i'm working my way through the rh 7.3 customization guide and i'm still a mite confused regarding how console access permissions work WRT some of the config utilities. so ... what i've figured out so far:
a large number of programs in /usr/bin (hwbrowser, printconf-tui, etc.) are really just symlinks to the "consolehelper" program. fair enough. this is supposed to give users logged in at the console access to these programs without needing root access, right? so what constitutes being logged in "at the console"? apparently, the file /etc/security/console.perms is supposed to supply a REGEX that is used to match what look like tty ports that correspond to what should be considered a console: # /etc/security/console.perms # file classes -- these are regular expressions <console>=tty[0-9][0-9]* vc/[0-9][0-9]* :[0-9]\.[0-9] :[0-9] <xconsole>=:[0-9]\.[0-9] :[0-9] ... much stuff deleted here ... note that the console ports include the virtual consoles and X server display. but they *don't* include the pseudo-ports that one would get with, say, an xterm. so what happens if i try to run "hwbrowser" as a regular user from an xterm? i get prompted for the root password. is this because an xterm is not considered being "at the console"? if i switch back to a true virtual console and try to run, say, printconf-tui, i *still* get prompted for the root password. so what's the magic of being at the console if i still need the root password? have i forgotten to configure something critical? rday _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
