> The external SCSI CD-RW is attached to scd0, so I made that device > file a member or group, 'cdrw'. eg. > > brw-rw---- 1 root cdrw 11, 0 Feb 2 23:16 /dev/scd0 > > I believe the driver /dev/sg* is needed, so I also made those dev files > a member of 'cdrw', eg. > > crw------- 1 root cdrw 21, 0 Feb 2 23:16 /dev/sg0 > > I don't believe I need to change the group of the binaries cdparanoia > and cdrdao. > > Unfortunately when I issue either cdrdao or cdparanoia commands, I don't > have access to the SCSI device. You are almost there. There is a group 'cdrom', which I usually use for this, but your solution works fine. However, you need write access to the generic scsi device (sg0), so you need to give the 'cdrw' group write access to /dev/sg0, I recommend 'chmod 660 /dev/sg0'. Then anyone in the cdrw group will have write access to sg0. Oh, and here is a quick tutorial on using numbers for permissions. We'll use your /dev/scd0 as example. brw-rw---- 1 root cdrw 11, 0 Feb 2 23:16 /dev/scd0 Looking at the first section (brw-rw----) we can break this into it's parts b This is the file type. On regular files this will just be '-', in this case the 'b' stands for block, cdroms are a block device. On sg0 it is a 'c', since it is a character device next we have 9 characters, these can be thought of as 3 groups of 3 rw- : owner rw- : group --- : world With me so far? Good. Now how do the numbers work into this? Well, do this. Think of x=1, w=2, and r=4. We, can now add these numbers together to get the permissions we want for each of owner,group, and world. rw- = 4+2+0 = 6 So both the owner and group permissions can be represented by the number 6, giving us a numeric permission on this file of '660'. If we wanted to make a file executable by anyone we would simply add 1(x) to each of the fields, giving us 771 or rwxrwx--x. Fairly simple, yes? In your example of 4111 you'll notice that there is a fourth number (4 in this case), this number works the same way. In this case think of suid=4, sgid=2, sticky=1, so setting the file to 4111, make's it readable and writable by nobody, executable by everybody, and suid. The permissions on a file like this would look like ---s--x--x. The s signifies that this file, when executed, will run as the userid of the file. If you were to set the file to 2111, it would look like ---x--s--x, which means it would run as the same group as the file. If you were to set it to sticky (1111 or ---x--x--t) it would do...nothing. Older unices used the sticky bit to keep the file in swap space, but Linux and most modern unices (as far as I know), ignore it. However, setting the sticky bit on a directory makes it so that files in that directory may only be deleted or renamed by the file's owner or root (you'll notice that /tmp has the sticky bit set, for this very reason). Wow, that turned into something slightly longer than I intended :) Cheers, Caleb
Attachment:
signature.asc
Description: This is a digitally signed message part