From owner-freebsd-questions@FreeBSD.ORG Sun Apr 14 08:40:24 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id C60AAC54 for ; Sun, 14 Apr 2013 08:40:24 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx02.qsc.de (mx02.qsc.de [213.148.130.14]) by mx1.freebsd.org (Postfix) with ESMTP id 9141F6EC for ; Sun, 14 Apr 2013 08:40:24 +0000 (UTC) Received: from r56.edvax.de (port-92-195-80-247.dynamic.qsc.de [92.195.80.247]) by mx02.qsc.de (Postfix) with ESMTP id C528E27752; Sun, 14 Apr 2013 10:31:46 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id r3E8Vsfw002339; Sun, 14 Apr 2013 10:31:54 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Sun, 14 Apr 2013 10:31:54 +0200 From: Polytropon To: Beeblebrox Subject: Re: sata/ata device permission for user Message-Id: <20130414103154.3a49e6de.freebsd@edvax.de> In-Reply-To: <1365927098231-5803691.post@n5.nabble.com> References: <1365927098231-5803691.post@n5.nabble.com> Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Polytropon List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Apr 2013 08:40:24 -0000 On Sun, 14 Apr 2013 01:11:38 -0700 (PDT), Beeblebrox wrote: > My user is unable to mount cdrom and cannot use qemu for the HDD devices. Why > is access to these devices being refused for my user? Because there have to be certain permissions in order to allow a non-root user perform such tasks: 1. The setting vfs.usermount=1 has to be present in /etc/sysctl.conf . 2. The user must have write access to the device file. 3. The user has to own the mount directory. It helps if the user is in the "wheel" group. > 1. % mount_cd9660 /dev/cd0 /cdrom > mount_cd9660: /dev/cd0: Operation not permitted Check permissions of /dev/cd0 and /cdrom. > 2. % qemu-system-x86_64 -hda /dev/ada2 > qemu-system-x86_64: -hda /dev/ada2: could not open disk image /dev/ada2: > Operation not permitted Check permissions of /dev/ada2, maybe write permission is needed? > *SETTINGS:* > % id => uid=1001(xyz) gid=0(wheel) groups=0(wheel),5(operator),1001(xyz) > > /etc/devfs.rules has: [localrules=10] > add path 'ada[0-9]*' mode 0660 group operator > add path 'da[0-9]*' mode 0660 group operator > add path 'cd[0-9]*' mode 0660 group operator > > /etc/rc.conf has: > devfs_system_ruleset="localrules" Looks correct, but doesn't seem to be sufficient. But take into mind that /etc/devfs.rules is used for dynamically allocated devices, and /etc/devfs.conf for those present at boot time (usually cd, maybe also da and ada depending on your setup). Also see: http://forums.freebsd.org/showthread.php?t=5796 Compare to Handbook 19.5.2: http://www.freebsd.org/doc/en/books/handbook/usb-disks.html Maybe also helpful: http://www.cyberciti.biz/faq/freebsd-allow-ordinary-users-mount-cd-rom-dvds-usb-removabledevice/ -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...