/etc/devfs.conf not working properly

Tue May 15 18:52:45 UTC 2007

On Tue, May 15, 2007 at 01:53:47PM -0400, Jim Stapleton wrote:
>  I have my /etc/devfs.conf file set to make some of my files
>  mountable/readable directly for normal users (specifically CD/DVD
>  devices). However, the original permissions are being retained. Am I
>  doing something wrong in the setup? (I have rebooted the machine since
>  these entries were created)
>  devfs.conf:
>  ========================================
>  link    acd0    cdrom
>  link    acd0    dvd
> 
>  link    acd0    dvd0
>  link    acd1    dvd1
> 
>  link    acd0    cdrom0
>  link    acd1    cdrom1
> 
>  own     acd0    root:operator
>  own     acd1    root:operator
>  own     dvd     root:operator
>  own     cdrom   root:operator
>  own     dvd0    root:operator
>  own     dvd1    root:operator
>  own     cdrom0  root:operator
>  own     cdrom1  root:operator
> 
>  perm    acd0    0770
>  perm    acd1    0770
>  perm    dvd     0770
>  perm    cdrom   0770
>  perm    dvd0    0770
>  perm    dvd1    0770
>  perm    cdrom0  0770
>  perm    cdrom0  0770
<snip>
>  the majority of the relevant files look like this:
>  ========================================
>  sjss at elrond 13:51:03 (0) /etc  > ls -l /dev | grep cd
>  crwxrwx---  1 root  operator    0,  89 May 10 05:31 acd0
>  crwxrwx---  1 root  operator    0,  90 May 10 05:31 acd1
>  lrwxr-xr-x  1 root  wheel            4 May 10 05:32 cdrom -> acd0
>  lrwxr-xr-x  1 root  wheel            4 May 10 05:32 cdrom0 -> acd0
>  lrwxr-xr-x  1 root  wheel            4 May 10 05:32 cdrom1 -> acd1
>  lrwxr-xr-x  1 root  wheel            4 May 10 05:32 dvd -> acd0
>  lrwxr-xr-x  1 root  wheel            4 May 10 05:32 dvd0 -> acd0
>  lrwxr-xr-x  1 root  wheel            4 May 10 05:32 dvd1 -> acd1
>  ========================================
> 
> 
>  Their permssions are not correct at all, except for acd0/acd1. Any
>  suggestions on what would cause this one?

You cannot set permissions on symbolic links. Check out the relevant code in
/etc/rc.d/devfs: 

                        p*)     for device in ${devicelist}; do
                                        if [ -c ${device} ]; then
                                                chmod ${parameter} ${device}
                                        fi
                                done
                                ;;

Without the '-h' argument to chmod, it changes the permissions
on the device, not on the link! Changing permissions on a symbolic link
doesn't seem to accomplish anything, btw. If I create a link to a
regular file and chmod it to 000, I can still read/write the linked file.

If you want all users to have access to the cdrom, use this:

own     cd0     root:cdrom
perm    cd0     0666

A bit less open would be:

own     cd0     root:cdrom
perm    cd0     0660

which restricts access to the cdrom to members of the cdrom group.
AFAIK, you don't need to set execute bits on devices.

Roland
-- 
R.F.Smith                                   http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20070515/a131606c/attachment.pgp