Why drives are mounted with noexec option

    • OMV 3.x

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Why drives are mounted with noexec option

      Hi all,

      I have a question : Why drives are mounted with noexec option ?

      Because i would like to run script or executable binaries from mounted drive.

      is there a option somewhere ?

      best regard
      Open Media Vault 2.2.6 (Stone burner) in Prod
      Open Media Vault 3.0.32 (Erasmus) in Test

      openmedivault Docker Container
      https://github.com/prbond/openmedivault-dockerfile

      Dev :
      openmediavault-fail2ban 1.1.5 for OMV2.X
      openmediavault-fail2ban 1.3.0 for OMV3.X
      https://github.com/prbond/openmediavault-fail2ban
      https://github.com/OpenMediaVault-Plugin-Developers/openmediavault-fail2ban
    • They always have been. Most data does not need to be executed.

      Set the environment variable OMV_FSTAB_MNTOPS_EXT4 in /etc/default/openmediavault to your preferred values.
      Defaults: defaults,nofail,user_xattr,noexec,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0

      Of if the partition is already mounted, find it in /etc/openmediavault/config.xml in the fstab section.
      omv 4.1.14 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.13
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • Thanks

      I found a dirty way : umount drive, del noexec from /etc/fstab, mount drive

      I am trying to build debian pakage on drive mounted with a lot of script and binaries and i don't understand why i had Permission denied ... ;( I know now

      For security reason data does not need to be executed ;)
      Open Media Vault 2.2.6 (Stone burner) in Prod
      Open Media Vault 3.0.32 (Erasmus) in Test

      openmedivault Docker Container
      https://github.com/prbond/openmedivault-dockerfile

      Dev :
      openmediavault-fail2ban 1.1.5 for OMV2.X
      openmediavault-fail2ban 1.3.0 for OMV3.X
      https://github.com/prbond/openmediavault-fail2ban
      https://github.com/OpenMediaVault-Plugin-Developers/openmediavault-fail2ban
    • Yes i know ;) -> just for today
      Open Media Vault 2.2.6 (Stone burner) in Prod
      Open Media Vault 3.0.32 (Erasmus) in Test

      openmedivault Docker Container
      https://github.com/prbond/openmedivault-dockerfile

      Dev :
      openmediavault-fail2ban 1.1.5 for OMV2.X
      openmediavault-fail2ban 1.3.0 for OMV3.X
      https://github.com/prbond/openmediavault-fail2ban
      https://github.com/OpenMediaVault-Plugin-Developers/openmediavault-fail2ban
    • That is why the developer plugin copies the files to /tmp/ to build the package :)
      omv 4.1.14 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.13
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • OMV_FSTAB_MNTOPS_EXT4 is valid for OMV 2.x and 3.x. It is in the default file at installation time in OMV 2.x. In OMV 3.x, it has to be added to change the defaults.
      omv 4.1.14 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.13
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • I am running OMV 2.2.5. I set the following in /etc/default/openmediavault (it was not there, I had to add it)

      OMV_FSTAB_MNTOPS_EXT4="defaults,nofail,user_xattr,exec,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0"

      Then as root I ran /usr/sbin/omv-mkconf fstab

      When I examine /etc/fstab, the drives in the # >>> [openmediavault] section still show noexec.

      Rebooting makes no difference.

      What am I missing? :)

      I don't see this variable in the list here: wiki.openmediavault.org/index.…Environment_Variables/all but maybe that list is not up to date.
      OMV 4.x - ASRock Rack C2550D4I - 16GB ECC - Silverstone DS380
    • Maybe it was in there from OMV 1.x and I upgraded.

      You don't need to add exec. Just remove noexec.

      Running omv-mkconf fstab updates /etc/fstab from the info in the fstab section of /etc/openmediavault/config.xml. Changing the defaults only affects newly created filesystems. If you want to change an existing filesystem, you need to edit /etc/openmediavault/config.xml (make a backup first). Then execute omv-mkconf fstab and remount/reboot.

      The defaults for the filesystems can be found here
      omv 4.1.14 arrakis | 64 bit | 4.15 proxmox kernel | omvextrasorg 4.1.13
      omv-extras.org plugins source code and issue tracker - github

      Please read this before posting a question and this and this for docker questions.
      Please don't PM for support... Too many PMs!
    • New

      ryecoaaron wrote:

      Maybe it was in there from OMV 1.x and I upgraded.

      You don't need to add exec. Just remove noexec.

      Running omv-mkconf fstab updates /etc/fstab from the info in the fstab section of /etc/openmediavault/config.xml. Changing the defaults only affects newly created filesystems. If you want to change an existing filesystem, you need to edit /etc/openmediavault/config.xml (make a backup first). Then execute omv-mkconf fstab and remount/reboot.

      The defaults for the filesystems can be found here
      ma man.. this was pretty useful to me today. *ryphractor takes a bow at ryecoaaron* thank you :D