From owner-freebsd-questions@FreeBSD.ORG Fri Apr 1 18:02:55 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 59C3B16A4CE for ; Fri, 1 Apr 2005 18:02:55 +0000 (GMT) Received: from smtp-vbr10.xs4all.nl (smtp-vbr10.xs4all.nl [194.109.24.30]) by mx1.FreeBSD.org (Postfix) with ESMTP id A6AC943D54 for ; Fri, 1 Apr 2005 18:02:54 +0000 (GMT) (envelope-from rsmith@xs4all.nl) Received: from slackbox.xs4all.nl (slackbox.xs4all.nl [213.84.242.160]) j31I2jfZ073506; Fri, 1 Apr 2005 20:02:45 +0200 (CEST) (envelope-from rsmith@xs4all.nl) Received: by slackbox.xs4all.nl (Postfix, from userid 1001) id 1274B625B; Fri, 1 Apr 2005 20:02:45 +0200 (CEST) Date: Fri, 1 Apr 2005 20:02:45 +0200 From: Roland Smith To: Martin McCormick Message-ID: <20050401180245.GB84746@slackbox.xs4all.nl> Mail-Followup-To: Martin McCormick , freebsd-questions@freebsd.org References: <200504011717.j31HHE9S080897@dc.cis.okstate.edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="RASg3xLB4tUQ4RcS" Content-Disposition: inline In-Reply-To: <200504011717.j31HHE9S080897@dc.cis.okstate.edu> User-Agent: Mutt/1.4.2.1i X-GPG-Fingerprint: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 X-GPG-Key: http://www.xs4all.nl/~rsmith/pubkey.txt X-GPG-Notice: If this message is not signed, don't assume I sent it! Organization: Me, organized? X-Virus-Scanned: by XS4ALL Virus Scanner cc: freebsd-questions@freebsd.org Subject: Re: Best Practice for Allowing non-root Users Access to Serial Port? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Apr 2005 18:02:55 -0000 --RASg3xLB4tUQ4RcS Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Apr 01, 2005 at 11:17:14AM -0600, Martin McCormick wrote: > What is the safest way to let non-root users access > /dev/ttyd0? I notice that in FreeBSD, /dev/ttydx is owned by > root:wheel. In linux, the ttySx's are in a special group so the trick > there is to add users to that group and make sure the ttyS's are group > writable. >=20 > Here, I want the users to be able to use C-kermit to talk to a > remote device without them having to be root. Since you want to dial out, I think you'll need to use /dev/cuaa*. Making kermit users members of a group, and have that group own /dev/cuaa* with read/write privileges seems like a good idea. For instance, create a group "kermit" with 'pw groupadd kermit'. Then you can use devfs(8) to change the ownership and permissions of the relevant device: "devfs rule add path 'cuaa*' mode 0660 group kermit". This setting will not survive a reboot, so you'll have to add the following to /etc/devfs.rules: "add path 'cuaa*' mode 0660 group kermit". Now add the relevant users to the group kermit:=20 'pw groupmod kermit -m foo,bar,baz' Roland --=20 R.F. Smith /"\ ASCII Ribbon Campaign r s m i t h @ x s 4 a l l . n l \ / No HTML/RTF in e-mail http://www.xs4all.nl/~rsmith/ X No Word docs in e-mail public key: http://www.keyserver.net / \ Respect for open standards --RASg3xLB4tUQ4RcS Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCTYzFEnfvsMMhpyURAqZbAKCLENdHH6OUFXEMtahOSp8xPtzjZgCgpy0z QWZ9R1wVp8F/cMKRC65IYe0= =aiju -----END PGP SIGNATURE----- --RASg3xLB4tUQ4RcS--