chmod 660 on /dev/pass*

Joerg Anslik joerg at anslik.de
Fri Mar 11 11:13:46 PST 2005


Hi,

I'm using an ADIC FastStor DLT-4000 autochanger tape drive (7 tapes)
here to backup my essential stuff. The whole magic is under control of
the bacula backup software.

The ADIC uses two SCSI IDs, one for the tape drive (/dev/nsa0) and one
for the autochanger device (/dev/pass0), the latter being responsible
for (un)loading tapes from/to their respective slots.

I noticed that "[/dev/]MAKEDEV all" (being called via "make upgrade")
creates /dev/nsa* with permissions of 660 for root:operator, but only
gives a 600 to /dev/pass* (also root:operator).

Since the bacula storage daemon is running non-root, it fails when
trying to issue autochanger commands thru /dev/pass0. The storage
daemon is, however, member of the "operator" group, so chmod'ing
/dev/pass0 to 660 solves the access problem.

I think we should by default grant a 660 to /dev/pass*, which IMHO
won't result in a critical security risc. (It will, however, save me
some valuable time by not having to change the permissions manually
after a "make upgrade". :)

And here's the big patch:

Index: /usr/src/etc/MAKEDEV
===================================================================
RCS file: /home/dcvs/src/etc/MAKEDEV,v
retrieving revision 1.17
diff -u -r1.17 MAKEDEV
--- /usr/src/etc/MAKEDEV        26 Feb 2005 12:00:54 -0000      1.17
+++ /usr/src/etc/MAKEDEV        11 Mar 2005 18:58:10 -0000
@@ -774,6 +774,7 @@
                dname=$name$i
                rm -rf $dname
                mknod $dname c $chr `unit2minor $i` root:operator
+               chmod 660 $dname
                i=$(($i + 1))
        done
        ;;

-----------------------------------------------------
who | grep -i blonde | talk; cd ~; wine; talk; touch;
unzip; touch; strip; gasp; finger; gasp; mount;
fsck; more; yes; gasp; umount; make clean; sleep





More information about the Submit mailing list