>> BTW, I have another problem with udev rules. My dvd writer (/dev/hda >> with links to dvd and cdrw) is owned by root.root, I'd like it to be >> root.cdrecord so that users in the cdrecord group can burn CD's... >> But the cdrecord group isn't even mentioned in any udev rules, but group >> "cdrw" is, but that group isn't in 013's /etc/group file and anyhow my >> /dev/hda still isn't owned by any other group than root... >> Or is the cdrecord group meant to be used for suid'ing cd burning >> software so they run as root? (that wouldn't be good...) > > The only privileged executable on CDRTools is sbin/rscsi, but it only > makes use of the setuid bit. There's nothing indicating the usage of > setgid there: > -rws--x--x 1 gobo gobo 83384 Sep 1 2006 rscsi > > CDRDAO, however, uses that: > -rwsr-sr-x 1 gobo gobo 569100 Jul 16 2006 cdrdao > > But as you can see its group is set to 'gobo' instead of 'cdrecord'. I > think we need a fix here.. maybe a PostInstall script can do the job > correctly. Could anyone please provide a fixed recipe for CDRDAO?
So, the idea is that everyone running cdrdao should have write access to cdrw devices... Isn't it better to not setuid or setgid anything but instead put users who should be able to write cd's in the 'cdrecord' group? > On the hda owner's problem, could you please test with the attached > udev rules? I made some modifications on permissions (0666) and added > group settings to the cdrom entries. Works great. But I don't think "others" should be able to write to the cdrw, only users in 'cdrecord' group. So I suggest changing that to 0660... (what would otherwise be the point with 'cdrecord' owning it?) -- /Jonatan -=( http://kymatica.com )=- _______________________________________________ gobolinux-devel mailing list gobolinux-devel@lists.gobolinux.org http://lists.gobolinux.org/mailman/listinfo/gobolinux-devel
