LINUXMIND.DEV

Auto-Mount USB with udev Rules

Auto-Mount USB with udev Rules

Introduction

In modern Linux environments, automating the mounting process of USB drives can save time and reduce manual errors.
The udev subsystem provides a flexible way to react to hardware events, including the addition and removal of USB storage devices.
By crafting custom udev rules, you can define specific actions—such as creating mount points, adjusting permissions, and executing helper scripts—whenever a USB device appears.

Why Auto-Mount via udev

  • Consistency: Ensures drives are always mounted at predefined locations.
  • Automation: Eliminates manual intervention—useful in headless servers or kiosks.
  • Security: You can enforce ownership and permission policies.
  • Custom Actions: Trigger antivirus scans, sync routines, or log events.

Prerequisites

  • A Linux distribution with udev (systemd-based or otherwise).
  • Root or sudo privileges to create rules and scripts.
  • Basic knowledge of shell scripting, filesystem hierarchy, and mount concepts.

Understanding udev Rules

udev rules reside in /etc/udev/rules.d/ (for local rules) or /lib/udev/rules.d/ (distribution-provided).
Files are named with a numeric prefix to define processing order, e.g.,
99-local-usb.rules. Each rule consists of match keys on the left-hand side and assignments or program calls on the right.

Common Match Keys

Key Description
SUBSYSTEM Hardware category, e.g., block for storage devices.
ACTION Event type, such as add or remove.
ENV{ID_FS_TYPE} Filesystem type detected by udev (e.g., vfat, ext4).
ATTR{serial} Unique device serial number for finer identification.

Basic Rule Structure

# /etc/udev/rules.d/99-usb-mount.rules
SUBSYSTEM==block, KERNEL==sd1, ACTION==add, ENV{ID_FS_TYPE}==vfat, RUN =/usr/local/bin/usb-mount.sh %k

Explanation:

  • KERNEL==sd1 matches first partition of SCSI disk (common for USB).
  • ENV{ID_FS_TYPE}==vfat restricts to FAT32 filesystems.
  • RUN =... calls a helper script, passing device name %k.

Creating the Helper Script

A typical script /usr/local/bin/usb-mount.sh might perform the following: 

#!/bin/bash
DEVNAME=1
MOUNTBASE=/media/usb
DEVICE=/dev/DEVNAME
MOUNTPOINT=MOUNTBASE/DEVNAME

# Create mount directory
mkdir -p MOUNTPOINT

# Mount with options
mount -o uid=1000,gid=1000,umask=022 DEVICE MOUNTPOINT  exit 1

# Log event
echo (date): Mounted DEVICE at MOUNTPOINT >> /var/log/usb-mount.log

exit 0
  • Ensure the script is executable: chmod x /usr/local/bin/usb-mount.sh.
  • Adjust uid, gid, and mount options to suit your environment.

Handling Removal

To cleanly unmount when a device is removed, add a second rule: 

# /etc/udev/rules.d/99-usb-umount.rules
SUBSYSTEM==block, KERNEL==sd1, ACTION==remove, RUN =/usr/local/bin/usb-umount.sh %k

And the corresponding usb-umount.sh: 

#!/bin/bash
DEVNAME=1
MOUNTPOINT=/media/usb/DEVNAME

# Unmount gracefully
umount MOUNTPOINT

# Remove directory
rmdir MOUNTPOINT

# Log event
echo (date): Unmounted DEVNAME from MOUNTPOINT >> /var/log/usb-mount.log

exit 0

Advanced Topics

  • Rule Testing: Use udevadm test /sys/path/to/device to simulate events and check rule matches.
  • Custom ENV Variables: Export additional values for scripts:
    ENV{MY_VAR}=foo, RUN =....
  • Integration with systemd: You can trigger systemd-mount or dispatch service units for more complex workflows.

Debugging and Logs

  • Monitor /var/log/syslog or journalctl -f for udev messages.
  • Increase verbosity: udevadm control --log-priority=debug.
  • Validate rules syntax: udevadm test --action=add /sys/block/sdb/sdb1.

Security Considerations

  • Validate filesystem types to avoid mounting untrusted code.
  • Run mount scripts with limited privileges, or use a dedicated suid wrapper.
  • Log all actions and regularly review logs for anomalies.

Security and VPN Recommendations

While automounting USB drives enhances productivity, remote operations and networked environments should be secured with a reliable VPN.
Here are three respected options:

  • ExpressVPN: High-speed servers in 90 countries, strong encryption, and user-friendly clients.
  • NordVPN: Double VPN, Threat Protection, and a large server network for global coverage.
  • ProtonVPN: Developed by the team behind ProtonMail, with a focus on privacy and open-source transparency.

Conclusion

Leveraging udev for auto-mounting USB drives combines the power of Linux’s device management with custom automation.
By following structured rules and robust helper scripts, administrators can ensure consistent, secure, and fully automated handling of removable storage devices.
Remember to enforce proper permissions, implement thorough logging, and augment your network security with a trusted VPN solution.

Download TXT




Powered by LinuxMind

Leave a Reply

Your email address will not be published. Required fields are marked *