Q: User access to hardware peripherals - preferred method?
What is the One True Debian way to allow users access to special devices such as
floppies, CD-ROM drives and modems (ie., ppp, efax and minicom)?
The Debian FAQ has this to say on the subject:
12.2 How can I provide access to hardware peripherals, without
compromising security?
Many device files in the /dev directory belong to some predefined
groups. For example, /dev/fd0 belongs to the floppy gruop, and
/dev/dsp belongs to the audio group.
If you want a certain user to have access to one of these devices,
just add the user to the group the device belongs to. This way you
have not to chmod the device file.
But simply doing the following for user foo does not work (at least on my
2.1 system):
# addgroup foo floppy
# addgroup foo audio
# addgroup foo dip
Is there something else to it? Or a better method? There's several Optional
packages for managing permissions (sudo, super, suidmanager) and a number of
other, unlegant ways to do this involving /etc/fstab edits and chmoding
device files; I was hoping to avoid this.
Reply to: