[lug] File permissions & groups
Warren Sanders
sanders at montanalinux.org
Tue Mar 12 09:46:03 MST 2002
Riggs, Rob wrote:
>Red Hat uses PAM's console.perms(5) to set permissions on the devices
>themselves to the console user, rather than using setuid root applications.
>It's a much safer way to achieve what you want.
>
>I have the following set on my system:
>
>In /etc/security/console.perms:
><cdrom>=/dev/cdrom* /dev/cdroms/* /dev/cdwriter* /mnt/cdrom*
>
>And:
>lrwxrwxrwx 1 root root 8 Feb 3 20:46 /dev/cdwriter ->
>/dev/sg2
>
>On login, PAM sets the owner on /dev/sg2 to the console owner, which is the
>first user to log in on the local console, either on a VT or via X.
>
>-Rob
>
>P.S. I've thought about giving a 10-minute talk on console.perms, if
>anyone's interested. Probably not this month though...
>
I have experienced a similar problem but with Mandrake 8.1. I took a peek at my etc/security/console.perms and also see this line: <burner>=/dev/scd* /dev/sg* /dev/pcd* /dev/pg* /dev/cdwriter
Is there anything needed differently here or does one just modify the <cdrom> line as yours shows?
--
Warren Sanders
http://MontanaLinux.Org
More information about the LUG
mailing list