Re: parted is ALMOST suitable
On Wed 09 Nov 2016 at 09:48:01 +0100, tomas@tuxteam.de wrote:
> On Tue, Nov 08, 2016 at 08:39:51PM +0000, Brian wrote:
> > On Tue 08 Nov 2016 at 14:41:45 -0500, Stefan Monnier wrote:
> >
> > > >>>>>>> *HOWEVER* parted requires root privileges. That is not acceptable.
> > > >>>>>>> Suggestions?
> > > >>>>>>> TIA
> > > > Futzing with partitions is the admin's job.
> > >
> > > Could be, but it's not (g)parted's job to enforce these kinds of rules:
> > > that's what Unix permissions (and Linux's capabilities) are for.
> > >
> > > It's OK to add a warning and prompt the user to make sure he really
> > > means to do that, but there's no point *preventing* the user from
> > > shooting his own foot with this tool if he can do it with other
> > > tools anyway.
> >
> > Users here get no opportunity to shoot themselves or anyone else in the
> > foot. Access to raw disks is over my dead body. So I do not understand
> > your point.
>
> C'mon. Cut the drama. Dead bodies and that.
When I wrote that I had in mind the advice to put a user in the disk
group to get 'lsblk -f' to give a wanted output. It will work. It also
gives the user the opportunity to completely destroy the system with dd.
> As if "raw disk" were some kind of sacred stuff. In my case they are
> simple files on disk (disk images). Shall I have to become root every
> time I have to write a partition table to that? No. I just use fdisk.
>
> It's the job of file (device) permissions to ensure that. Or are you
> going to patch around bash's redirection operator too, to keep "users"
> from shooting themselves in the foot by issuing
>
> echo "mumble" > /dev/sda2
>
> Not really.
Raw disk access to a device the user does not own *is* sacred. Access
to a device the user does own is up to the user. Applications should not
prevent that legitimate access taking place. Thank you for raising the
disk image situation.
--
Brian.
Reply to: