From owner-freebsd-questions@FreeBSD.ORG Mon Aug 2 03:27:24 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 80D0116A4CE for ; Mon, 2 Aug 2004 03:27:24 +0000 (GMT) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.171]) by mx1.FreeBSD.org (Postfix) with ESMTP id B44E643D5E for ; Mon, 2 Aug 2004 03:27:23 +0000 (GMT) (envelope-from oliverfuchs@onlinehome.de) Received: from [212.227.126.205] (helo=mrelayng.kundenserver.de) by moutng.kundenserver.de with esmtp (Exim 3.35 #1) id 1BrTTu-0005gu-00 for freebsd-questions@freebsd.org; Mon, 02 Aug 2004 05:27:22 +0200 Received: from [217.246.201.18] (helo=oliverfuchs.ath.cx) (TLSv1:EDH-RSA-DES-CBC3-SHA:168) (Exim 3.35 #1) id 1BrTTs-0004fq-00 for freebsd-questions@freebsd.org; Mon, 02 Aug 2004 05:27:22 +0200 Received: from oliverfuchs.ath.cx (localhost [127.0.0.1]) i723REWY004422verify=FAIL) for ; Mon, 2 Aug 2004 05:27:15 +0200 Received: (from oliverfuchs1@localhost) by oliverfuchs.ath.cx (8.12.3/8.12.3/Debian-6.6) id i7232a69003866 for freebsd-questions@freebsd.org; Mon, 2 Aug 2004 05:02:36 +0200 Date: Mon, 2 Aug 2004 05:02:36 +0200 From: Oliver Fuchs To: freebsd-questions@freebsd.org Message-ID: <20040802030235.GA3005@oliverfuchs.ath.cx> Mail-Followup-To: freebsd-questions@freebsd.org References: <20040731222618.J41097@chylonia.3miasto.net> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-15 Content-Disposition: inline In-Reply-To: <20040731222618.J41097@chylonia.3miasto.net> User-Agent: Mutt/1.4.2i X-Provags-ID: kundenserver.de abuse@kundenserver.de auth:c2b2791553508cc938db2bcf18721a3c Subject: Re: allowing cdrecord non-root X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Aug 2004 03:27:24 -0000 On Sat, 31 Jul 2004, Wojciech Puchar wrote: > how can i allow given group to be able to write cd's? > > in NetBSD doing (assuming group name cdrw) > > chgrp cdrw /dev/rcd0* /dev/cd0* > chmod 660 /dev/rcd0* /dev/cd0* > > > in FreeBSD doing this for /dev/cd0 and /dev/acd0 doesn't work. > > tried to do the same with /dev/xpt0 - doesn't work too. > > is it possible at all? > _______________________________________________ Hi, from man cdrecord you will get: [...] If you don't want to allow users to become root on your system, cdrecord may safely be installed suid root. This allows all users or a group of users with no root privileges to use cdrecord. Cdrecord in this case checks, if the real user would have been able to read the specified files. To give all user access to use cdrecord, enter: chown root /usr/local/bin/cdrecord chmod 4711 /usr/local/bin/cdrecord To give a restricted group of users access to cdrecord enter: chown root /usr/local/bin/cdrecord chgrp cdburners /usr/local/bin/cdrecord chmod 4710 /usr/local/bin/cdrecord and add a group cdburners on your system. Never give write permissions for non root users to the /dev/scg? devices unless you would allow anybody to read/write/format all your disks. [...] Oliver -- ... don't touch the bang bang fruit