1

This is probably a basic question for most of you, but I don't have a good knowledge of this topic (yet). Please forgive my ignorance.

use-case:
I have a small RaspberryPi that I want to use to backup my Mac, using rsync. I got this part working with some test-data.

Now I would like to hide that backup from the normal user by adding a second harddisk, which I only want to be visible to a specific user mac

I used /etc/fstab in the past, but I guess that is for all users, right? Is there a way to only mount that disk for user mac (and potentially also root?) Also, I don't want to modify the file permissions because if I ever have to rsync-back my data, I want the permissions to be exactly as they were before the backup

Any pointers on how to achieve that?
thanks so much
ChrisV

Chris V.
  • 21

2 Answers2

1

Mount the filesystem in a subdirectory of a directory that belongs to mac and its mode is 700 or 500.

See Do I really need recursive chmod to restrict access to a folder?

if you remove […] both read and execute privileges on a directory, anything below it becomes unreachable, and you don't need to make a recursive change.

In your case the mount point and the entire filesystem will be "below it". This way you can restrict access to the filesystem without changing anything in the filesystem itself. root will be able to access it though.

Kamil Maciorowski
  • 21,864
0

In connection with your question,

Is there a way to only mount that disk for user mac (and potentially also root?)

there are one option in /etc/fstab that does what you want to do, that is "owner".

Let's say that /dev/sdb1 is the partition of your second hard disk, you could do something like this in /etc/fstab:

/dev/sdb1 /mnt/second_disk exfat owner 0 0

Replace the 2nd and 3rd field with the folder that you are using as a mountpoint and exfat by the partition filesystem.

After that you should do:

chgrp disk /dev/sdb1

(Perhaps that block device already has to disk as its group owner)

And to add to mac user to disk group:

usermod -aG disk mac

That's that

sebelk
  • 4,389