[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: could not eject CDROM as a normal user: [solved]

On Mon, Dec 08, 2003 at 06:36:19AM -0800, Karsten M. Self wrote

> Yes, this is the correct fix.
> The reason not to make a normal user a member of the disk group is that
> this generally gives read *and* write access to the raw disk device
> itself.  This is a really good way to utterly destroy your data.
> 'cdrom' by contrast is generally read-only.  Far less harm possible.

  Debian seems to require a lot of this, i.e. making user a member of
cdrom, floppy, and audio (what else?).  This raises a question for me,
namely is there a group-management tool somewhere.  I've read the
usermod manpage, but all it has is the ability to make the listed user a
member only of the listed groups.  There doesn't seem to be a switch for
adding the user to a group without dropping any unmentioned groups.
What I'd like would be a couple of commands to...
a) list the groups a userID is currently a member of
b) add the userID to one group, but not drop him from all other groups,
   without having to type in all the current groups he belongs to

  Since this didn't exist, I wrote a couple of scripts "usergroups" and
"adduser2group".  Here they are.  ***WARNING***... a lot of stuff going
on inside backticks, in a script that must be run by root.  Don't trust
me; verify the commands to your own satisfaction.

Script "usergroups", takes 1 parameter, the userID whose group
memberships we wish to list

echo `cat /etc/group |\
grep ":${1}$" |\
sed "s/:.*$//" |\
tr '\012' ','`
echo ' '

Script "adduser2group", takes 2 parameters
 1) the userID whose group memberships we wish to modify
 2) the group that we wish to add the user to

usermod -G `cat /etc/group |\
grep ":${1}$" |\
sed "s/:.*$//" |\
tr '\012' ','`${2} ${1}

  Running this on my machine I get...

[22:10:20][/root] usergroups waltdnes

[22:10:32][/root] adduser2group waltdnes cdrom
[22:11:00][/root] usergroups waltdnes

  This shows that the addition succeeded.  At this point, somebody will
point me to a simple built-in group management command that I missed...

Walter Dnes <waltdnes@waltdnes.org>
Email users are divided into two classes;
1) Those who have effective spam-blocking
2) Those who wish they did

Reply to: