Early in October I posted about Mandrake complaining about a corrupt superblock, which I was able to fix (with your help) by editing my /etc/security/console.perms file. This was all precipitated by me installing the XScreenSaver screensavers. I kept getting an error which I tried to fix by following the procedure outlined below, but which caused the false 'corrupt superblock' problem.
I'd quite like to get the screensavers working properly if possible, but I'd first like to consult the experts for your recommendations. Below is the quote from the XScreenSaver README file which I attempted to follow last time. Would you mind scanning your eyes over it, and letting me know if the procedure described is the correct one for Mandrake 9.1 ?
'= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
Q: OpenGL applications exit with the following error message:
Error: Could not open /dev/nvidiactl because the permissions
are too restrictive. Please see the FREQUENTLY ASKED QUESTIONS
section of /usr/share/doc/NVIDIA_GLX-1.0/README for steps
to correct.A: It is likely that a security module for the PAM system may be
changing the permissions on the NVIDIA device files. In most cases
this security system works, but it can get confused. To correct this
problem it is recommended that you disable this security feature.
Different Linux distributions have different files to control this;
please consult with your distributor for the correct method of
disabling this security feature. As an example, if your system has
the file
/etc/security/console.perms
then you should edit the file and remove the line that starts with
"<dri>" (we have also received reports that additional references to
<dri> in console.perms must be removed, but this has not been verified
by NVIDIA). If instead your system has the file
/etc/logindevperms
then you should edit the file and remove the line that lists
/dev/nvidiactl. The above steps will prevent the PAM security system
from modifying the permissions on the NVIDIA device files. Next,
you will need to reset the permissions on the device files back
to their original permissions and owner. You can do that with the
following commands:
chmod 0666 /dev/nvidia* chown root /dev/nvidia*
'= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
This is my (unmodified) '/etc/security/console.perms' file:
'= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
# This file determines the permissions that will be given to priviledged
# users of the console at login time, and the permissions to which to
# revert when the users log out.
# format is: # <class>=list of regexps specifying consoles or globs specifying files # file-glob|<class> perm dev-regex|<dev-class> \ # revert-mode revert-owner[.revert-group] # the revert-mode, revert-owner, and revert-group are optional, and default # to 0600, root, and root, respectively. # # For more information: # man 5 console.perms
# file classes -- these are regular expressions <console>=tty[0-9][0-9]* vc/[0-9][0-9]* :[0-9]\.[0-9] :[0-9] <xconsole>=:[0-9]\.[0-9] :[0-9]
# device classes -- these are shell-style globs
<serial>=/dev/ttyS*
<floppy>=/dev/fd[0-1]* \
/dev/floppy/* /mnt/floppy*
<sound>=/dev/dsp* /dev/audio* /dev/midi* \
/dev/mixer* /dev/sequencer* \
/dev/sound/* /dev/snd/* /dev/beep \
/dev/admm* \
/dev/adsp* /dev/aload* /dev/amidi* /dev/dmfm* \
/dev/dmmidi* /dev/sndstat
<cdrom>=/dev/cdrom* /dev/rdvd /dev/ide/*/*/*/*/cd /dev/scsi/*/*/*/*/cd
<pilot>=/dev/pilot
<jaz>=/mnt/jaz*
<zip>=/mnt/pocketzip* /mnt/zip*
<ls120>=/dev/ls120 /mnt/ls120*
<scanner>=/dev/scanner /dev/usb/scanner* /dev/parport*
<camera>=/mnt/camera* /dev/usb/dc2xx* /dev/usb/mdc800*
<memstick>=/mnt/memstick*
<flash>=/mnt/flash*
<diskonkey>=/mnt/diskonkey*
<rem_ide>=/mnt/microdrive*
<fb>=/dev/fb /dev/fb[0-9]* \
/dev/fb/*
<kbd>=/dev/kbd
<joystick>=/dev/js[0-9]*
<v4l>=/dev/video* /dev/radio* /dev/winradio* /dev/vtx* /dev/vbi* \
/dev/video/* /dev/vttuner
<gpm>=/dev/gpmctl
<dri>=/dev/nvidia* /dev/3dfx*
<mainboard>=/dev/apm_bios
<burner>=/dev/scd* /dev/sg* /dev/pcd* /dev/pg* /dev/cdwriter /dev/scsi/*/*/*/*/generic
<usb>=/dev/usb/dabusb* /dev/usb/mdc800* /dev/usb/rio500 /dev/ttyUSB* \
/proc/usb/[0-9][0-9][0-9]/[0-9][0-9][0-9]
# permission definitions <console> 0660 <serial> 0660 root.tty <console> 0660 <floppy> 0660 root.floppy <console> 0600 <sound> 0600 root.audio <console> 0600 <cdrom> 0660 root.cdrom <console> 0600 <pilot> 0660 root.uucp <console> 0600 <jaz> 0660 root.disk <console> 0600 <zip> 0660 root.disk <console> 0600 <ls120> 0660 root.disk <console> 0660 <scanner> 0660 root.usb <console> 0600 <camera> 0600 root <console> 0600 <memstick> 0600 root.disk <console> 0600 <flash> 0600 root.disk <console> 0600 <diskonkey> 0660 root.disk <console> 0600 <rem_ide> 0660 root.disk <console> 0600 <fb> 0600 root <console> 0600 <kbd> 0600 root <console> 0600 <joystick> 0600 root <console> 0600 <v4l> 0600 root.sys <console> 0700 <gpm> 0700 root <console> 0600 <mainboard> 0600 root <console> 0660 <burner> 0660 root.cdwriter <console> 0660 <usb> 0660 root.usb
<xconsole> 0600 /dev/console 0600 root.root
<xconsole> 0600 <dri> 0600 root
'= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
IIRC, I didn't removed both references to 'dri' in that file, just the first one, but since that seemed to work, I didn't bother removing the second one. Should I have done so, do you think ? I'm reluctant to experiment too much in case I screw up worse than last time !
Any thoughts would be most appreciated.
Many Thanks :) --
Dave
Cunningly disguised as a responsible adult
