On Sat, 14 Aug 2004, edwinculp wrote: > I've installed K3b and it works great for the root user but I can't get it to work > for any non-privileged user even though I have put the user in the wheel group and > have set sysctl vfs.usermount=1, cd0 has permissions set to 666, the same in > devfs.conf (That solves the problem for xmms but not for k3b. I have tried to suid > and kde won't let it start. I'm out of ideas. After this much time, I'm sure that > I'm making a mountain out of a mole hill and I'm missing something very simple. > > Any help would be appreciated. I can't see my users using burncd
See /usr/ports/sysutils/k3b/pkg-message: [...] 3. k3b has to be started from a root console, which is not recommended. Alternatively do the following: 3a. set the suid flag on cdrecord and cdrdao. The 'Notes' the chapter of 'man cdrecord' discusses this. 3b. - install sudo (security/sudo) and add the following line or similar to sudoers (usually in /usr/local/etc/sudoers): ALL ALL = NOPASSWD: /sbin/camcontrol devlist - or execute 'camcontrol devlist' For every user who should be able to use k3b. Resolve all errors e.g by giving him/her access rights to /dev/xpt0. 'camcontrol devlist' must run without error for all these users! Note that giving access rights to /dev/xpt* might be a security leak! - or give camcontrol the suid flag, which is a security leak as well. 3c. - For every user who should be able to use k3b and for every CD or DVD device add a directory in the users home directory. These directories must be owned by the corresponding user. For each such directory add a line in /ect/fstab (see remark 2), like: /dev/cd0c /usr/home/XXX/cdrom cd9660 ro,noauto,nodev,nosuid 0 0 Furthermore allow user mounts as described in topic 9.22 of the FAQ: http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/disks.html#USER-FLOPPYMOUNT - or just give mount and umount the sudo flag, which is a security leak. 3d. - Every user who should be able to use k3b must have read and write access to all pass through devices connected with CD and DVD drives. Run 'camcontrol devlist' to identify those devices (seek string 'passX' at the end of each line and modify the rights of /dev/passX). Note, that this is a security leak as well but that there is no alternative! [...] Oliver -- ... don't touch the bang bang fruit _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"