/etc/devfs.conf not working properly
Roland Smith
rsmith at xs4all.nl
Tue May 15 18:52:45 UTC 2007
On Tue, May 15, 2007 at 01:53:47PM -0400, Jim Stapleton wrote:
> I have my /etc/devfs.conf file set to make some of my files
> mountable/readable directly for normal users (specifically CD/DVD
> devices). However, the original permissions are being retained. Am I
> doing something wrong in the setup? (I have rebooted the machine since
> these entries were created)
> devfs.conf:
> ========================================
> link acd0 cdrom
> link acd0 dvd
>
> link acd0 dvd0
> link acd1 dvd1
>
> link acd0 cdrom0
> link acd1 cdrom1
>
> own acd0 root:operator
> own acd1 root:operator
> own dvd root:operator
> own cdrom root:operator
> own dvd0 root:operator
> own dvd1 root:operator
> own cdrom0 root:operator
> own cdrom1 root:operator
>
> perm acd0 0770
> perm acd1 0770
> perm dvd 0770
> perm cdrom 0770
> perm dvd0 0770
> perm dvd1 0770
> perm cdrom0 0770
> perm cdrom0 0770
<snip>
> the majority of the relevant files look like this:
> ========================================
> sjss at elrond 13:51:03 (0) /etc > ls -l /dev | grep cd
> crwxrwx--- 1 root operator 0, 89 May 10 05:31 acd0
> crwxrwx--- 1 root operator 0, 90 May 10 05:31 acd1
> lrwxr-xr-x 1 root wheel 4 May 10 05:32 cdrom -> acd0
> lrwxr-xr-x 1 root wheel 4 May 10 05:32 cdrom0 -> acd0
> lrwxr-xr-x 1 root wheel 4 May 10 05:32 cdrom1 -> acd1
> lrwxr-xr-x 1 root wheel 4 May 10 05:32 dvd -> acd0
> lrwxr-xr-x 1 root wheel 4 May 10 05:32 dvd0 -> acd0
> lrwxr-xr-x 1 root wheel 4 May 10 05:32 dvd1 -> acd1
> ========================================
>
>
> Their permssions are not correct at all, except for acd0/acd1. Any
> suggestions on what would cause this one?
You cannot set permissions on symbolic links. Check out the relevant code in
/etc/rc.d/devfs:
p*) for device in ${devicelist}; do
if [ -c ${device} ]; then
chmod ${parameter} ${device}
fi
done
;;
Without the '-h' argument to chmod, it changes the permissions
on the device, not on the link! Changing permissions on a symbolic link
doesn't seem to accomplish anything, btw. If I create a link to a
regular file and chmod it to 000, I can still read/write the linked file.
If you want all users to have access to the cdrom, use this:
own cd0 root:cdrom
perm cd0 0666
A bit less open would be:
own cd0 root:cdrom
perm cd0 0660
which restricts access to the cdrom to members of the cdrom group.
AFAIK, you don't need to set execute bits on devices.
Roland
--
R.F.Smith http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20070515/a131606c/attachment.pgp
More information about the freebsd-questions
mailing list