> 	How about an extra option that could be added to entries in
> 	fstab that would specify a group that had permission to perform
> 	that mount command. You could then set whatever appropriate
> 	additional options on that line.

I don't know if folks are aware that normal users can already be given
permission to mount / unmount filesystems via AMD.

I have the /l setup so that cd-ing (or otherwise referencing) /l/cdrom
will mount whatever is in the cdrom.  Similarly /l/pcfs will mount a
dosfs floppy.  The cautious sysadmin will naturely want to turn off
the most glaring security holes via "nosuid,nodev".

    #
    # $Id: amd-local,v 1.1 1998/11/28 19:53:19 wolfgang Exp $
    #
    # local files like cdrom and pcfs
    #

    /defaults	fs:=${autodir}/${key};opts:=nosuid,nodev;

    pcfs		hostd==wsrcc.com;\
                    dev:=/dev/fd0;type:=pcfs; || \
                    dev:=/dev/fd0a;type:=pcfs;

    cdrom		hostd==wsrcc.com;\
                    dev:=/dev/sr0;type:=cdfs;opts:=nosuid,ro; || \
                    dev:=/dev/cd0a;type:=cdfs;opts:=nosuid,ro,nodev;

    ufsfloppy	hostd==wsrcc.com;\
                    dev:=/dev/fd0;type:=ufs;opts:=nosuid; || \
                    dev:=/dev/fd0a;type:=ufs;opts:=nosuid,nodev;

    #
    # end
    #

To unmount an filesystem a normal user can type "amq -u /l/cdrom" or
"amq -u /l/pcfs".

-wolfgang
-- 
       Wolfgang Rupprecht <wolfgang+gnus@dailyplanet.wsrcc.com>
		    http://www.wsrcc.com/wolfgang/
DGPS signals via the Internet  http://www.wsrcc.com/wolfgang/gps/dgps-ip.html