[ydl-gen] About permissions, etc.
Derick Centeno
aguilarojo at verizon.net
Wed Jan 24 07:21:06 MST 2007
Hi Charles:
I was wondering wouldn't it be simpler to merely control user access
to the cdrw by changing the user assignments?
I'm referring to the UID/GID. In other words:
1. For instance one could change the shell the user can use. Which
by definition restricts what a user can do.
2. Assign the user to a GID where directory access to /mnt/cdrw is
not permitted.
I'm guessing, hopefully in a reasoned manner, that the error you're
getting regarding SigmaX is because it is in fact a cdrw which puts
in under the administration of cdrecord, which provides info. to
Linux as though it were a SCSI device -- allowing it (when mounted)
to appear as another HD.
Of course, it isn't.
This is why I thought it would be a lot simpler to merely define user
access so that they don't see the cd device at all under any
circumstances. The reference I was reviewing along these lines is here:
http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/admin-primer/
s1-acctsgrps-res.html
If the above is done well enough you could potentially have a group
of users with the same GID who don't have access to the cdrw, but who
can still get a reasonable amount of work done without you having to
continuously micro-manage each of their permissions -- just assign
such users to the same GID with the limited constructs you prefer.
Good Luck ... Derick
On Jan 24, 2007, at 5:34 AM, Charles Trois wrote:
> Hello!
>
> I am a bit confused about some matters related to permissions.
> Here is a part of my fstab file:
>
> Sirrah ~ # cat /etc/fstab
> ...
> /dev/hda9 /mnt/giga hfs defaults,umask=0 0 0
> /dev/hda10 /mnt/Sigma hfsplus defaults 0 0
> /dev/hda11 /mnt/SigmaX hfsplus defaults 0 0
> ...
>
> and here are the contents of /mnt:
>
> Sirrah ~ # ls -l /mnt
> total 8
> drwxr-xr-x 1 root root 28 Dec 21 17:00 Sigma
> drwxrwxr-t 1 root cdrw 38 Jan 21 09:52 SigmaX
> drwx------ 2 root root 4096 Aug 11 01:49 cdrom
> drwx------ 2 root root 4096 Aug 11 01:49 floppy
> drwxrwxrwx 1 root root 40 Dec 21 16:00 giga
>
> I want to suppress the write permissions on Sigma and SigmaX. So I did
>
> Sirrah ~ # chmod 555 /mnt/Sigma
>
> That worked all right, and I went on with
>
> Sirrah ~ # chmod 555 /mnt/SigmaX
> chmod: changing permissions of `/mnt/SigmaX': Read-only file system
>
> The error here is surprising, as SigmaX is mounted rw:
>
> Sirrah ~ # mount
> ...
> /dev/hda11 on /mnt/SigmaX type hfsplus (rw)
> ...
>
> I tried the step of remounting it rw: the error disappeared, but chmod
> produced no result.
> SigmaX, strangely, belongs to the cdrw group, and I wondered if that
> could be the cause of the trouble, so I tried to change it to root;
> but
> the answer was again: Read-only file system.
> Finally, I wondered if SigmaX might have the "i" attribute, so I
> tried:
>
> Sirrah ~ # lsattr /mnt
> ------------- /mnt/cdrom
> ------------- /mnt/floppy
> lsattr: Inappropriate ioctl for device While reading flags on /mnt/
> giga
> ------------- /mnt/Sigma
> ------------- /mnt/SigmaX
>
> It shows no attributes, but there is this error about giga: it is
> perhaps of no consequence, but it should not be there!
>
> I'd be grateful for any hints that could help me get out of this mess.
>
> Charles
>
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general at lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
> HINT: to Google archives, try '<keywords>
> site:terrasoftsolutions.com'
More information about the yellowdog-general
mailing list