Lindsay Haisley <[EMAIL PROTECTED]> posted [EMAIL PROTECTED], excerpted below, on Fri, 19 Oct 2007 17:03:08 -0500:
> I researched this, and solved the problem. The correct solution was > posted at > http://www.linuxquestions.org/questions/slackware-14/12.0-and-hal-read- this-566862/ > > Basically, I had to do 2 things: > > 1. Add myself to the group plugdev in /etc/group 2. Reload the Dbus > config with /etc/init.d/dbus reload > > It would be a Good Thing if new local accounts could be added to group > plugdev when they're created. Adding users you wish to have this access to the plugdev group is indeed the correct solution, and indeed, mentioned in the log messages for the hal package when you merge it. Check your portage messages log, or see the elog at the end of the hal ebuilds if necessary. So the instructions were there for you to read if you wanted to. However, security-wise, you've hit a bit of a raw nerve here, so excuse me while I rant a bit... It would *NOT* be a "Good Thing" (r), and in fact, would be a very "Bad Thing" (r) to do this automatically when new users are created, as that kills important aspects of the Unix/Linux security model, the entire reason the generic "users" group isn't used in the first place. There are good reasons sysadmins may not WANT every user to have automount rights, and it's already possible to expand your newuser scripts locally to automatically add a user to various groups, if you as sysadmin decide that's what you want to do. Among other possible security issues is the fact that it's not always possible to cleanly give a user the rights necessary to mount a volume, without also giving them generically the rights to overwrite system devices, and if you have potentially malicious users, or even simply naive "innocent" users that don't understand security and don't see any reason why they should /have/ to understand it, clicking on anything that comes their way... With what you're advocating, why not do away with logins and have everybody run as root, thereby avoiding the permissions problem entirely? After all, MS did effectively that for years with the their 9x series, and we all know how problem free /that/ was. So... please think before you make requests for automating procedures that effectively automate the creation of security holes. If you want platforms that do such things, they are available; no need to make Gentoo into one of them by default. -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman -- [EMAIL PROTECTED] mailing list
