Bug 61447
Summary: | gtoaster not using console permissions | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Daryll <daryll> |
Component: | gtoaster | Assignee: | Than Ngo <than> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.3 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2005-06-29 17:02:56 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Daryll
2002-03-19 21:04:31 UTC
This is actually with beta2 and beta3 as well as 7.2 You should install package kapabilities. This package allows you to configure any users to do that without root password No, kapabilities is not the right answer. I don't want the user to run gtoaster as root, I want them to run it as themselves. If I wanted them to have access to it I could have modified the pam configuration to use pam_console. I don't want them to have root access to all the files on the system, I just want them to be able to burn a CD of files they normally have access to. You've got two security systems working and they are conflicting. The first security system is /etc/security/console.perms. It is setting the permissions on /dev/scd0 so the user has access to it. If this was all you were doing everything would be great for what I want, because the user could run gtoaster and it would work. The second security system is the consolehelper wrapper. It requires a root password and gives you root access to the system. This is good if the user wants to do a root backup of the system to a CD and needs to write system files. Unfortunetly, once you've done this you break the first capability of users being able to burn CDs as themselves. Both capabilities are useful, but you've broken the first in the way you've setup the second. gtoaster is not included in Fedora anymore, please report the bug to author. Thanks |