It's not very elegant, but the quick and dirty solution is to use sudo to allow certain users to run specific commands with a real uid of root. You can say exactly what arguments the user has to use - the sudoers file is where this is configured. Or you can make a script - which is probably better. But said script should have no arguments, or as few as possible - because any complexity allows that user to attempt to exploit it to acheive root. Such a script could trivially bring a specific LV online, writable by a specific user. More complex requirement would be - more complex.

If LVM has more elegant features for this kind of thing, I'm all ears.

On Fri, Nov 16, 2018 at 8:43 AM, Christoph Pleger <christoph.pleger@cs.uni-dortmund.de> wrote:

Go back to the beginning and describe the original problem you are trying to solve and the constraints you have and ask for advice about ways to achieve it.

The beginning is that I want to create a user-specific logical volume when a user logs in to a service that authenticates its users through pam and that does not run as root. Regards Christoph