diff --git a/udevil/._cfg0000_udevil.conf b/udevil/._cfg0000_udevil.conf
new file mode 100644
index 0000000..cdbe224
--- /dev/null
+++ b/udevil/._cfg0000_udevil.conf
@@ -0,0 +1,330 @@
+##############################################################################
+#
+# udevil configuration file    /etc/udevil/udevil.conf
+#
+# This file controls what devices, networks, and files users may mount and
+# unmount via udevil (set suid).
+# 
+# IMPORTANT:  IT IS POSSIBLE TO CREATE SERIOUS SECURITY PROBLEMS IF THIS FILE
+# IS MISCONFIGURED - EDIT WITH CARE
+#
+# Note:  For greater control for specific users, including root, copy this
+# file to /etc/udevil/udevil-user-USERNAME.conf replacing USERNAME with the
+# desired username (eg /etc/udevil/udevil-user-jim.conf).
+#
+# Format:
+#   OPTION = VALUE[, VALUE, ...]
+#
+# DO NOT USE QUOTES except literally
+# Lines beginning with # are ignored
+#
+##############################################################################
+
+
+# To log all uses of udevil, set log_file to a file path:
+# log_file = /var/log/udevil.log
+
+# Approximate number of days to retain log entries (0=forever, max=60):
+log_keep_days = 10
+
+
+# allowed_types determines what fstypes can be passed by a user to the u/mount
+# program, what device filesystems may be un/mounted implicitly, and what
+# network filesystems may be un/mounted.
+# It may also include the 'file' keyword, indicating that the user is allowed
+# to mount files (eg an ISO file).  The $KNOWN_FILESYSTEMS variable may
+# be included to include common local filesystems as well as those listed in
+# /etc/filesystems and /proc/filesystems.
+# allowed_types_USERNAME, if present, is used to override allowed_types for
+# the specific user 'USERNAME'.  For example, to allow user 'jim' to mount
+# only vfat filesystems, add:
+# allowed_types_jim = vfat
+# Setting allowed_types = * does NOT allow all types, as this is a security
+# risk, but does allow all recognized types.
+# allowed_types = $KNOWN_FILESYSTEMS, file, cifs, smbfs, nfs, curlftpfs, ftpfs, sshfs, davfs, tmpfs, ramfs
+allowed_types = $KNOWN_FILESYSTEMS, file
+
+
+# allowed_users is a list of users permitted to mount and unmount with udevil.
+# Wildcards (* or ?) may be used in the usernames.  To allow all users,
+# specify "allowed_users=*".  UIDs may be included using the form UID=1000.
+# For example:  allowed_users = carl, UID=1000, pre*
+# Also note that permission to execute udevil may be limited to users belonging
+# to the group that owns /usr/bin/udevil, such as 'plugdev' or 'storage',
+# depending on installation.
+# allowed_users_FSTYPE, if present, is used to override allowed_users when
+# mounting or unmounting a specific fstype (eg nfs, ext3, file).
+# Note that when mounting a file, fstype will always be 'file' regardless of
+# the internal fstype of the file.
+# For example, to allow only user 'bob' to mount nfs shares, add:
+# allowed_users_nfs = bob
+# The root user is NOT automatically allowed to use udevil in some cases unless
+# listed here (except for unmounting anything or mounting fstab devices).
+allowed_users = *
+
+
+# allowed_groups is a list of groups permitted to mount and unmount with
+# udevil.  The user MUST belong to at least one of these groups.  Wildcards
+# or GIDs may NOT be used in group names, but a single * may be used to allow
+# all groups.
+# Also note that permission to execute udevil may be limited to users belonging
+# to the group that owns /usr/bin/udevil, such as 'plugdev' or 'storage',
+# depending on installation.
+# allowed_groups_FSTYPE, if present, is used to override allowed_groups when
+# mounting or unmounting a specific fstype (eg nfs, ext3, file).  For example,
+# to allow only members of the 'network' group to mount smb and nfs shares,
+# use both of these lines:
+# allowed_groups_smbfs = network
+# allowed_groups_nfs = network
+# The root user is NOT automatically allowed to use udevil in some cases unless
+# listed here (except for unmounting anything or mounting fstab devices).
+allowed_groups = *
+
+
+# allowed_media_dirs specifies the media directories in which user mount points
+# may be located.  The first directory which exists and does not contain a
+# wildcard will be used as the default media directory (normally /media or
+# /run/media/$USER).
+# The $USER variable, if included, will be replaced with the username of the
+# user running udevil.  Wildcards may also be used in any directory EXCEPT the
+# default.  Wildcards will not match a /
+# allowed_media_dirs_FSTYPE, if present, is used to override allowed_media_dirs
+# when mounting or unmounting a specific fstype (eg ext2, nfs).  For example,
+# to cause /media/network to be used as the default media directory for
+# nfs and ftpfs mounts, use these two lines:
+# allowed_media_dirs_nfs   = /media/network, /media, /run/media/$USER
+# allowed_media_dirs_ftpfs = /media/network, /media, /run/media/$USER
+# NOTE: If you want only the user who mounted a device to have access to it
+# and be allowed to unmount it, specify /run/media/$USER as the first
+# allowed media directory.
+# IMPORTANT:  If an allowed file is mounted to a media directory, the user may
+# be permitted to unmount its associated loop device even though internal.
+# INCLUDING /MNT HERE IS NOT RECOMMENDED.  ALL ALLOWED MEDIA DIRECTORIES
+# SHOULD BE OWNED AND WRITABLE ONLY BY ROOT.
+allowed_media_dirs = /media, /run/media/$USER
+
+
+# allowed_devices is the first criteria for what block devices users may mount
+# or unmount.  If a device is not listed in allowed_devices, it cannot be
+# un/mounted (unless in fstab).  However, even if a device is listed, other
+# factors may prevent its use.  For example, access to system internal devices
+# will be denied to normal users even if they are included in allowed_devices.  
+# allowed_devices_FSTYPE, if present, is used to override allowed_devices when
+# mounting or unmounting a specific fstype (eg ext3, ntfs).  For example, to
+# prevent all block devices containing an ext4 filesystem from being
+# un/mounted use:
+# allowed_devices_ext4 =
+# Note: Wildcards may be used, but a wildcard will never match a /, except
+# for "allowed_devices=*" which allows any device.  The recommended setting is
+# allowed_devices = /dev/*
+# WARNING:  ALLOWING USERS TO MOUNT DEVICES OUTSIDE OF /dev CAN CAUSE SERIOUS
+# SECURITY PROBLEMS.  DO NOT ALLOW DEVICES IN /dev/shm
+allowed_devices = /dev/*
+
+
+# allowed_internal_devices causes udevil to treat any listed block devices as
+# removable, thus allowing normal users to un/mount them (providing they are
+# also listed in allowed_devices).
+# allowed_internal_devices_FSTYPE, if present, is used to override
+# allowed_internal_devices when mounting or unmounting a specific fstype
+# (eg ext3, ntfs).  For example, to allow block devices containing a vfat
+# filesystem to be un/mounted even if they are system internal devices, use:
+# allowed_internal_devices_vfat = /dev/sdb*
+# Some removable esata drives look like internal drives to udevil.  To avoid
+# this problem, they can be treated as removable with this setting.
+# WARNING:  SETTING A SYSTEM DEVICE HERE CAN CAUSE SERIOUS SECURITY PROBLEMS.
+# allowed_internal_devices =
+
+
+# allowed_internal_uuids and allowed_internal_uuids_FSTYPE work similarly to
+# allowed_internal_devices, except that UUIDs are specified instead of devices.
+# For example, to allow un/mounting of an internal filesystem based on UUID:
+# allowed_internal_uuids = cc0c4489-8def-1e5b-a304-ab87c3cb626c0
+# WARNING:  SETTING A SYSTEM DEVICE HERE CAN CAUSE SERIOUS SECURITY PROBLEMS.
+# allowed_internal_uuids = 
+
+
+# forbidden_devices is used to prevent block devices from being un/mounted
+# even if other settings would allow them (except devices in fstab).
+# forbidden_devices_FSTYPE, if present, is used to override
+# forbidden_devices when mounting or unmounting a specific fstype
+# (eg ext3, ntfs).  For example, to prevent device /dev/sdd1 from being
+# mounted when it contains an ntfs filesystem, use:
+# forbidden_devices_ntfs = /dev/sdd1
+# NOTE: device node paths are canonicalized before being tested, so forbidding
+# a link to a device will have no effect.
+forbidden_devices =
+
+
+# allowed_networks determines what hosts may be un/mounted by udevil users when
+# using nfs, cifs, smbfs, curlftpfs, ftpfs, or sshfs.  Hosts may be specified
+# using a hostname (eg myserver.com) or IP address (192.168.1.100).
+# Wildcards may be used in hostnames and IP addresses, but CIDR notation 
+# (192.168.1.0/16) is NOT supported.  IP v6 is supported.  For example:
+# allowed_networks = 127.0.0.1, 192.168.1.*, 10.0.0.*, localmachine, *.okay.com
+# Or, to prevent un/mounting of any network shares, set:
+# allowed_networks =
+# allowed_networks_FSTYPE, if present, is used to override allowed_networks
+# when mounting or unmounting a specific network fstype (eg nfs, cifs, sshfs,
+# curlftpfs).  For example, to limit nfs and samba shares to only local
+# networks, use these two lines:
+# allowed_networks_nfs = 192.168.1.*, 10.0.0.*
+# allowed_networks_cifs = 192.168.1.*, 10.0.0.*
+allowed_networks = *
+
+
+# forbidden_networks and forbidden_networks_FSTYPE are used to specify networks
+# that are never allowed, even if other settings allow them (except fstab).
+# NO REVERSE LOOKUP IS PERFORMED, so including bad.com will only have an effect
+# if the user uses that hostname.  IP lookup is always performed, so forbidding
+# an IP address will also forbid all corresponding hostnames.
+forbidden_networks = 
+
+
+# allowed_files is used to determine what files in what directories may be
+# un/mounted.  A user must also have read permission on a file to mount it.
+# Note: Wildcards may be used, but a wildcard will never match a /, except
+# for "allowed_files=*" which allows any file.  For example, to allow only
+# files in the /share directory to be mounted, use:
+# allowed_files = /share/*
+# NOTE:  Specifying allowed_files_FSTYPE will NOT work because the fstype of
+# files is always 'file'.
+allowed_files = *
+
+
+# forbidden_files is used to specify files that are never allowed, even if
+# other settings allow them (except fstab).  Specify a full path.
+# Note: Wildcards may be used, but a wildcard will never match a /, except
+# for "forbidden_files = *".
+# NOTE: file paths are canonicalized before being tested, so forbidding
+# a link to a file will have no effect.
+forbidden_files = 
+
+
+# default_options specifies what options are always included when performing
+# a mount, in addition to any options the user may specify.
+# Note:  When a device is present in /etc/fstab, and the user does not specify
+# a mount point, the device is mounted with normal user permissions using
+# the fstab entry, without these options.
+# default_options_FSTYPE, if present, is used to override default_options
+# when mounting a specific fstype (eg ext2, nfs).
+# The variables $USER, $UID, and $GID are changed to the user's username, UID,
+# and GID.
+# FOR GOOD SECURITY, default_options SHOULD ALWAYS INCLUDE: nosuid,noexec,nodev
+# WARNING:  OPTIONS PRESENT OR MISSING CAN CAUSE SERIOUS SECURITY PROBLEMS.
+default_options           = nosuid, noexec, nodev, noatime
+default_options_file      = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, ro
+# mount iso9660 with 'ro' to prevent mount read-only warning
+default_options_iso9660   = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, ro, utf8
+default_options_udf       = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID
+default_options_vfat      = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID, utf8
+default_options_msdos     = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID
+default_options_umsdos    = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID
+default_options_ntfs      = nosuid, noexec, nodev, noatime, fmask=0133, uid=$UID, gid=$GID, utf8
+default_options_cifs      = nosuid, noexec, nodev, uid=$UID, gid=$GID
+default_options_smbfs     = nosuid, noexec, nodev, uid=$UID, gid=$GID
+default_options_sshfs     = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, nonempty, allow_other
+default_options_curlftpfs = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID, nonempty, allow_other
+default_options_ftpfs     = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID
+default_options_davfs     = nosuid, noexec, nodev, uid=$UID, gid=$GID
+default_options_tmpfs     = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID
+default_options_ramfs     = nosuid, noexec, nodev, noatime, uid=$UID, gid=$GID
+
+
+# allowed_options determines all options that a user may specify when mounting.
+# All the options used in default_options above must be included here too, or
+# they will be rejected.  If the user attempts to use an option not included
+# here, an error will result.  Wildcards may be used.
+# allowed_options_FSTYPE, if present, is used to override allowed_options
+# when mounting a specific fstype (eg ext2, nfs).
+# The variables $USER, $UID, and $GID are changed to the user's username, UID,
+# and GID.
+# If you want to forbid remounts, remove 'remount' from here.
+# WARNING:  OPTIONS HERE CAN CAUSE SERIOUS SECURITY PROBLEMS - CHOOSE CAREFULLY
+allowed_options           = nosuid, noexec, nodev, noatime, fmask=0133, dmask=0022, uid=$UID, gid=$GID, ro, rw, sync, flush, iocharset=*, utf8, remount
+allowed_options_nfs       = nosuid, noexec, nodev, noatime, ro, rw, sync, remount, port=*, rsize=*, wsize=*, hard, proto=*, timeo=*, retrans=*
+allowed_options_cifs      = nosuid, noexec, nodev, ro, rw, remount, port=*, user=*, username=*, pass=*, password=*, guest, domain=*, uid=$UID, gid=$GID, credentials=*
+allowed_options_smbfs     = nosuid, noexec, nodev, ro, rw, remount, port=*, user=*, username=*, pass=*, password=*, guest, domain=*, uid=$UID, gid=$GID, credentials=*
+allowed_options_sshfs     = nosuid, noexec, nodev, noatime, ro, rw, uid=$UID, gid=$GID, nonempty, allow_other, idmap=user, BatchMode=yes, port=*
+allowed_options_curlftpfs = nosuid, noexec, nodev, noatime, ro, rw, uid=$UID, gid=$GID, nonempty, allow_other, user=*
+allowed_options_ftpfs     = nosuid, noexec, nodev, noatime, ro, rw, port=*, user=*, pass=*, ip=*, root=*, uid=$UID, gid=$GID
+
+
+# mount_point_mode, if present and set to a non-empty value, will cause udevil
+# to set the mode (permissions) on the moint point after mounting  If not
+# specified or if left empty, the mode is not changed.  Mode must be octal
+# starting with a zero (0755).
+# mount_point_mode_FSTYPE, if present, is used to override mount_point_mode
+# when mounting a specific fstype (eg ext2, nfs).
+# NOT SETTING A MODE CAN HAVE SECURITY IMPLICATIONS FOR SOME FSTYPES
+mount_point_mode = 0755
+# don't set a mode for some types:
+mount_point_mode_sshfs =
+mount_point_mode_curlftpfs =
+mount_point_mode_ftpfs =
+
+
+# Use the settings below to change the default locations of programs used by
+# udevil, or (advanced topic) to redirect commands to your scripts.
+# When substituting scripts, make sure they are root-owned and accept the
+# options used by udevil (for example, the mount_program must accept --fake,
+# -o, -v, and other options valid to mount.)
+# Be sure to specify the full path and include NO OPTIONS or other arguments.
+# These programs may also be specified as configure options when building
+# udevil.
+# THESE PROGRAMS ARE RUN AS ROOT
+# mount_program   = /bin/mount
+# umount_program  = /bin/umount
+# losetup_program = /sbin/losetup
+# setfacl_program = /usr/bin/setfacl
+
+
+# validate_exec specifies a program or script which provides additional
+# validation of a mount or unmount command, beyond the checks performed by
+# udevil.  The program is run as a normal user (if root runs udevil,
+# validate_exec will NOT be run).  The program is NOT run if the user is
+# mounting a device without root priviledges (a device in fstab).
+# The program is passed the username, a printable description of what is
+# happening, and the entire udevil command line as the first three arguments.
+# The program must return an exit status of 0 to allow the mount or unmount
+# to proceed.  If it returns non-zero, the user will be denied permission.
+# For example, validate_exec might specify a script which notifies you
+# of the command being run, or performs additional steps to authenticate the
+# user.
+# Specify a full path to the program, with NO options or arguments.
+# validate_exec =
+
+
+# validate_rootexec works similarly to validate_exec, except that the program
+# is run as root.  validate_rootexec will also be run if the root user runs
+# udevil.  If both validate_exec and validate_rootexec are specified, 
+# validate_rootexec will run first, followed by validate_exec.
+# The program must return an exit status of 0 to allow the mount or unmount
+# to proceed.  If it returns non-zero, the user will be denied permission.
+# Unless you are familiar with writing root scripts, it is recommended that
+# rootexec settings NOT be used, as it is easy to inadvertently open exploits.
+# THIS PROGRAM IS ALWAYS RUN AS ROOT, even if the user running udevil is not.
+# validate_rootexec =
+
+
+# success_exec is run after a successful mount, remount, or unmount.  The 
+# program is run as a normal user (if root runs udevil, success_exec
+# will NOT be run).
+# The program is passed the username, a printable description of what action
+# was taken, and the entire udevil command line as the first three arguments.
+# The program's exit status is ignored.
+# For example, success_exec might run a script which informs you of what action
+# was taken, and might perform further actions.
+# Specify a full path to the program, with NO options or arguments.
+# success_exec =
+
+
+# success_rootexec works similarly to success_exec, except that the program is
+# run as root.  success_rootexec will also be run if the root user runs udevil.
+# If both success_exec and success_rootexec are specified,  success_rootexec
+# will run first, followed by success_exec.
+# Unless you are familiar with writing root scripts, it is recommended that
+# rootexec settings NOT be used, as it is easy to inadvertently open exploits.
+# THIS PROGRAM IS ALWAYS RUN AS ROOT, even if the user running udevil is not.
+# success_rootexec =
+