Re: permissions on /dev/nvidia*
On Fri, Oct 07, 2011 at 10:32:34AM -0400, Christian Jaeger wrote:
> (Your mail was in my gmail spam folder -- which is why I noticed it :)
> > to solve the problem i tried to edit the init.d/nvidia-kernel script and replaced the line
> > mknod -m 0660 dev/nvidiactl c 195 255
> > with
> > mknod -m 0666 dev/nvidiactl c 195 256
> Wondering why you changed the minor number (255 to 256), if all you
> wanted to do is changing the permission.
> Also, maybe for a little more security instead of changing to world
> accessible you want to change the group instead (video -> users) (or
> maybe even better you find a way to change the owner to the user that
> is owning the X session; I don't know exactly what's possible to
> access through these devices, but I guess it might really be more than
> you would like).
> I don't know why the device was changing back; maybe run strace
> (perhaps with a filter for mknod, chmod, fchmod, fchmodat) on all
> relevant processes like X, login manager..
> Also, I've never used LDAP but perhaps it would be possible to give
> users authenticating through LDAP to get the video group automatically
> (statically configured)?
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact email@example.com
> Archive: CAEjYwfVi1ykYtCvKiBJw7ow-pW=wx1-kQVq24HsBsXTxGvQvxw@mail.gmail.com">http://lists.debian.org/CAEjYwfVi1ykYtCvKiBJw7ow-pW=wx1-kQVq24HsBsXTxGvQvxw@mail.gmail.com
hi and thank you for the answer.
I've solved it using ACL and giving r/w permission to the group "users".
This is not really a solution but it works fine and don't give world r/w permission on the device.