LWN.net Logo

Advertisement

Writers Wanted

Front, Kernel, Security, Distributions, Development. See your byline here on LWN.net.

Advertise here

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

LWN.net Weekly Edition for November 20, 2008

MinGW and why Linux users should care

LWN.net Weekly Edition for November 13, 2008

NLUUG/ELCE: Embedded devices and free software

The sad story of the em28xx driver

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ
FOSDEM 2009

Dear IE, I'm leaving you for good (ZDNet)

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 14, 2004 10:14 UTC (Sun) by mepr (guest, #4819)
In reply to: Dear IE, I'm leaving you for good (ZDNet) by bk
Parent article: Dear IE, I'm leaving you for good (ZDNet)

The linux desktop, as presented by the major distributors, is still a mess when it comes to audio.. for example, having to manually add users to the audio group to be able to hear sound is not acceptable. And k3b is a nice program, but I've never yet seen it installed by default such that anyone but root can burn a cd.

(Log in to post comments)

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 14, 2004 13:05 UTC (Sun) by etwilson (guest, #8459) [Link]

I don't know what distributions you have been using but both your examples are wrong on Fedora, at least. Asla sound works fine right out of the box, you don't need to set any permissions, I've never heard of that. And k3b works perfectly for me, no configuration necessary, in fact I burnt the Fedora Core 3 disks using Fedora Core 2 as myself, not root.

I only speak about Fedora as it is the only current distribution I know but I seriously doubt that Mandrake, SUSE or others are any more difficult. There are some issues with Linux on the desktop but those are not two of them. Try again.

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 14, 2004 18:06 UTC (Sun) by juanjux (guest, #11652) [Link]

I can confirm than in Mandrake you don't need to do anything special to burn CDs or listen to music as normal user...

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 14, 2004 21:10 UTC (Sun) by tomsi (subscriber, #2306) [Link]

There is one scenario where sound doesn't work on Fedora.

Try running fedora in text mode (init level 3) and use sound from a vnc session. Doesn't work - I don't get the right permissions. This is on Fedora 3, but I had problems on Fedora 2 too.

Why such a scenario ? I am testing out a Fedora based PC as a jukebox for my stereo. By using VNC, I don't need keyboard, mouse or screen, but can control the PC from my laptop.

audio group - what audio group?

Posted Nov 14, 2004 14:22 UTC (Sun) by grantingram (subscriber, #18390) [Link]

Well I'm using Mandrake 10.1, listening to music and writing this reply and I didn't know that the audio group even existed.

So in short etwilson is right, things work out of the box on at least one other modern GNU/Linux distribution.

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 14, 2004 16:21 UTC (Sun) by seyman (subscriber, #1172) [Link]

> having to manually add users to the audio group to be able to hear sound is not acceptable.

You mean there's another distribution than Debian that actually does this ?
I've never figured out what the point of this was.

> And k3b is a nice program, but I've never yet seen it installed by default such that anyone but root can burn a cd.

Again, I'm not actually aware of any distributions that do this.
Fedora and Mandrake, at least, let non-root users burn CDs.

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 15, 2004 0:31 UTC (Mon) by mepr (guest, #4819) [Link]

>> having to manually add users to the audio group to be able to hear sound is not acceptable.

>You mean there's another distribution than Debian that actually does this ?
>I've never figured out what the point of this was.

It's security concerns. I also don't get it with audio, but I understand the motivation for the cd burning, since allowing users to write cds means giving write access to the disk group which means write access to hard drives. The two obvious solutions are adding the user to the disk group or running cdrecord setuid root. The first gives arbitrary bit-by-bit access to your hard drive. I can find no evidence of it now, but I read that cdrecord used to have an option which allowed the user to run an arbitrary program to do part of its job, which means "expliots" were not difficult. This old cod probably motivated the situation.

That's why I'm glad ubuntu came out. I haven't had the opportunity to burn a cdrom yet, but the audio problem seems to be fixed. And they are almost there with automounting thumb drives, etc. Provoked by the post above about DBUS, hal, etc., I rooted around a bit and found that pmount and pumount are in group plugdev. I added my user to that group, and now my usb drive pops up automatically and eog finds the .jpg folder and offers to import them.

>>And k3b is a nice program, but I've never yet seen it installed by default >>such that anyone but root can burn a cd.

>Again, I'm not actually aware of any distributions that do this.
>Fedora and Mandrake, at least, let non-root users burn CDs.

No, You all have caught me being ignorant and unknowlegable, but I certainly wasn't trolling. I generally use Debian, which has the above problems with audio and cd burning. But I had actually read within the last couple of months that red hat was doing the same with cd burning. The article was wrong, then, or maybe referring to an old version.
Red hat, of course, may be using another option with SELinux acls.

Mark

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 15, 2004 1:13 UTC (Mon) by paulj (subscriber, #341) [Link]

It's security concerns. I also don't get it with audio,

Think of a computer with a microphone (more and more prevalent due to VoIP), think of the implications if sound input were wide open.

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 15, 2004 6:58 UTC (Mon) by dvdeug (subscriber, #10998) [Link]

> It's security concerns. I also don't get it with audio,

Forget microphones, or any other spy-vs-spy scenario. Just think about after you've gone to bed, some person who has remote access to your box cranking the volume all the way and playing heavy metal. Even if you trust your users implicitly, imagine one of your users remotely opening a program that uses auditory feedback, and having your computer randomly beep and boing at you for the next few hours. In a multi-user situation with remote users, permitting users to access the audio devices could certainly cause problems.

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 15, 2004 9:04 UTC (Mon) by ranger (guest, #6415) [Link]

It's security concerns. I also don't get it with audio, but I understand the motivation for the cd burning, since allowing users to write cds means giving write access to the disk group which means write access to hard drives. The two obvious solutions are adding the user to the disk group or running cdrecord setuid root.

Or, you do what Mandrake does, and use pam_console to give ownership to local devices to the locally logged-in user. Unfortunately, some things break when you have multiple locally logged-in users, which is when you would have to add the subsequent users to the audio group etc. (but this is a decision that needs to be taked while taking the associated risks into account, which is why users are not in these groups by default as they are in SuSE).

That's why I'm glad ubuntu came out.

Yeah, all the Debianites finally get a distro that works almost as well as other mainstream distros have for the past 2 years.

Really, all the "new" features you describe have been available in Mandrake since about 8.2.

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 18, 2004 19:07 UTC (Thu) by Ross (subscriber, #4065) [Link]

Why couldn't it dynamically add you to an audio group?
Multiple users might still have problems if they are
actually using the device at the same time, but otherwise
it would fix the problem. Maybe the sound mixing service
should always be running and there should be a virtual
device which can be opened by any local user... it could
just mix the sound from the various sessions :)

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 15, 2004 9:36 UTC (Mon) by ekj (subscriber, #1524) [Link]

allowing users to write cds means giving write access to the disk group which means write access to hard drives. The two obvious solutions are adding the user to the disk group or running cdrecord setuid root. The first gives arbitrary bit-by-bit access to your hard drive.

Or you do the sensible thing, like Mandrake and use pam to change permissions on login. For example ls -l /dev/hd? on my machine at the moment says: 

brw-rw----  1 root   disk   3,  0 Nov 15 08:27 /dev/hda
brw-rw----  1 root   disk   3, 64 Nov 15 08:27 /dev/hdb
brw-rw----  1 silvia cdrom 22,  0 Nov 15 08:27 /dev/hdc
brw-rw----  1 root   disk  22, 64 Nov 15 08:27 /dev/hdd

So, to have rw access to the cdrom (hdc at my machine) you need to either be the currently logged in user ("silvia") or be a member of group "cdrom", neither of which gives any access whatsoever to the other harddisks in the system. When "silvia" logs out the ownership reverts automatically to root.cdrom.

That's the default, out-of-box behaviour. Users who wish so can easily change this default.

In general it's good security to not give more permissions than needed. It's obvious that running as root, or having rw access to all disks in the system are both examples of too much permissions when all that you actually *need* is rw-access to one spesific device, namely the cdwriter.

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 15, 2004 15:42 UTC (Mon) by arafel (subscriber, #18557) [Link]

I generally use Debian, which has the above problems with audio and cd burning.

Can't comment on audio - since I set it up once and haven't touched it since - but I'm afraid it's not the case with Debian and CD burning. apt-get install k3b worked out of the box, as far as I remember.

(Excluding a bug in k3b itself, which has now been fixed.)

Dear IE, I'm leaving you for good (ZDNet)

Posted Nov 14, 2004 18:31 UTC (Sun) by einstein (subscriber, #2052) [Link]

having to manually add users to the audio group to be able to hear sound is not acceptable.

No idea what you might mean there... In addition to servers, I've installed suse linux on my laptop and a number of desktops and in every case sound simply works in my normal user account.

And k3b is a nice program, but I've never yet seen it installed by default such that anyone but root can burn a cd

Again, no idea what you mean. I discovered k3b on my laptop recently and fired it up. I was pleasantly surprised to find that I have an 8x CD burner, and so I copied a CD on the spot, quick and easy, and a perfect copy, as a non-root user. I've since been using k3b on my other desktops as well. No hint of the supposed ownership/permissions problems. Sounds like FUD to me.

FOSDEM 2009

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds