Date: Fri, 08 Apr 2011 17:00:12 +0200 From: Ivan Voras <ivoras@freebsd.org> To: freebsd-questions@freebsd.org Subject: Re: gmirror and normal users? Message-ID: <inn7tt$27k$1@dough.gmane.org> In-Reply-To: <95E7502E-5C42-4F47-9C7E-7440FC946468@vindaloo.com> References: <95E7502E-5C42-4F47-9C7E-7440FC946468@vindaloo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 08/04/2011 16:43, Christopher Hilton wrote: > Should a normal user be able to successfully: > > $ gmirror remove /dev/mirror/gm0 /dev/ad6 > > Or is this something that's just unlocked because I haven't mounted the drive yet? > > $ uname -a > FreeBSD deathstar.example.com 8.2-STABLE FreeBSD 8.2-STABLE #1: Wed Apr 6 13:09:37 EDT 2011 root@dagobah:/usr/obj/usr/src/sys/GENERIC i386 > $ id > uid=1001(chris) gid=1001(chris) groups=1001(chris),0(wheel),5(operator),1000(users) It is because of the "operator" group. Normal users which are not in this groups would not be able to do it. If a user can communicate with the device (i.e. has at least "reads" rights to it), he can send GEOM commands to it. The operator group has read permissions by default: lara:~> ll /dev/mirror/ total 0 crw-r----- 1 root operator 0, 150 8 Apr 16:55 bla
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?inn7tt$27k$1>