this way: "if I don't explicitly setup something to automount and manipulate the device, just plugging in the usb key and "sudo dd if=/dev/sdb of=/path/to/image.img" will not write to the device".

I apologize with you for the long question. I have worked in the past with the Unix USB 4.3 and I remember something similar.  And i was searching confirmation of the write blocking feature also in ArchLinux.

Thanks very much !

I'll contact you again if I have some question during the ArchLinux configuration steps. I need to setup its simplest and basic configuration.

Thanks very much guys !!!

Offline

Board footer

Powered by FluxBB