Need guidance on configuring mount options for removable storage devices
by DarkWolf113440 from LinuxQuestions.org on (#6E21H)
Hi folks, I need some help figuring out how to adjust mount options for removable media, specifically USB thumb drives. What I'm trying to do is set up 2FA logins on Ubuntu using pam_usb and a thumb drive as an authentication token. I've got pam_usb installed and configured, but it's a little buggy. Basically, my understanding of how the process is suppose to work is this:
1. plug in USB thumb drive
2. type username at login prompt (or GUI login screen)
3. pam_usb reads it's config, looks for the USB thumb drive, finds the OTP authentication token, reads from the token
4. If the authentication is good, pam_usb completes the login process and writes a new OTP value to the thumb drive
Now, here's the problem, after a successful authentication, I pull the thumb drive from the USB port and hang it back around my neck. Next time I try to use the USB thumb drive to login, the authentication fails.
I've discovered that this is because without properly unmounting the drive (yeah, I know that's the whole idea behind unmounting the device) the new OTP value never actually gets written out to the thumb drive, so the next time I use it, it's reading the old, expired OTP token. What I want to do is fix it so that when I insert the thumb drive, it auto mounts with the sync option so that the new OTP token is written out to the drive immediately, so that I can simply pull the thumb drive and have no problem next time I use it.
I've been reading man pages and posts and I'm not really seeing anything directly on point here, I'm reading myself in circles, going from fstab to udev rules to udisks2 to polkit, etc... Can anyone point me in the right direction here, it sure would be appreciated. Thanks!
1. plug in USB thumb drive
2. type username at login prompt (or GUI login screen)
3. pam_usb reads it's config, looks for the USB thumb drive, finds the OTP authentication token, reads from the token
4. If the authentication is good, pam_usb completes the login process and writes a new OTP value to the thumb drive
Now, here's the problem, after a successful authentication, I pull the thumb drive from the USB port and hang it back around my neck. Next time I try to use the USB thumb drive to login, the authentication fails.
I've discovered that this is because without properly unmounting the drive (yeah, I know that's the whole idea behind unmounting the device) the new OTP value never actually gets written out to the thumb drive, so the next time I use it, it's reading the old, expired OTP token. What I want to do is fix it so that when I insert the thumb drive, it auto mounts with the sync option so that the new OTP token is written out to the drive immediately, so that I can simply pull the thumb drive and have no problem next time I use it.
I've been reading man pages and posts and I'm not really seeing anything directly on point here, I'm reading myself in circles, going from fstab to udev rules to udisks2 to polkit, etc... Can anyone point me in the right direction here, it sure would be appreciated. Thanks!