diff options
Diffstat (limited to 'udev/bcachefs.rules')
| -rw-r--r-- | udev/bcachefs.rules | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/udev/bcachefs.rules b/udev/bcachefs.rules new file mode 100644 index 00000000..ca1f3818 --- /dev/null +++ b/udev/bcachefs.rules @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: GPL-2.0-or-later +# +# Copyright (C) 2024 Oracle. All rights reserved. +# Author: Darrick J. Wong <djwong@kernel.org> +# +# Don't let udisks automount bcachefs filesystems without even asking a user. +# This doesn't eliminate filesystems as an attack surface; it only prevents +# evil maid attacks when all sessions are locked. +# +# According to http://storaged.org/doc/udisks2-api/latest/udisks.8.html, +# supplying UDISKS_AUTO=0 here changes the HintAuto property of the block +# device abstraction to mean "do not automatically start" (e.g. mount). +SUBSYSTEM=="block", ENV{ID_FS_TYPE}=="bcachefs", ENV{UDISKS_AUTO}="0" |