[ydl-gen] About permissions, etc. - correction

Derick Centeno aguilarojo at verizon.net
Wed Jan 24 07:47:56 MST 2007 

Hi Charles:

I was wondering wouldn't it be simpler to merely control user access
to the cdrw by changing the user assignments?

I'm referring to the UID/GID.  In other words:

1.  For instance one could change the shell the user can use.  Which
by definition restricts what a user can do.
2.  Assign the user to a GID where directory access to /mnt/cdrw is
not permitted.

I'm guessing, hopefully in a reasoned manner, that the error you're
getting regarding SigmaX is because it is in fact a cdrw which puts
it under the administration of a program called cdrecord, which  
provides information to
Linux so that Linux believes it is a SCSI device -- allowing it (when  
mounted)
to appear as another HD.  This also explains why the line including  
SigmaX in fstab appears correct at first glance, but it may be best  
(depending on which version of YDL one is using) to merely comment  
that line out.

Within YDL 5, CD's and similar media mount and are available within  
e17 very nicely without the need to do anything within fstab.  Of  
course, SigmaX is a cdrw; it isn't an HD at all.

This is why I thought it would be a lot simpler to merely define user
access so that they don't see the cd device at all under any
circumstances.  The reference I was reviewing along these lines is here:

http://www.redhat.com/docs/manuals/linux/RHL-8.0-Manual/admin-primer/ 
s1-acctsgrps-res.html

If the above is done well enough you could potentially have a group
of users with the same GID who don't have access to the cdrw, but who
can still get a reasonable amount of work done without you having to
continuously micro-manage each of their permissions -- just assign
such users to the same GID with the limited constructs you prefer.

Good Luck ... Derick
========================================
On Jan 24, 2007, at 5:34 AM, Charles Trois wrote:

> Hello!
>
> I am a bit confused about some matters related to permissions.
> Here is a part of my fstab file:
>
> Sirrah ~ # cat /etc/fstab
> ...
> /dev/hda9   /mnt/giga       hfs       defaults,umask=0          0 0
> /dev/hda10  /mnt/Sigma      hfsplus   defaults                  0 0
> /dev/hda11  /mnt/SigmaX     hfsplus   defaults                  0 0
> ...
>
> and here are the contents of /mnt:
>
> Sirrah ~ # ls -l /mnt
> total 8
> drwxr-xr-x 1 root root   28 Dec 21 17:00 Sigma
> drwxrwxr-t 1 root cdrw   38 Jan 21 09:52 SigmaX
> drwx------ 2 root root 4096 Aug 11 01:49 cdrom
> drwx------ 2 root root 4096 Aug 11 01:49 floppy
> drwxrwxrwx 1 root root   40 Dec 21 16:00 giga
>
> I want to suppress the write permissions on Sigma and SigmaX. So I did
>
> Sirrah ~ # chmod 555 /mnt/Sigma
>
> That worked all right, and I went on with
>
> Sirrah ~ # chmod 555 /mnt/SigmaX
> chmod: changing permissions of `/mnt/SigmaX': Read-only file system
>
> The error here is surprising, as SigmaX is mounted rw:
>
> Sirrah ~ # mount
> ...
> /dev/hda11 on /mnt/SigmaX type hfsplus (rw)
> ...
>
> I tried the step of remounting it rw: the error disappeared, but chmod
> produced no result.
> SigmaX, strangely, belongs to the cdrw group, and I wondered if that
> could be the cause of the trouble, so I tried to change it to root;
> but
> the answer was again: Read-only file system.
> Finally, I wondered if SigmaX might have the "i" attribute, so I
> tried:
>
> Sirrah ~ # lsattr /mnt
> ------------- /mnt/cdrom
> ------------- /mnt/floppy
> lsattr: Inappropriate ioctl for device While reading flags on /mnt/
> giga
> ------------- /mnt/Sigma
> ------------- /mnt/SigmaX
>
> It shows no attributes, but there is this error about giga: it is
> perhaps of no consequence, but it should not be there!
>
> I'd be grateful for any hints that could help me get out of this mess.
>
> Charles
>
> _______________________________________________
> yellowdog-general mailing list
> yellowdog-general at lists.terrasoftsolutions.com
> http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
> HINT: to Google archives, try  '<keywords>
> site:terrasoftsolutions.com'

_______________________________________________
yellowdog-general mailing list
yellowdog-general at lists.terrasoftsolutions.com
http://lists.terrasoftsolutions.com/mailman/listinfo/yellowdog-general
HINT: to Google archives, try  '<keywords> site:terrasoftsolutions.com'

More information about the yellowdog-general mailing list