[K12OSN] smbldap - adding ldap users to local groups
Craig White
craig at tobyhouse.com
Tue Oct 30 16:56:37 UTC 2007
On Tue, 2007-10-30 at 12:30 -0400, Rob Owens wrote:
> I decided to try changing all of my local devices to have ldap-group memberships. For instance, I ran this command:
>
> find /dev -group audio -exec chgrp ldapaudio {} \;
>
> This finds every file in /dev with "audio" group membership and changes it to "ldapaudio" group membership. This works and my ldap user who is a member of the "ldapaudio" group but not the local "audio" group has access to sound devices. The problem is that on reboot, many of these /dev files get set back to "audio" group membership. Does anybody know how to stop this? I'm working on a Debian machine right now, but I'm interested in doing this on Debian, Ubuntu, and CentOS.
>
----
when all you have is a hammer, everything looks like a nail.
You really need to read up on udev because that is about using devices
in user space.
this is about the best write up on udev I have seen...
http://www.reactivated.net/writing_udev_rules.html
The entire point is to establish a set of rules that dynamically sets
permissions for removable devices in user space so that root permissions
and various entries into fstab are not required.
You should discover that udev has rules & permissions that are set
within the files in /etc/udev/rules.d, parsed in order and the devices
and permissions attached to those devices are created dynamically
according to those rules.
Craig
More information about the K12OSN
mailing list