/dev/sdXを読み取り専用にするためのudevルールを作成する方法は?

/dev/sdXを読み取り専用にするためのudevルールを作成する方法は?

私はしばしば/ dev / sdXとして登録されているUSBドライブフォーマットを扱います。誤って間違ったコマンドを入力してハードドライブをフォーマットできました。

理想的には、すべての/ dev / sdX *と最大すべてを含む特定の/ dev / sdXドライバを読み取り専用にするUDEVルールを作成したいと思います。これにより、すべてのANDが失敗/dev/disc/by-*/*します。だから本当に変えたいならいつでも変えることができますよ。dd of=/dev/sdXfdisk /dev/sdXmkfs /dev/sdXchmod +w

そのようなUDEVルールはどのようなものでしょうか? UDEVルールと「一致」できるように、/dev/sdXパスに関する情報をどのように取得できますか?すべての/dev/sdX*パーティションを一致させるには?

# smartctl -a /dev/sda
smartctl 7.3 2022-02-28 r5338 [x86_64-linux-6.2.2-zen2-1-zen] (local build)
Copyright (C) 2002-22, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF INFORMATION SECTION ===
Model Family:     Western Digital Caviar Green
Device Model:     WDC WD6400AAVS-00G9B1
Serial Number:    WD-WCAUF2886253
LU WWN Device Id: 5 0014ee 202989df7
Firmware Version: 05.04C05
User Capacity:    640,135,028,736 bytes [640 GB]
Sector Size:      512 bytes logical/physical
Device is:        In smartctl database 7.3/5319
ATA Version is:   ATA8-ACS (minor revision not indicated)
SATA Version is:  SATA 2.5, 3.0 Gb/s
Local Time is:    Sun Mar 12 05:46:50 2023 CET
SMART support is: Available - device has SMART capability.
SMART support is: Enabled
# udevadm info --query=all --attribute-walk --path=block/sda | cat

Udevadm info starts with the device specified by the devpath and then
walks up the chain of parent devices. It prints for every device
found, all possible attributes in the udev rules key format.
A rule to match, can be composed by the attributes of the device
and the attributes from one single parent device.

  looking at device '/devices/pci0000:00/0000:00:1f.2/ata6/host5/target5:0:0/5:0:0:0/block/sda':
    KERNEL=="sda"
    SUBSYSTEM=="block"
    DRIVER==""
    ATTR{alignment_offset}=="0"
    ATTR{capability}=="0"
    ATTR{discard_alignment}=="0"
    ATTR{diskseq}=="1"
    ATTR{events}==""
    ATTR{events_async}==""
    ATTR{events_poll_msecs}=="-1"
    ATTR{ext_range}=="256"
    ATTR{hidden}=="0"
    ATTR{inflight}=="       0        0"
    ATTR{integrity/device_is_integrity_capable}=="0"
    ATTR{integrity/format}=="none"
    ATTR{integrity/protection_interval_bytes}=="0"
    ATTR{integrity/read_verify}=="0"
    ATTR{integrity/tag_size}=="0"
    ATTR{integrity/write_generate}=="0"
    ATTR{mq/0/cpu_list}=="0, 1, 2, 3, 4, 5, 6, 7"
    ATTR{mq/0/nr_reserved_tags}=="0"
    ATTR{mq/0/nr_tags}=="32"
    ATTR{power/control}=="auto"
    ATTR{power/runtime_active_time}=="0"
    ATTR{power/runtime_status}=="unsupported"
    ATTR{power/runtime_suspended_time}=="0"
    ATTR{queue/add_random}=="1"
    ATTR{queue/chunk_sectors}=="0"
    ATTR{queue/dax}=="0"
    ATTR{queue/discard_granularity}=="0"
    ATTR{queue/discard_max_bytes}=="0"
    ATTR{queue/discard_max_hw_bytes}=="0"
    ATTR{queue/discard_zeroes_data}=="0"
    ATTR{queue/dma_alignment}=="511"
    ATTR{queue/fua}=="0"
    ATTR{queue/hw_sector_size}=="512"
    ATTR{queue/io_poll}=="0"
    ATTR{queue/io_poll_delay}=="-1"
    ATTR{queue/io_timeout}=="30000"
    ATTR{queue/iosched/back_seek_max}=="16384"
    ATTR{queue/iosched/back_seek_penalty}=="2"
    ATTR{queue/iosched/fifo_expire_async}=="250"
    ATTR{queue/iosched/fifo_expire_sync}=="125"
    ATTR{queue/iosched/low_latency}=="1"
    ATTR{queue/iosched/max_budget}=="0"
    ATTR{queue/iosched/slice_idle}=="8"
    ATTR{queue/iosched/slice_idle_us}=="8000"
    ATTR{queue/iosched/strict_guarantees}=="0"
    ATTR{queue/iosched/timeout_sync}=="125"
    ATTR{queue/iostats}=="1"
    ATTR{queue/logical_block_size}=="512"
    ATTR{queue/max_discard_segments}=="1"
    ATTR{queue/max_hw_sectors_kb}=="32767"
    ATTR{queue/max_integrity_segments}=="0"
    ATTR{queue/max_sectors_kb}=="1280"
    ATTR{queue/max_segment_size}=="65536"
    ATTR{queue/max_segments}=="168"
    ATTR{queue/minimum_io_size}=="512"
    ATTR{queue/nomerges}=="0"
    ATTR{queue/nr_requests}=="64"
    ATTR{queue/nr_zones}=="0"
    ATTR{queue/optimal_io_size}=="0"
    ATTR{queue/physical_block_size}=="512"
    ATTR{queue/read_ahead_kb}=="128"
    ATTR{queue/rotational}=="1"
    ATTR{queue/rq_affinity}=="1"
    ATTR{queue/scheduler}=="none mq-deadline kyber [bfq] "
    ATTR{queue/stable_writes}=="0"
    ATTR{queue/throttle_sample_time}=="100"
    ATTR{queue/virt_boundary_mask}=="0"
    ATTR{queue/write_cache}=="write back"
    ATTR{queue/write_same_max_bytes}=="0"
    ATTR{queue/write_zeroes_max_bytes}=="0"
    ATTR{queue/zone_append_max_bytes}=="0"
    ATTR{queue/zone_write_granularity}=="0"
    ATTR{queue/zoned}=="none"
    ATTR{range}=="16"
    ATTR{removable}=="0"
    ATTR{ro}=="0"
    ATTR{size}=="1250263728"
    ATTR{stat}=="     355        0    21348     2856        8        0        0       18        0     1424     2893        0        0        0        0        8       18"
    ATTR{trace/act_mask}=="disabled"
    ATTR{trace/enable}=="0"
    ATTR{trace/end_lba}=="disabled"
    ATTR{trace/pid}=="disabled"
    ATTR{trace/start_lba}=="disabled"

  looking at parent device '/devices/pci0000:00/0000:00:1f.2/ata6/host5/target5:0:0/5:0:0:0':
    KERNELS=="5:0:0:0"
    SUBSYSTEMS=="scsi"
    DRIVERS=="sd"
    ATTRS{blacklist}==""
    ATTRS{delete}=="(not readable)"
    ATTRS{device_blocked}=="0"
    ATTRS{device_busy}=="0"
    ATTRS{dh_state}=="detached"
    ATTRS{eh_timeout}=="10"
    ATTRS{evt_capacity_change_reported}=="0"
    ATTRS{evt_inquiry_change_reported}=="0"
    ATTRS{evt_lun_change_reported}=="0"
    ATTRS{evt_media_change}=="0"
    ATTRS{evt_mode_parameter_change_reported}=="0"
    ATTRS{evt_soft_threshold_reached}=="0"
    ATTRS{inquiry}==""
    ATTRS{iocounterbits}=="32"
    ATTRS{iodone_cnt}=="0x1c1"
    ATTRS{ioerr_cnt}=="0x24"
    ATTRS{iorequest_cnt}=="0x1c1"
    ATTRS{iotmo_cnt}=="0x0"
    ATTRS{model}=="WDC WD6400AAVS-0"
    ATTRS{ncq_prio_enable}=="0"
    ATTRS{ncq_prio_supported}=="0"
    ATTRS{power/autosuspend_delay_ms}=="-1"
    ATTRS{power/control}=="on"
    ATTRS{power/runtime_active_time}=="741934"
    ATTRS{power/runtime_status}=="active"
    ATTRS{power/runtime_suspended_time}=="0"
    ATTRS{queue_depth}=="32"
    ATTRS{queue_ramp_up_period}=="120000"
    ATTRS{queue_type}=="simple"
    ATTRS{rescan}=="(not readable)"
    ATTRS{rev}=="4C05"
    ATTRS{scsi_level}=="6"
    ATTRS{state}=="running"
    ATTRS{timeout}=="30"
    ATTRS{type}=="0"
    ATTRS{vendor}=="ATA     "
    ATTRS{vpd_pg0}==""
    ATTRS{vpd_pg80}==""
    ATTRS{vpd_pg83}==""
    ATTRS{vpd_pg89}==""
    ATTRS{vpd_pgb0}==""
    ATTRS{vpd_pgb1}==""
    ATTRS{vpd_pgb2}==""
    ATTRS{wwid}=="naa.50014ee202989df7"

  looking at parent device '/devices/pci0000:00/0000:00:1f.2/ata6/host5/target5:0:0':
    KERNELS=="target5:0:0"
    SUBSYSTEMS=="scsi"
    DRIVERS==""
    ATTRS{power/control}=="auto"
    ATTRS{power/runtime_active_time}=="741935"
    ATTRS{power/runtime_status}=="active"
    ATTRS{power/runtime_suspended_time}=="0"

  looking at parent device '/devices/pci0000:00/0000:00:1f.2/ata6/host5':
    KERNELS=="host5"
    SUBSYSTEMS=="scsi"
    DRIVERS==""
    ATTRS{power/control}=="auto"
    ATTRS{power/runtime_active_time}=="741936"
    ATTRS{power/runtime_status}=="active"
    ATTRS{power/runtime_suspended_time}=="314"

  looking at parent device '/devices/pci0000:00/0000:00:1f.2/ata6':
    KERNELS=="ata6"
    SUBSYSTEMS==""
    DRIVERS==""
    ATTRS{power/control}=="on"
    ATTRS{power/runtime_active_time}=="742252"
    ATTRS{power/runtime_status}=="active"
    ATTRS{power/runtime_suspended_time}=="0"

  looking at parent device '/devices/pci0000:00/0000:00:1f.2':
    KERNELS=="0000:00:1f.2"
    SUBSYSTEMS=="pci"
    DRIVERS=="ahci"
    ATTRS{ari_enabled}=="0"
    ATTRS{broken_parity_status}=="0"
    ATTRS{class}=="0x010601"
    ATTRS{consistent_dma_mask_bits}=="64"
    ATTRS{d3cold_allowed}=="1"
    ATTRS{device}=="0x1e02"
    ATTRS{dma_mask_bits}=="64"
    ATTRS{driver_override}=="(null)"
    ATTRS{enable}=="1"
    ATTRS{irq}=="28"
    ATTRS{local_cpulist}=="0-7"
    ATTRS{local_cpus}=="ff"
    ATTRS{msi_bus}=="1"
    ATTRS{msi_irqs/28}=="msi"
    ATTRS{numa_node}=="-1"
    ATTRS{power/control}=="on"
    ATTRS{power/runtime_active_time}=="742302"
    ATTRS{power/runtime_status}=="active"
    ATTRS{power/runtime_suspended_time}=="0"
    ATTRS{power/wakeup}=="disabled"
    ATTRS{power/wakeup_abort_count}==""
    ATTRS{power/wakeup_active}==""
    ATTRS{power/wakeup_active_count}==""
    ATTRS{power/wakeup_count}==""
    ATTRS{power/wakeup_expire_count}==""
    ATTRS{power/wakeup_last_time_ms}==""
    ATTRS{power/wakeup_max_time_ms}==""
    ATTRS{power/wakeup_total_time_ms}==""
    ATTRS{power_state}=="D0"
    ATTRS{remapped_nvme}=="0"
    ATTRS{remove}=="(not readable)"
    ATTRS{rescan}=="(not readable)"
    ATTRS{reset}=="(not readable)"
    ATTRS{reset_method}=="af_flr"
    ATTRS{revision}=="0x04"
    ATTRS{subsystem_device}=="0x11d6"
    ATTRS{subsystem_vendor}=="0x1734"
    ATTRS{vendor}=="0x8086"

  looking at parent device '/devices/pci0000:00':
    KERNELS=="pci0000:00"
    SUBSYSTEMS==""
    DRIVERS==""
    ATTRS{power/control}=="auto"
    ATTRS{power/runtime_active_time}=="0"
    ATTRS{power/runtime_status}=="unsupported"
    ATTRS{power/runtime_suspended_time}=="0"
    ATTRS{waiting_for_supplier}=="0"

答え1

これに対してudevルールを作成するのは比較的簡単です。以下を追加するだけです/etc/udev/rules.d/yourname.rule

ATTRS{wwid}=="naa.50014ee202989df7", MODE="0440"

ここでは、ディスクと一意に一致するwwidように出力に現在を使用しました。udevadm info --query=all --attribute-walk --path=/sys/block/sdaすべてのディスクに対してこの操作を繰り返すことができます。

になります。いいえ警戒してくださいmkfs /dev/sda1。権限があってもmkfs影響を受けないようです。/dev/sda10000

関連情報