Is there a way to let a user burn cds w/o root privileges?

[jkcunningham]

I have a couple users that need to burn cd's but don't know how to let them do it without using cdrecord which requires root priviledges. I don't want them having root priviledges. Is there a way around this?

Thanks
-Jeff

[stonent]

I don't know directly how it is done, however in Knoppix, you can burn CDs using K3B and not be root...
_________________
Inspiron 4100 & Sun UltraAXe
Portage on Solaris|Dell Laptop Hacks
The way you feel about organized religion is the same way I feel about organized socialism.

[meowsqueak]

Yes, you just need to set up permissions on the appropriate cdrom device (/dev/cdroms/cdromX usually links to /dev/scsi/host0/bus0/target0/lun0/cd or something similar). I would recommend making /dev/scsi/host0/bus0/target0/lun0/cd owned by group 'cdrom' or 'cdr' and making sure the file has group-rw permissions. You also need rw permissions on the scsi generic device file (/dev/scsi/host0/bus0/target0/lun0/generic) so you could give this the same group ownership.

E.g.

[semiSfear]

I use XCDRoast or cdrdao to burn CDR's. In XCDRoast the first thing you configure is which users have permission to burn... If i remember correctly. To be able to burn with cdrdao you don't need any further permissions. Specially if you have set write access to your burning device.
_________________
DnB is my religion, Jungle is my church.

[jkcunningham]

Thanks! I'll try various things out and see what works.
You guys are great.

-Jeff

[meowsqueak]

[jkcunningham]

I finally got around to trying the modified permissions to make cdrecord work for a normal user (i.e. a normal user finally got around to bugging me). cdrecord does run now, but some part of it still wants the user to be su: here's the message it produces:

cdrecord: Operation not permitted. WARNING: Cannot set RR-scheduler
cdrecord: Permission denied. WARNING: Cannot set priority using setpriority().
cdrecord: WARNING: This causes a high risk for buffer underruns.

It seems to be working in any event. Any ideas what's going on here?

Regards,
-Jeff

[meowsqueak]

The program 'cdrecord' is trying to make system calls that require it to be root. This can be caused by a root-only permissions on a device inode, or certain operations that are restricted to root anyway (like binding to privileged ports).

Note that you do NOT have to set cdrecord suid-root for cd burning to work. You should be able to get it working without doing that. However, you won't be able to set the priority of the process to anything higher than default unless you are root. This means you have a greater risk of buffer under-runs when burning (i.e. starving the process of data to write, forcing it to improvise. Certain burners handle this better than others. Worst case - CDR fails to read properly afterwards).

You could consider configuring 'sudo' for the user concerned (or group) to permit them to ONLY run '/usr/bin/cdrecord' with sudo.

[jkcunningham]

Sounds like a reasonable solution. I'll see how this goes first, and if there's problems with underflows, try your solution.

Thanks!

-Jeff