[ydl-gen] About permissions, etc. - correction
Charles Trois
charles.trois at wanadoo.fr
Thu Feb 1 03:51:44 MST 2007
> Message: 8
> Date: Wed, 24 Jan 2007 09:47:56 -0500
> From: Derick Centeno <aguilarojo at verizon.net>
> Subject: Re: [ydl-gen] About permissions, etc. - correction
> To: Discussion List for General Yellow Dog Linux User Topics
> <yellowdog-general at lists.terrasoftsolutions.com>
> Message-ID: <275E1005-F526-4107-83C1-F734B7CA9BB0 at verizon.net>
> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
>
> Hi Charles:
>
> I was wondering wouldn't it be simpler to merely control user access
> to the cdrw by changing the user assignments?
>
> I'm referring to the UID/GID. In other words:
>
> 1. For instance one could change the shell the user can use. Which
> by definition restricts what a user can do.
> 2. Assign the user to a GID where directory access to /mnt/cdrw is
> not permitted.
>
> I'm guessing, hopefully in a reasoned manner, that the error you're
> getting regarding SigmaX is because it is in fact a cdrw which puts
> it under the administration of a program called cdrecord, which
> provides information to
> Linux so that Linux believes it is a SCSI device -- allowing it (when
> mounted)
> to appear as another HD. This also explains why the line including
> SigmaX in fstab appears correct at first glance, but it may be best
> (depending on which version of YDL one is using) to merely comment
> that line out.
>
> Within YDL 5, CD's and similar media mount and are available within
> e17 very nicely without the need to do anything within fstab. Of
> course, SigmaX is a cdrw; it isn't an HD at all.
>
> This is why I thought it would be a lot simpler to merely define user
> access so that they don't see the cd device at all under any
> circumstances. The reference I was reviewing along these lines is here:
>
> http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/admin-primer/
> s1-acctsgrps-res.html
>
> If the above is done well enough you could potentially have a group
> of users with the same GID who don't have access to the cdrw, but who
> can still get a reasonable amount of work done without you having to
> continuously micro-manage each of their permissions -- just assign
> such users to the same GID with the limited constructs you prefer.
>
Derick,
Sorry for this late answer. I spent some time trying to understand what
happens.
I may not have been sufficiently clear: SigmaX is the name of an hfs+
volume (the one that bears macosx); it is not related to cds in any way.
The cdrom volume exists at /mnt/cdrom; /mnt/cdrw does not exist.
As a mere conjecture, I can only think that the peculiar behaviour of
SigmaX (being in group cdrw, appearing as read-only contrary to the
mount options) is related (how?) to its privileged place in the system:
indeed, from the mac side, it is seen not as just a volume name, but as
a link to /.
If this is true, of course nothing can be done.
Many thanks for your thoughts.
Charles
More information about the yellowdog-general
mailing list