LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
Reload this Page Using sudoers to allow non-root eject
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 06-03-2009, 07:25 PM   #1
xflow7
Member
 
Registered: May 2004
Distribution: Slackware
Posts: 215

Rep: Reputation: 45
Using sudoers to allow non-root eject

In the past, I have found that I needed to make /usr/bin/eject SUID in order to allow, for instance, Amarok to disconnect from my iPod when running as non-root.

The other day, having read up a little on the sudoers file, I figured it ought to be possible to add command specific entries to /etc/sudoers in order to allow members of the plugdev group to eject, etc.

So I added the following lines to /etc/sudoers

Code:
Cmnd_Alias EJECTCMD /usr/bin/eject, /usr/bin/kdeeject, /usr/bin/kio_media_manager

%plugdev ALL=(ALL) NOPASSWD: EJECTCMD
and prepended "sudo" to the "Post-Disconnect Command" in Amarok.

Presto, no need to have /usr/bin/eject as SUID anymore.

It seems to me this is probably a safer solution. Any comments from those more knowledgeable than I?
 
Old 06-03-2009, 08:09 PM   #2
Matir
LQ Guru
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Debian, Arch
Posts: 8,507

Rep: Reputation: 128Reputation: 128
About all this does is prevent people outside the plugdev group from using eject as root. Otherwise, it's much the same.
 
Old 06-03-2009, 08:27 PM   #3
bgeddy
Senior Member
 
Registered: Sep 2006
Location: Liverpool - England
Distribution: slackware64 13.37 and -current, Dragonfly BSD
Posts: 1,810

Rep: Reputation: 232Reputation: 232Reputation: 232
Well personally I hate having things SUID on my system. I think the sudoer idea is far preferable limiting members to the plugdev group. Here is one of many articles about the dangers of setting SUID on programs http://luv.asn.au/overheads/security/kernel.html. Maybe I'm just paranoid !
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Sudoers - root question armandino Linux - General 4 03-05-2009 06:57 AM
Can't eject iPod as normal user, but works as root FreeThinkerJim Linux - Hardware 3 11-18-2005 08:19 PM
I deleted /etc/sudoers and creates a new file call sudoers but now it doesnt for visu abefroman Linux - Software 1 11-10-2005 05:03 PM
can only eject as root Cinematography Linux - Hardware 10 08-28-2005 04:47 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 09:14 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration