From owner-freebsd-questions Wed Dec 5 4:14:28 2001 Delivered-To: freebsd-questions@freebsd.org Received: from klima.physik.uni-mainz.de (klima.Physik.Uni-Mainz.DE [134.93.180.162]) by hub.freebsd.org (Postfix) with ESMTP id A7C7137B41A; Wed, 5 Dec 2001 04:14:21 -0800 (PST) Received: from klima.Physik.Uni-Mainz.DE (klima.Physik.Uni-Mainz.DE [134.93.180.162]) by klima.physik.uni-mainz.de (8.11.6/8.11.4) with ESMTP id fB5CEH600865; Wed, 5 Dec 2001 13:14:17 +0100 (CET) (envelope-from ohartman@klima.physik.uni-mainz.de) Date: Wed, 5 Dec 2001 13:14:17 +0100 (CET) From: "Hartmann, O." To: freebsd-ports@freebsd.org Cc: freebsd-questions@freebsd.org Subject: SUDO trouble in FBSD 4.4-STABLE Message-ID: <20011205125758.L648-100000@klima.physik.uni-mainz.de> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello. Using 'sudo' from the ports collection the first time on FBSD 4.4-STABLE I run into trouble. I try to allow a specific user to mount and unmount devices, especially cdrom drives. The exmaple file /usr/local/etc/sudoers.example shows a small example how to do, I modified this that way that the whole /sbin/mount command should be used by an local user which is sensitive enough not to crash the system (but becoming local root is for us a security risc). The appropriate entry in sudoers is: root ALL = (ALL) ALL user hostname (or IP) = (root) /sbin/mount, /sbin/umount These two lines are the only ones in sudoers. It is impossible for the specified user to mount a cdrom on a local mountpoint. From the users account, I try to use the following command line: sudo mount /cdrom (while in fstab is this line specified : /dev/acd0c /cdrom cd9660 ro,noauto 0 0 which seems to be normal as it has been installed by the setup routine of FBSD 4.4-RELEASE). This gives the follwing error to me: mount: .: Permission denied Then I changed the line in sudoers as follows: user hostname = (root) /sbin/mount -t cd9660 -o ro\,nosuid /dev/acd0c /cdrom but this also does not work as I expect or described in the man pages. Well, I think I do anything wrong while configuring sudo or there is a special trick in FreeBSD, I think there is an unknown and unrevealed interdependency with mount, the device and mountpoint. Can anyone help? Thanks ins advance ... Oliver -- MfG O. Hartmann ohartman@klima.physik.uni-mainz.de ---------------------------------------------------------------- IT-Administration des Institutes fuer Physik der Atmosphaere (IPA) ---------------------------------------------------------------- Johannes Gutenberg Universitaet Mainz Becherweg 21 55099 Mainz Tel: +496131/3924662 (Maschinenraum) Tel: +496131/3924144 FAX: +496131/3923532 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message