Using console.perms

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I share this because no one else seems to understand. Assume you want to change owner of /dev/ttyS0 to user when user logs in. Otherwise it reverts to root.
Observe that there is a place on /etc where you can do things. So we will first try /etc/console and see what's there. Nothing. Now try /etc/security/. This is interesting and you see: 

[root@k5di security]# ls
access.conf       console.perms    namespace.conf  pam_winbind.conf
chroot.conf       console.perms.d  namespace.init  sepermit.conf
console.apps      group.conf       opasswd         time.conf
console.handlers  limits.conf      pam_env.conf
Now you see console.perms and console.perms.d. Here is what these files look like: 

[root@k5di security]# more console.perms.d

*** console.perms.d: directory ***

# /etc/security/console.perms
#
# This file determines the permissions that will be given to priviledged
# users of the console at login time, and the permissions to which to
# revert when the users log out.

# format is:
#   <class>=list of regexps specifying consoles or globs specifying files
#   file-glob|<class> perm dev-regex|<dev-class> \
#     revert-mode revert-owner[.revert-group]
# the revert-mode, revert-owner, and revert-group are optional, and default
# to 0600, root, and root, respectively.
#
# For more information:
# man 5 console.perms
#
# This file should not be modified.
# Rather a new file in the console.perms.d directory should be created.

# file classes -- these are regular expressions
<console>=tty[0-9][0-9]* vc/[0-9][0-9]* :[0-9]+\.[0-9]+ :[0-9]+
<xconsole>=:[0-9]+\.[0-9]+ :[0-9]+
** Joe's Own Editor v3.5 ** (utf-8) ** Copyright © 2006 **

Now go to the console.perms.d directory

[root@k5di security]# cd console.perms.d
[root@k5di console.perms.d]# ls
50-default.perms  ttyS0.perms
[root@k5di console.perms.d]#

And ttyS0.perms is:

[root@k5di console.perms.d]# more ttyS0.perms
# this file should give /dev/ttyS0 proper priv's for me.
#device classes
<ttyS0>=/dev/ttyS0
# permission definitions
<console> 0600 <ttyS0>  0600 root.uucp
[root@k5di console.perms.d]#

and this works fine, of course.


Karl

--

	Karl F. Larsen, AKA K5DI
	Linux User
	#450462   http://counter.li.org.
  PGP 4208 4D6E 595F 22B9 FF1C  ECB6 4A3C 2C54 FE23 53A7
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux