[Slackbuilds-users] HAL 'plugdev' system-group (ivman/pmount)
rworkman at slackbuilds.org
Wed May 16 16:30:05 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Menno Duursma wrote:
> Hello ya'll,
> The configfile for HAL included in the buildscript sets the 'users' group
> as the one allowed to mount volumes. However the default used in other
> distros (or atleast Debian) Bis 'plugdev' which might improve security.
Hmmm... I like that idea, and assuming that it's fairly standard, I
would definitely be willing to change the way we do it. In fact, I
intended to do some more research into how other distros are handling
it, but I wanted to get a working build out first and then handle the
tweaks and such later - I've just not had time to follow up on it.
If Debian uses 'plugdev' then that's certainly an option. If anyone
uses some other distros and would like to chime in on this with
respect to what $DISTRO uses for that group, feel free. :-)
> 'ivman' normally runs a (and/or its own very) user, who is a member of the
> 'plugdev' group and 'pmount' is installed suid-root group executable only.
Okay, so if I'm understanding you correctly, to use those two as we've
currently got hal done, ivman would have to be in 'users' group and
pmount would have to be gid users, right? If so, yeah, we need to put
some more thought into that...
> I recently submitted buildscripts for 'ivman' (which handles events, on
> laptops) and 'pmount' (which automates mounting of USB drives, even for
> like FVWM users) however the permissions therein are all wrong and the
> ivman one overwrites config-files :-(.
> So i hope ya'll remove them from /pending I would like to resubmit them
> fixed/documented. TIA!
Actually, let's hang on to them for the time being (unless there are
other problems besides the ones from above) and figure out what to do
with HAL first... :-)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Slackbuilds-users