Date: Tue, 15 May 2007 20:52:42 +0200 From: Roland Smith <rsmith@xs4all.nl> To: Jim Stapleton <stapleton.41@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: /etc/devfs.conf not working properly Message-ID: <20070515185242.GA59938@slackbox.xs4all.nl> In-Reply-To: <80f4f2b20705151053n8c87790td21ab8fb8a3f4b24@mail.gmail.com> References: <80f4f2b20705151053n8c87790td21ab8fb8a3f4b24@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
On Tue, May 15, 2007 at 01:53:47PM -0400, Jim Stapleton wrote:
> I have my /etc/devfs.conf file set to make some of my files
> mountable/readable directly for normal users (specifically CD/DVD
> devices). However, the original permissions are being retained. Am I
> doing something wrong in the setup? (I have rebooted the machine since
> these entries were created)
> devfs.conf:
> ========================================
> link acd0 cdrom
> link acd0 dvd
>
> link acd0 dvd0
> link acd1 dvd1
>
> link acd0 cdrom0
> link acd1 cdrom1
>
> own acd0 root:operator
> own acd1 root:operator
> own dvd root:operator
> own cdrom root:operator
> own dvd0 root:operator
> own dvd1 root:operator
> own cdrom0 root:operator
> own cdrom1 root:operator
>
> perm acd0 0770
> perm acd1 0770
> perm dvd 0770
> perm cdrom 0770
> perm dvd0 0770
> perm dvd1 0770
> perm cdrom0 0770
> perm cdrom0 0770
<snip>
> the majority of the relevant files look like this:
> ========================================
> sjss@elrond 13:51:03 (0) /etc > ls -l /dev | grep cd
> crwxrwx--- 1 root operator 0, 89 May 10 05:31 acd0
> crwxrwx--- 1 root operator 0, 90 May 10 05:31 acd1
> lrwxr-xr-x 1 root wheel 4 May 10 05:32 cdrom -> acd0
> lrwxr-xr-x 1 root wheel 4 May 10 05:32 cdrom0 -> acd0
> lrwxr-xr-x 1 root wheel 4 May 10 05:32 cdrom1 -> acd1
> lrwxr-xr-x 1 root wheel 4 May 10 05:32 dvd -> acd0
> lrwxr-xr-x 1 root wheel 4 May 10 05:32 dvd0 -> acd0
> lrwxr-xr-x 1 root wheel 4 May 10 05:32 dvd1 -> acd1
> ========================================
>
>
> Their permssions are not correct at all, except for acd0/acd1. Any
> suggestions on what would cause this one?
You cannot set permissions on symbolic links. Check out the relevant code in
/etc/rc.d/devfs:
p*) for device in ${devicelist}; do
if [ -c ${device} ]; then
chmod ${parameter} ${device}
fi
done
;;
Without the '-h' argument to chmod, it changes the permissions
on the device, not on the link! Changing permissions on a symbolic link
doesn't seem to accomplish anything, btw. If I create a link to a
regular file and chmod it to 000, I can still read/write the linked file.
If you want all users to have access to the cdrom, use this:
own cd0 root:cdrom
perm cd0 0666
A bit less open would be:
own cd0 root:cdrom
perm cd0 0660
which restricts access to the cdrom to members of the cdrom group.
AFAIK, you don't need to set execute bits on devices.
Roland
--
R.F.Smith http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.3 (FreeBSD)
iD8DBQFGSgF6EnfvsMMhpyURAlY6AKCaXtgs9CaJW1PcaxKwmRyT6aEUTQCfQYLj
pAPLk5ManoMlAFP2ueFTDWE=
=J7/m
-----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070515185242.GA59938>