*chsh* will accept the full pathname of any executable file on the system.
-The default behavior for non-root users is to accept only shells listed in the _/etc/shells_ file, and issue a warning for root user. It can also be configured at compile-time to only issue a warning for all users.
+The default behavior for unprivileged users is to accept only shells listed in the _/etc/shells_ file, and issue a warning for root user. It can also be configured at compile-time to only issue a warning for all users.
== EXIT STATUS
*nologin* is a per-account way to disable login (usually used for system accounts like http or ftp). *nologin* uses _/etc/nologin.txt_ as an optional source for a non-default message, the login access is always refused independently of the file.
-*pam_nologin*(8) PAM module usually prevents all non-root users from logging into the system. *pam_nologin*(8) functionality is controlled by _/var/run/nologin_ or the _/etc/nologin_ file.
+*pam_nologin*(8) PAM module usually prevents all unprivileged users from logging into the system. *pam_nologin*(8) functionality is controlled by _/var/run/nologin_ or the _/etc/nologin_ file.
== HISTORY
*It is recommended to use* *lsblk*(8) *command to get information about block devices, or lsblk --fs to get an overview of filesystems, or* *findmnt*(8) *to search in already mounted filesystems.*
____
-*lsblk*(8) provides more information, better control on output formatting, easy to use in scripts and it does not require root permissions to get actual information. *blkid* reads information directly from devices and for non-root users it returns cached unverified information. *blkid* is mostly designed for system services and to test *libblkid*(3) functionality.
+*lsblk*(8) provides more information, better control on output formatting, easy to use in scripts and it does not require root permissions to get actual information. *blkid* reads information directly from devices and for unprivileged users it returns cached unverified information. *blkid* is mostly designed for system services and to test *libblkid*(3) functionality.
____
When _device_ is specified, tokens from only this device are displayed. It is possible to specify multiple _device_ arguments on the command line. If none is given, all partitions or unpartitioned devices which appear in _/proc/partitions_ are shown, if they are recognized.
The _size_ and _offset_ arguments may be followed by the multiplicative suffixes KiB (=1024), MiB (=1024*1024), and so on for GiB, TiB, PiB, EiB, ZiB and YiB (the "iB" is optional, e.g., "K" has the same meaning as "KiB") or the suffixes KB (=1000), MB (=1000*1000), and so on for GB, TB, PB, EB, ZB and YB.
*-a*, *--all*::
-Show the status of all loop devices. Note that not all information is accessible for non-root users. See also *--list*. The old output format (as printed without *--list*) is deprecated.
+Show the status of all loop devices. Note that not all information is accessible for unprivileged users. See also *--list*. The old output format (as printed without *--list*) is deprecated.
*-d*, *--detach* _loopdev_...::
Detach the file or device associated with the specified loop device(s). Note that since Linux v3.7 kernel uses "lazy device destruction". The detach operation does not return *EBUSY* error anymore if device is actively used by system, but it is marked by autoclear flag and destroyed later. Even if the device is not used, the loop device can be destroyed later. If you need to wait for a complete removal of the loop device, call *udevadm settle* after *losetup*.
The *NSFS* column, printed when *net* is specified for the *--type* option, is special; it uses multi-line cells. Use the option *--nowrap* to switch to ","-separated single-line representation.
-Note that *lsns* reads information directly from the _/proc_ filesystem and for non-root users it may return incomplete information. The current _/proc_ filesystem may be unshared and affected by a PID namespace (see *unshare --mount-proc* for more details). *lsns* is not able to see persistent namespaces without processes where the namespace instance is held by a bind mount to /proc/_pid_/ns/_type_.
+Note that *lsns* reads information directly from the _/proc_ filesystem and for unprivileged users it may return incomplete information. The current _/proc_ filesystem may be unshared and affected by a PID namespace (see *unshare --mount-proc* for more details). *lsns* is not able to see persistent namespaces without processes where the namespace instance is held by a bind mount to /proc/_pid_/ns/_type_.
== OPTIONS
*mount /dev/foo /dir*
____
-This default behaviour can be changed by using the *--options-source-force* command-line option to always read configuration from _fstab_. For non-root users *mount* always reads the _fstab_ configuration.
+This default behaviour can be changed by using the *--options-source-force* command-line option to always read configuration from _fstab_. For unprivileged users *mount* always reads the _fstab_ configuration.
=== Non-superuser mounts
*mount /cd*
____
-Note that *mount* is very strict about non-root users and all paths specified on command line are verified before _fstab_ is parsed or a helper program is executed. It's strongly recommended to use a valid mountpoint to specify filesystem, otherwise *mount* may fail. For example it's a bad idea to use NFS or CIFS source on command line.
+Note that *mount* is very strict about unprivileged users and all paths specified on command line are verified before _fstab_ is parsed or a helper program is executed. It's strongly recommended to use a valid mountpoint to specify filesystem, otherwise *mount* may fail. For example it's a bad idea to use NFS or CIFS source on command line.
-Since util-linux 2.35, *mount* does not exit when user permissions are inadequate according to libmount's internal security rules. Instead, it drops suid permissions and continues as regular non-root user. This behavior supports use-cases where root permissions are not necessary (e.g., fuse filesystems, user namespaces, etc).
+Since util-linux 2.35, *mount* does not exit when user permissions are inadequate according to libmount's internal security rules. Instead, it drops suid permissions and continues as regular unprivileged user. This behavior supports use-cases where root permissions are not necessary (e.g., fuse filesystems, user namespaces, etc).
For more details, see *fstab*(5). Only the user that mounted a filesystem can unmount it again. If any user should be able to unmount it, then use *users* instead of *user* in the _fstab_ line. The *owner* option is similar to the *user* option, with the restriction that the user must be the owner of the special file. This may be useful e.g. for _/dev/fd_ if a login script makes the console user owner of this device. The *group* option is similar, with the restriction that the user must be a member of the group of the special file.
Ensures that the filesystem is mounted as a unique instance and that the
filesystem superblock is not reused by the kernel. The filesystem may be reused
later if mounted without the option. The option affects only the current mount
-and is allowed for non-root users as well.
+and is allowed for unprivileged users as well.
+
See also the **--onlyonce** option. The difference between *--onlyonce* and
*--exclusive* is that "onlyonce" ensures the same source is not mounted on the
+
The command-line option *--no-canonicalize* overrides this mount option and affects all path and tag conversions in all situations, but for backward compatibility, it does not modify *open_tree*(2) syscall flags and does not allow the bind-mount over a symbolic link use case.
+
-Note that *mount*(8) still sanitizes and canonicalizes the source and target paths specified on the command line by non-root users, regardless of the X-mount.nocanonicalize setting.
+Note that *mount*(8) still sanitizes and canonicalizes the source and target paths specified on the command line by unprivileged users, regardless of the X-mount.nocanonicalize setting.
*X-mount.noloop*::
Do not create and mount a loop device, even if the source of the mount is a regular file.
*-c*, *--no-canonicalize*::
Do not canonicalize paths. The paths canonicalization is based on *stat*(2) and *readlink*(2) system calls. These system calls may hang in some cases (for example on NFS if server is not available). The option has to be used with canonical path to the mount point.
+
-This option is silently ignored by *umount* for non-root users.
+This option is silently ignored by *umount* for unprivileged users.
+
For more details about this option see the *mount*(8) man page. Note that *umount* does not pass this option to the **/sbin/umount.**__type__ helpers.
Since version 2.34 the *umount* command can be used to perform umount operation also for fuse filesystems if kernel mount table contains user's ID. In this case _fstab_ *user=* mount option is not required.
-Since version 2.35 *umount* command does not exit when user permissions are inadequate by internal *libmount* security rules. It drops suid permissions and continue as regular non-root user. This can be used to support use-cases where root permissions are not necessary (e.g., fuse filesystems, user namespaces, etc).
+Since version 2.35 *umount* command does not exit when user permissions are inadequate by internal *libmount* security rules. It drops suid permissions and continue as regular unprivileged user. This can be used to support use-cases where root permissions are not necessary (e.g., fuse filesystems, user namespaces, etc).
== LOOP DEVICE
projects / thirdparty / util-linux.git / commitdiff
