Re: could not eject CDROM as a normal user: [solved]

To: Debian-user list <debian-user@lists.debian.org>
Subject: Re: could not eject CDROM as a normal user: [solved]
From: "Walter Dnes" <waltdnes@waltdnes.org>
Date: Mon, 8 Dec 2003 22:34:20 -0500
Message-id: <[🔎] 20031209033420.GA19026@m450>
In-reply-to: <[🔎] 20031208143619.GO9275@ix.netcom.com>
References: <[🔎] bquqi3$ks3$1@sea.gmane.org> <[🔎] 20031208143619.GO9275@ix.netcom.com>

On Mon, Dec 08, 2003 at 06:36:19AM -0800, Karsten M. Self wrote

> Yes, this is the correct fix.
> 
> The reason not to make a normal user a member of the disk group is that
> this generally gives read *and* write access to the raw disk device
> itself.  This is a really good way to utterly destroy your data.
> 
> 'cdrom' by contrast is generally read-only.  Far less harm possible.

  Debian seems to require a lot of this, i.e. making user a member of
cdrom, floppy, and audio (what else?).  This raises a question for me,
namely is there a group-management tool somewhere.  I've read the
usermod manpage, but all it has is the ability to make the listed user a
member only of the listed groups.  There doesn't seem to be a switch for
adding the user to a group without dropping any unmentioned groups.
What I'd like would be a couple of commands to...
a) list the groups a userID is currently a member of
b) add the userID to one group, but not drop him from all other groups,
   without having to type in all the current groups he belongs to

  Since this didn't exist, I wrote a couple of scripts "usergroups" and
"adduser2group".  Here they are.  ***WARNING***... a lot of stuff going
on inside backticks, in a script that must be run by root.  Don't trust
me; verify the commands to your own satisfaction.

Script "usergroups", takes 1 parameter, the userID whose group
memberships we wish to list

#!/bin/bash
echo `cat /etc/group |\
grep ":${1}$" |\
sed "s/:.*$//" |\
tr '\012' ','`
echo ' '


Script "adduser2group", takes 2 parameters
 1) the userID whose group memberships we wish to modify
 2) the group that we wish to add the user to

#!/bin/bash
usermod -G `cat /etc/group |\
grep ":${1}$" |\
sed "s/:.*$//" |\
tr '\012' ','`${2} ${1}


  Running this on my machine I get...

[22:10:20][/root] usergroups waltdnes
floppy,audio,

[22:10:32][/root] adduser2group waltdnes cdrom
[22:11:00][/root] usergroups waltdnes
cdrom,floppy,audio,

  This shows that the addition succeeded.  At this point, somebody will
point me to a simple built-in group management command that I missed...

-- 
Walter Dnes <waltdnes@waltdnes.org>
Email users are divided into two classes;
1) Those who have effective spam-blocking
2) Those who wish they did

Reply to:

Follow-Ups:
- Re: could not eject CDROM as a normal user: [solved]
  - From: "H. S." <greatexcalibur@yahoo.com>

References:
- could not eject CDROM as a normal user: [solved]
  - From: "H. S." <greatexcalibur@yahoo.com>
- Re: could not eject CDROM as a normal user: [solved]
  - From: "Karsten M. Self" <kmself@ix.netcom.com>

Prev by Date: Re: Tom Ballard, MSFT shill (was Re: Debian Server Compromise -- A Fire Drill ??)
Next by Date: Re: Spamassain question, whitelist?
Previous by thread: Re: could not eject CDROM as a normal user: [solved]
Next by thread: Re: could not eject CDROM as a normal user: [solved]
Index(es):
- Date
- Thread