gmirror and normal users?
Ivan Voras
ivoras at freebsd.org
Fri Apr 8 15:00:31 UTC 2011
On 08/04/2011 16:43, Christopher Hilton wrote:
> Should a normal user be able to successfully:
>
> $ gmirror remove /dev/mirror/gm0 /dev/ad6
>
> Or is this something that's just unlocked because I haven't mounted the drive yet?
>
> $ uname -a
> FreeBSD deathstar.example.com 8.2-STABLE FreeBSD 8.2-STABLE #1: Wed Apr 6 13:09:37 EDT 2011 root at dagobah:/usr/obj/usr/src/sys/GENERIC i386
> $ id
> uid=1001(chris) gid=1001(chris) groups=1001(chris),0(wheel),5(operator),1000(users)
It is because of the "operator" group. Normal users which are not in
this groups would not be able to do it.
If a user can communicate with the device (i.e. has at least "reads"
rights to it), he can send GEOM commands to it. The operator group has
read permissions by default:
lara:~> ll /dev/mirror/
total 0
crw-r----- 1 root operator 0, 150 8 Apr 16:55 bla
More information about the freebsd-questions
mailing list