Using console.perms

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I share this because no one else seems to understand. Assume you want to change owner of /dev/ttyS0 to user when user logs in. Otherwise it reverts to root.

Observe that there is a place on /etc where you can do things. So we will first try /etc/console and see what's there. Nothing. Now try /etc/security/. This is interesting and you see:

[root@k5di security]# ls
access.conf       console.perms    namespace.conf  pam_winbind.conf
chroot.conf       console.perms.d  namespace.init  sepermit.conf
console.apps      group.conf       opasswd         time.conf
console.handlers  limits.conf      pam_env.conf

Now you see console.perms and console.perms.d. Here is what these files look like:

[root@k5di security]# more console.perms.d

*** console.perms.d: directory ***

# /etc/security/console.perms
#
# This file determines the permissions that will be given to priviledged
# users of the console at login time, and the permissions to which to
# revert when the users log out.

# format is:
#   <class>=list of regexps specifying consoles or globs specifying files
#   file-glob|<class> perm dev-regex|<dev-class> \
#     revert-mode revert-owner[.revert-group]
# the revert-mode, revert-owner, and revert-group are optional, and default
# to 0600, root, and root, respectively.
#
# For more information:
# man 5 console.perms
#
# This file should not be modified.
# Rather a new file in the console.perms.d directory should be created.

# file classes -- these are regular expressions
<console>=tty[0-9][0-9]* vc/[0-9][0-9]* :[0-9]+\.[0-9]+ :[0-9]+
<xconsole>=:[0-9]+\.[0-9]+ :[0-9]+
** Joe's Own Editor v3.5 ** (utf-8) ** Copyright © 2006 **

Now go to the console.perms.d directory

[root@k5di security]# cd console.perms.d
[root@k5di console.perms.d]# ls
50-default.perms  ttyS0.perms
[root@k5di console.perms.d]#

And ttyS0.perms is:

[root@k5di console.perms.d]# more ttyS0.perms
# this file should give /dev/ttyS0 proper priv's for me.
#device classes
<ttyS0>=/dev/ttyS0
# permission definitions
<console> 0600 <ttyS0>  0600 root.uucp
[root@k5di console.perms.d]#

and this works fine, of course.


Karl

--

	Karl F. Larsen, AKA K5DI
	Linux User
	#450462   http://counter.li.org.
  PGP 4208 4D6E 595F 22B9 FF1C  ECB6 4A3C 2C54 FE23 53A7

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux