Re: device file permissions the debian way

To: debian-user@lists.debian.org <debian-user@lists.debian.org>
Subject: Re: device file permissions the debian way
From: Seeker5528 <seeker5528@comcast.net>
Date: Fri, 16 Sep 2005 01:40:15 -0700
Message-id: <[🔎] 20050916014015.5ed71d27@localhost>
In-reply-to: <20050914022658.1B26E12DB@teufel.hartford-hwp.com>
References: <[🔎] 20050911144147.C4F8B146E@teufel.hartford-hwp.com> <20050913143133.5e18c128@localhost> <20050914022658.1B26E12DB@teufel.hartford-hwp.com>

On Tue, 13 Sep 2005 22:26:58 -0400 (EDT)
brownh@hartford-hwp.com (Haines Brown) wrote:

> > On Sun, 11 Sep 2005 10:41:47 -0400 (EDT)
> > brownh@hartford-hwp.com (Haines Brown) wrote:
> > 
> > > I'm trying to set up a new installation of debian so that user can
> It was my understanding that gxine likes to see /dev/dvd; I use
> /dev/cdrom for a CD-RW drive. Sarge installation for some reason put
> the device files into the "disk" group. I have kernel 2.6.8-2-686.

I have not used gxine, but all the apps I have used let you specify
which device to look at for DVD. Since they all default to /dev/dvd it
make sense to expect this to be created.

All CD and DVD players and burners should be in the CD Rom group. On my
system I only have a DVD player and so /dev/cdrom and /dev/dvd both
point to /dev/hdd. The symlinks are root:root but /dev/hdd is
root:cdrom and it is the permissions on the real device file that
determines whether access is really allowed or not.  

> $ ls -l /dev/hda
>  brw-rw----  1 root disk 3, 0 Jul 31 18:54 /dev/hda
>
>  $ ls -l /dev/hdc  
>  brw-rw----  1 root disk 22, 0 Jul 31 18:54 /dev/hdc

> While I could change the ownership of /dev/dvd to the dvd group, I was
> advised against creating a new group in /etc/group such as dvd.

In theory it seems like adding the user to the disk group should work,
but technically better solution would be to get the devices and
symlinks created properly to do that will differ depending on if you
are using devfsd or udev.

I have been using udev since it showed up as a new package in unstable
and there were some issues with this stuff early on but it has been
working for me for awhile. As it currently is in unstable there are
two relevant files in /etc/udev, permissions.rules cd-aliases.rules, but
looking at the changelog:

* cd-aliases.rules, permissions.rules: moved to permissions.rules the
    call to cdrom_id for IDE devices and the GROUP attribute setting.
  * Removed simple-cd-aliases.rules because it's not really different
from the new cd-aliases.rules. Preinst will automatically replace the
link, if present.

: it looks like you probably want to look at permissions.rules and
simple-cd-aliases.rules.

My my understanding of how all this rules stuff works is fairly non
existent so hopefully someone will correct me if I am wrong, but looking
at an existing permissions rule:

BUS=="ide", KERNEL=="ht[0-9]*",                 GROUP="tape"

: It looks like you should be able to add a line in permissions.rules
for each cdrom type device like:

BUS=="ide", KERNEL=="hda",                 GROUP="cdrom"

: and the aliases file gives an example of what to specify for a
staticly created symlink in the format:

BUS=="ide",  ID=="1.0", SYMLINK+="cdrom"

: I'm guessing ID=="1.0" would translate to bus 1 device 0 so hda would
be ID=="0.0"

Of course the easier first step would be if you are using udev try
switching to devfsd and if you are using devfsd try switching to udev.

Later, Seeker

Reply to:

References:
- device file permissions the debian way
  - From: brownh@hartford-hwp.com (Haines Brown)

Prev by Date: Laptop Installation Problem
Next by Date: Re: Minimize diskaccess on a light server
Previous by thread: device file permissions the debian way
Next by thread: Re: device file permissions the debian way
Index(es):
- Date
- Thread