[ydl-gen] About permissions, etc. - correction

Charles Trois charles.trois at wanadoo.fr
Thu Feb 1 03:51:44 MST 2007 

> Message: 8
> Date: Wed, 24 Jan 2007 09:47:56 -0500
> From: Derick Centeno <aguilarojo at verizon.net>
> Subject: Re: [ydl-gen] About permissions, etc. - correction
> To: Discussion List for General Yellow Dog Linux User Topics
> 	<yellowdog-general at lists.terrasoftsolutions.com>
> Message-ID: <275E1005-F526-4107-83C1-F734B7CA9BB0 at verizon.net>
> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
> 
> Hi Charles:
> 
> I was wondering wouldn't it be simpler to merely control user access
> to the cdrw by changing the user assignments?
> 
> I'm referring to the UID/GID.  In other words:
> 
> 1.  For instance one could change the shell the user can use.  Which
> by definition restricts what a user can do.
> 2.  Assign the user to a GID where directory access to /mnt/cdrw is
> not permitted.
> 
> I'm guessing, hopefully in a reasoned manner, that the error you're
> getting regarding SigmaX is because it is in fact a cdrw which puts
> it under the administration of a program called cdrecord, which  
> provides information to
> Linux so that Linux believes it is a SCSI device -- allowing it (when  
> mounted)
> to appear as another HD.  This also explains why the line including  
> SigmaX in fstab appears correct at first glance, but it may be best  
> (depending on which version of YDL one is using) to merely comment  
> that line out.
> 
> Within YDL 5, CD's and similar media mount and are available within  
> e17 very nicely without the need to do anything within fstab.  Of  
> course, SigmaX is a cdrw; it isn't an HD at all.
> 
> This is why I thought it would be a lot simpler to merely define user
> access so that they don't see the cd device at all under any
> circumstances.  The reference I was reviewing along these lines is here:
> 
> http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/admin-primer/ 
> s1-acctsgrps-res.html
> 
> If the above is done well enough you could potentially have a group
> of users with the same GID who don't have access to the cdrw, but who
> can still get a reasonable amount of work done without you having to
> continuously micro-manage each of their permissions -- just assign
> such users to the same GID with the limited constructs you prefer.
> 

Derick,
Sorry for this late answer. I spent some time trying to understand what 
happens.
I may not have been sufficiently clear: SigmaX is the name of an hfs+ 
volume (the one that bears macosx); it is not related to cds in any way. 
The cdrom volume exists at /mnt/cdrom; /mnt/cdrw does not exist.
As a mere conjecture, I can only think that the peculiar behaviour of 
SigmaX (being in group cdrw, appearing as read-only contrary to the 
mount options) is related (how?) to its privileged place in the system: 
indeed, from the mac side, it is seen not as just a volume name, but as 
a link to /.
If this is true, of course nothing can be done.
Many thanks for your thoughts.

Charles

More information about the yellowdog-general mailing list