Le 12/01/04 à 01:36 Hendrik Sattler (ubq7@rz.uni-karlsruhe.de) écrivait : > > - If they're not already, ask if their group should be set to cdrom. > > - If permissions and group of programs used by k3b (cdrecord, > > cdrdao, ...) are not suitable, ask if they should be changed to > > appropriate values (group cdrom, but which permissions exactly?). > > If they run as setuid root (cdrecord needs that anyway), why bother changing > the device files. With hotpluggable devices, this will mostly (!) be wrong > anyway. If I plug in an USB-CD-Writer than the whole setup doesn't gain you > anything (except when also having an apropriate hoplug script). That's sure. Moreover it is not the job of the k3b package to do that. > > - If allowed, apply the changes using dpkg-statoverride. > > Don't do this to other program because either: > 1. They are a debian packages and a user friendly but secure setup should be > done by its maintainer. I should check with other maintenairs, and it the policy. The best would be that each package present a debconf option to set the SETUID bit on binaries. > or > 2. They were not installed as a package and the admin is responsible of doing > it correctly. I could not take bad admin into account. I don't see any good reason to install cdrdao, cdrecord... without a package. > If you can work from a console with the program (by having the user in the > correct group) then k3b should work correctly, too. Any test that fails > although everything work correctly should be removed or fixed. Yes, but it could change. The stat of a system evolve against time ! > Installing xmms will not fiddle with group "audio". > Why exactly should be done for group "cdrom"? That's sure. > > k3bsetup2 doesn't fit in well with a debian setup. That said, I'd feel > > uneasy just leaving it out. Some suggestions > > I'd leave it out of the package. It is surely not needed in a correctly > working distribution. Actually, k3b _should_ find everything working (except > the user not being in the correct group). And if it doesn't ? To my mind if it doesn't it should warn user to use dpkg-reconfigure somepackage and set the correct option. But that implies that EACH package (on which k3b depends) should have a debconf frontend. -- Jean-Michel Kelbert
Attachment:
signature.asc
Description: Digital signature