Burning with different user than root

[sven]

Now that I got my cd recorder working as root I want to burn CDs with my normal user ... what groups should I put my user into to get this working? Also, what else should I pay attention to when trying to burn with a normal user?

Thanks for any help!

[klieber]

You should just be able to add the user account to whatever group that currently owns the CD burner. (or, create a new group if you want to segregate permissions between your CD-burner and CD-ROM)

Also, you need to make sure that the CD burner device has group read/write privilages.

--kurt
_________________
The problem with political jokes is that they get elected

[sven]

Well, I thought changing the group of the /dev/sg0 device (this is the CD recorder, isn't it? At least Koncd claims this) from root to something else is a bad idea... So should I change the group from root to cdrw for example and put my user into this group?

[klieber]

[sven]

On my Gentoo 1.1a system the whole /dev folder is owned by root.root ... Maybe because of devfs?

[klieber]

[sven]

all devices are owned by root.root!

[klieber]

[kavel]

Hi,

I have installed my system with devfs support from scratch, and it has root.root ownership for all my devices. I was able to change this behaviour through /etc/devfsd.conf though. As an example, my sound devices are set up as:

...
LOOKUP snd MODLOAD ACTION snd
LOOKUP dsp MODLOAD
LOOKUP mixer MODLOAD
LOOKUP midi MODLOAD
REGISTER sound/.* PERMISSIONS root.audio 660
REGISTER snd/.* PERMISSIONS root.audio 660
...

This causes everything under /dev/sound (dsp, dsp1, etc) to be owned by root.audio and have group read/write permissions. I think you can do the same trick for your CD writer too (I haven't tried this though)...

...
REGISTER ^sg0$ PERMISSIONS root.cdrw 660
...

This is what I have learned by trial and error. I may be wrong

Kavel

[sven]

Found this in /etc/devfsd.conf


# Create /dev/cdrw for the first cdrom on the scsi bus
# (change 'sr0' to suite your setup)
#LOOKUP ^cdrw$ CFUNCTION GLOBAL mksymlink sr0 cdrw
#REGISTER ^sr0$ CFUNCTION GLOBAL mksymlink $devname cdrw
#UNREGISTER ^sr0$ CFUNCTION GLOBAL unlink cdrw


and uncommented it. This seems to be exactly what I was looking for

[chemical]

doh, said somethign stupid...ignore this post

[AlterEgo]

This helped me out and tought me a little lesson

[flaw3d]

Weren't you supposed to set cdrecord to run suid root? I can't remember exactly what I did but I remember something got a suid root.

[arkane]

[pilla]

The last xcdroast changes the attributes of some binaries it uses to burn cds, so other uses may also burn (CDs, not themselves). root must run it before anybody.

(just in case you don't want to bother about it, just burn some CDs)

[maw]

The actual device node for my CD writer is owned, for some reason, by matthew.root - I have no idea why, but I assume I should change this...

And surely a symlink can't add permissions to those had by the object it points to... so I'll ideally need the actual node to be

rw-rw---- root.cdrw

yes?

Can someone post any modifications they made to their devfsd.conf, I'm not feeling brave enough to do mine tonight!
_________________
Your Gentoo woll sle me sodenly!
I may the beaute of it not sustene
(to misquote Chaucer)

[rac]

maw, you might be interested in this conversation between two other three-letter folks.
_________________
For every higher wall, there is a taller ladder

[Zu`]

Hmm.

Perhaps not the most secure solution, but I always just did a "chmod 4711" on things like cdrecord, cdparanoia, cdrdao and mkisofs. I guess I could make a "cdr" group or something and do a chmod 4710 instead.. that would be a bit better I guess.

Then again, after reading this thread, I guess the proper way would be to change permissions in devfsd.conf?