#include <hallo.h>
* Vincent Fourmond [Sat, Jul 08 2006, 09:59:18PM]:
> Package: cdrecord
> Version: 4:2.01+01a03-5
> Severity: normal
>
> Hello !
>
> I wanted to report that the latest version of cdrecord (the one currently
> in sid) fails to burn a
> CD with the following command-line:
>
> cdrecord -dao speed=8 dev=/dev/cdrw1 driveropts=burnfree *.wav
>
> it gives the following error:
>
> cdrecord: Operation not permitted. Cannot send SCSI cmd via ioctl
>
> However, the one in sarge can burn without problem using the same
> command-line. I don't quite
> understand the nature of the problem, but I'm ready to give any further
> information as needed. Both
> binaries were not SUID.
Try the attached patches, I hope I identified the problems causing that
behaviour when using as non-root.
(And for the case that Joerg Schilling is reading that, pro-active note:
Those are fixes for problems created by _your_ code even existing with
_your_ original version. Yes, that is an evil/bad/ugly/dirty/whatever
patch ; No, it is not caused by kernel bugs unless you don't care about
security and allow everyone to run dangerous (and unneccessary)
operations. There is no offense, you do not need to comment it or become
mad because of that. You do not need to add it your repository and I
give a fsck about meeting your code style standards or about your
problems with Linux developers. It works and solve the obvious problem
and that is what counts).
Eduard.
#! /bin/sh /usr/share/dpatch/dpatch-run
## 39_nonroot_skips_rezero_unit.dpatch by <[EMAIL PROTECTED]>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Don't run rezero_unit without having root permissions (causing critical
error).
--- a~/cdrecord/cdrecord.c
+++ a/cdrecord/cdrecord.c
@@ -3939,7 +3939,8 @@
scsi_start_stop_unit(scgp, 1, 0, immed);
wait_unit_ready(scgp, 120);
scgp->silent++;
- rezero_unit(scgp); /* Is this needed? Not supported by some
drvives */
+ if(geteuid() == 0) // EB: needed? Not allowed for non-root, that is
sure.
+ rezero_unit(scgp); /* Is this needed? Not supported by some
drvives */
scgp->silent--;
test_unit_ready(scgp);
scsi_start_stop_unit(scgp, 1, 0, immed);
#! /bin/sh /usr/share/dpatch/dpatch-run
## 40_stop_setuid_games.dpatch by <[EMAIL PROTECTED]>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: No description.
@DPATCH@
diff -urNad cdrtools-2.01.01~/libscg/scsi-linux-sg.c
cdrtools-2.01.01/libscg/scsi-linux-sg.c
--- cdrtools-2.01.01~/libscg/scsi-linux-sg.c 2006-03-21 15:36:02.000000000
+0100
+++ cdrtools-2.01.01/libscg/scsi-linux-sg.c 2006-03-21 15:37:36.765062112
+0100
@@ -43,8 +43,9 @@
*/
/*
* This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License version 2
- * as published by the Free Software Foundation.
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2, or (at your option)
+ * any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -65,19 +66,6 @@
#if LINUX_VERSION_CODE >= 0x01031a /* <linux/scsi.h> introduced in 1.3.26 */
#if LINUX_VERSION_CODE >= 0x020000 /* <scsi/scsi.h> introduced somewhere. */
/* Need to fine tune the ifdef so we get the transition point right. */
-
-#if defined(HAVE_BROKEN_SCSI_SCSI_H) || \
- defined(HAVE_BROKEN_SRC_SCSI_SCSI_H)
-/*
- * Be very careful in case that the Linux Kernel maintainers
- * unexpectedly fix the bugs in the Linux Lernel include files.
- * Only introduce the attempt for a workaround in case the include
- * files are broken anyway.
- */
-#define __KERNEL__
-#include <asm/types.h>
-#undef __KERNEL__
-#endif
#include <scsi/scsi.h>
#else
#include <linux/scsi.h>
@@ -1230,7 +1218,6 @@
int ret;
sg_io_hdr_t sg_io;
struct timeval to;
-static uid_t cureuid = 0; /* XXX Hack until we have uid
management */
if (scgp->fd < 0) {
sp->error = SCG_FATAL;
@@ -1263,19 +1250,7 @@
sg_io.timeout = sp->timeout*1000;
sg_io.flags |= SG_FLAG_DIRECT_IO;
- if (cureuid != 0)
- seteuid(0);
-again:
- errno = 0;
ret = ioctl(scgp->fd, SG_IO, &sg_io);
- if (ret < 0 && geterrno() == EPERM) { /* XXX Hack until we have uid
management */
- cureuid = geteuid();
- if (seteuid(0) >= 0)
- goto again;
- }
- if (cureuid != 0)
- seteuid(cureuid);
-
if (scgp->debug > 0) {
js_fprintf((FILE *)scgp->errfile,
"ioctl ret: %d\n", ret);
@@ -1294,7 +1269,7 @@
scglocal(scgp)->isold = 1;
return (sg_rwsend(scgp));
}
- if (sp->ux_errno == ENXIO || sp->ux_errno == EPERM ||
+ if (sp->ux_errno == ENXIO ||
sp->ux_errno == EINVAL || sp->ux_errno == EACCES) {
return (-1);
}
