Permissions problem
Paul Jakma
paul at dishone.st
Mon Jan 12 17:00:47 UTC 2004
On Tue, 23 Dec 2003, Alan Cox wrote:
> It happens regularly in the university computer society systems
> going back since RH7.x and so far nobody has figured out why. The
> pam code gets counting logins wrong in at least one module too
> which may or may not be related.
Why dont just approach the problem from a different angle? Rather
than assigning ownership of the device to the local user, which just
doesnt work for multi-head/multi-Xserver setups (first logged in user
'hogs' local devices), instead have pam_console assign console users
a 'local' or 'console' group which then gives them access to devices
which should only be avaiable from console (eg sound/webcam), all the
other stuff (eg floppies) can have a generic site wide 'users' group
ownership (and rw permission). This would work for multi-head setups
and wouldnt require constant
Ie:
current: we futz ownership of local devices as and when users log in
and out. problematic.
instead: ownership of local devices statically assigned to a 'local'
group with rw perms. pam_console then just adds group 'local' to the
supplementary groups if the user is local. No potential for dangling
ownerships or 'race to be first to login', everyone who is local gets
access.
?
regards,
--
Paul Jakma paul at clubi.ie paul at jakma.org Key ID: 64A2FF6A
warning: do not ever send email to spam at dishone.st
Fortune:
Nothing is impossible for the man who doesn't have to do it himself.
-- A.H. Weiler
More information about the devel
mailing list