group access to local devices on shared networked machines
Scott James Remnant
scott at canonical.com
Fri May 8 16:16:37 UTC 2009
On Fri, 2009-05-08 at 10:28 -0500, Patrick Goetz wrote:
> Would anyone care to elaborate on this, as we brought this up with
> Canonical support well over a year ago for Hardy and no good solution
> was offered at that time (so we came up with our own).
>
> The problem: how to provide access to, say, local optical drives to
> incidental ldap users who aren't automatically in the device groups
> since they're not local users.
>
> Our solution was to use pam. By adding these lines to the
> /etc/security/group.conf file:
>
> *;:0|tty*&!ttyp*;*;Al0000-2400;dialout,dip,audio,video
> *;*;*;Al0000-2400;cdrom,floppy,scanner,plugdev,storage,vboxusers,fuse
>
> console users are added, for example, to the audio/video groups while
> anyone who logs in from anywhere is added to the cdrom/scanner groups
> (this allows users to use the scanners and optical devices remotely).
>
> I'm most curious to know if there is now a better way of providing this
> functionality to network users.
>
Provided they are on the same physical console as the local optical
drive, this is done automatically.
Scott
--
Scott James Remnant
scott at canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-devel-discuss/attachments/20090508/91e29148/attachment.sig>
More information about the Ubuntu-devel-discuss
mailing list