Re: ownership of target of /dev/cdroms/cdroms0 in devfs

To: Alex Bowley <alex.bowley@excitehome.net>
Cc: devfs@oss.sgi.com, debian-user@lists.debian.org
Subject: Re: ownership of target of /dev/cdroms/cdroms0 in devfs
From: Russell Coker <russell@coker.com.au>
Date: Wed, 5 Sep 2001 22:18:21 +0200
Message-id: <[🔎] 20010905203303.A428A34F1F@lyta.coker.com.au>
Reply-to: Russell Coker <russell@coker.com.au>
In-reply-to: <200109041537.f84Fbbu05192@vindaloo.ras.ucalgary.ca>
References: <20010904171036.B571@london.excite.com> <200109041537.f84Fbbu05192@vindaloo.ras.ucalgary.ca>

On Tue, 4 Sep 2001 17:37, Richard Gooch wrote:
> > If I then attempt to access the drive, for instance using cdplay, or
> > alteri= ng permissions / ownership of the cdrom* symlinks, and _then_
> > restart devfs= d, then the ownership of
> > /dev/ide/host0/bus1/target0/lun0/cd changes to 'ro= ot:cdrom', and I can
> > read from the drive (as a normal user).
> >
> > If I add the following line to /etc/devfs/perms, then it fixes the
> > problem; REGISTER ^hdc* PERMISSIONS root.cdrom 0660
> >
> > I get the gut feeling that this is the Wrong Way to do this. Can anyone
> > eit= her placate this or advise better ways?
>
> Sounds like you have a Debian system. What you're doing may or may not
> fit in with the Debian way of doing things. I'll let Russell Coker,
> who is the Debian package maintainer for devfsd, reply. I believe he
> is on this list.

OK.  The are two differences between the Debian package and the default 
devfsd installation in this regard.

One is the /etc/devfs directory and the perms file that is included in the 
configuration which has default permissions.  I recommend that you add things 
to /etc/devfs/conf.d/something instead of changing the perms file, then on 
Debian package upgrade if the default perms file has new devices added they 
will automatically appear in your configuration (and you will not be bothered 
by questions about whether you want to replace the file).

The other change is more significant.  The function make_symlink() in 
devfsd.c which is called for MKOLDCOMPAT (and presumably MKNEWCOMPAT and 
others) will check PERMISSIONS entries for a match on the sym-link name and 
chance the permissions of the link target as if it was the subject of the 
permissions line.  The result of this is that many things "just work" without 
any effort.  The down-side as you have probably noticed is that removing a 
MKOLDCOMPAT entry can have changes to the permissions that are unexpected.

There are already some bug reports in the Debian BTS regarding default 
permissions of the IDE device files.  I will have to decide what to do, maybe 
the following:
REGISTER ^ide/host[0-9]+/bus[0-9]+/target[0-9]+/lun0/cd PERMISSIONS 
root.cdrom 640

I would not be about to give write access to a CD burner to anyone other than 
root by default...

Also any permissions related configuration directives in /etc/devfs/conf.d/* 
will over-ride /etc/devfs/perms (so there's no real need to comment anything 
out of /etc/devfs/perms unless you are making permissions more restrictive 
and want to avoid race conditions).

I have CC'd this to the debian-user list as I think that other Debian users 
will be interested in the discussion.

-- 
http://www.coker.com.au/bonnie++/     Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/       Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/     My home page

Reply to:

Follow-Ups:
- Re: ownership of target of /dev/cdroms/cdroms0 in devfs
  - From: Eamon Roque <eamon-roque@eplus-online.de>
- Re: ownership of target of /dev/cdroms/cdroms0 in devfs
  - From: Richard Gooch <rgooch@ras.ucalgary.ca>

Prev by Date: CD mount problems (an easy one ?)
Next by Date: Re: is exim the cause for this?
Previous by thread: CD mount problems (an easy one ?)
Next by thread: Re: ownership of target of /dev/cdroms/cdroms0 in devfs
Index(es):
- Date
- Thread