pmount
Mount removable devices as normal user
TLDR
Mount a device below /media/ (using device as mount point)
Mount a device with a specific filesystem type to /media/label
Mount a CD-ROM (filesystem type ISO9660) in read-only mode
Mount an NTFS-formatted disk, forcing read-write access
Display all mounted removable devices
SYNOPSIS
pmount [options] device [mountpoint]
pmount [options] {-u|--umount} mountpoint
pmount {-s|--show}
PARAMETERS
device
The path to the device special file (e.g., /dev/sdb1), or a label/UUID if configured.
mountpoint
The directory where the device should be mounted. This directory must usually exist and be empty.
-u, --umount
Unmounts the specified mountpoint. The device argument is not used when unmounting.
-s, --show
Lists all devices currently mounted via pmount.
-r, --read-only
Mounts the device in read-only mode.
-w, --writeable
Mounts the device in writeable mode. This is often the default behavior.
-o options, --options=options
Specify comma-separated mount options (e.g., uid=1000,gid=1000). These options are subject to restrictions defined in /etc/pmount.allow.
-i, --iso9660
Hint to mount the device as an ISO9660 filesystem (commonly used for CD/DVD images). The filesystem type is usually auto-detected.
-l, --loop
Treat the device argument as a file, and mount it as a loop device. Useful for mounting disk images.
-v, --verbose
Enables verbose output, providing more details about the mounting process.
-d, --debug
Enables debug output, useful for troubleshooting.
--help
Displays a brief help message and exits.
--version
Displays the version information and exits.
DESCRIPTION
The pmount command provides a secure and straightforward way for unprivileged users to mount and unmount removable devices such as USB drives, CDs, and DVDs. Unlike the standard mount(8) command, which typically requires root privileges, pmount is a setuid root program. This allows it to perform privileged operations on behalf of a regular user, but only under strict control.
Its functionality is governed by configuration files like /etc/pmount.allow or udev rules, which define which devices can be mounted, by whom, and with what options. This design enhances system security by preventing arbitrary mounts while still offering user convenience. pmount is particularly useful in desktop environments where users frequently interact with removable media, and also in server contexts where a minimal, secure user-mounting solution is preferred over full root access.
CAVEATS
pmount relies heavily on proper system configuration. If /etc/pmount.allow or udev rules are misconfigured, it could lead to security vulnerabilities or prevent users from mounting devices.
Mount points usually need to be pre-created and empty. The default mount location is often under /media or /mnt, but this can vary by system configuration.
In modern Linux desktop environments, higher-level abstractions like udisks or gvfs often handle automatic mounting of removable media, reducing the direct need for pmount for typical users.
CONFIGURATION FILES
The primary configuration file for pmount is /etc/pmount.allow. This file specifies which users are allowed to mount which devices, and with what options. It uses a simple syntax to define permissions. Some distributions might also use /etc/pmount.deny, though it's less common, or rely entirely on udev rules for device permissions.
PERMISSIONS
pmount is typically installed as a setuid root binary. This means that when a non-root user executes pmount, it temporarily gains root privileges to perform the necessary actions (like interacting with kernel mount syscalls). However, these privileges are strictly confined by the policies defined in its configuration files, ensuring that users cannot perform arbitrary system modifications.
DEFAULT MOUNT LOCATIONS
By default, pmount often attempts to mount devices into a user-specific subdirectory within /media (e.g., /media/user/device_label or /media/user/uuid) or /mnt. The exact default location and naming convention can be configured system-wide and may vary between Linux distributions.
HISTORY
pmount emerged as a solution to the long-standing challenge of allowing non-root users to mount removable devices without compromising system security. Before tools like pmount, users either needed root access (which was insecure) or relied on complex fstab entries with the `user` or `users` option (which could be rigid and less flexible for hot-plug devices).
It provided a simpler, policy-driven approach, often integrating with desktop environments to enable clickable mounting of USB drives and optical media. While its direct command-line usage has become less common in typical desktop use cases due to the rise of automated mounting services (like those provided by udev, udisks, and desktop environments themselves), pmount remains a robust and valuable utility for specific scenarios, especially in command-line-centric or embedded systems.