You are not logged in.

Pages: 1

#1 2011-07-26 05:26:30

brando56894
Member
From: NYC
Registered: 2008-08-03
Posts: 681

[Solved] Giving A Normal User R/W Access To A SSD

I have virtualbox setup so that it has direct (raw) access to my SSD (which is formatted with NTFS if it that matters) but the only way I can currently get it to work is by running virtualbox with root permissions. How can I make it work with my normal user?

Last edited by brando56894 (2011-07-26 16:15:06)

Offline

#2 2011-07-26 08:23:10

GerBra
Forum Fellow
From: Bingen/Germany
Registered: 2007-05-10
Posts: 207

Re: [Solved] Giving A Normal User R/W Access To A SSD

So the problem is that your user have no rights on the /dev/sdXY device on your hostsystem? Let's assume that your SSD is /dev/sdc.

If you look at: ls -l /dev/sdc you will see that only user root and members of group disk have access(rw) on this device.

One could think: ok, i put my normal user in group disk, problem solved. That's right, but it opens unneccassary security risks. It's bad to give a user more rights than needed exactly for one job. In group disk the user has direct access to all blockdevices on the host.
So one possible solution: Devices in /dev are setup by udev via rules. So write a rule that change ownership on exactly the SSD device (sdc). Maybe with owner root:privdev, and put your user in the (new) privdev group.

The IMHO better, simpler solution is IMHO: Use ACL's. (from package acl)
With above example /dev/sdc:

getfacl /dev/sdc

getfacl: Removing leading '/' from absolute path names
# file: dev/sdc
# owner: root
# group: disk
user::rw-
group::rw-
other::---

Now add a acl for your user (username brando for ex.)

setfacl -m u:brando:rw /dev/sdc

Control with getfacl and you will see that brando have now rw access directly on the device.
You could put this permanently in /etc/rc.local

Instead of /dev/sdxy in device naming it's better to work with ID's or UUID's. Adressing could be then:
/dev/disk/by-id/???
/dev/disk/by-uuid/???
Identify your SSD device by looking in these directories. Not using the "old" /dev/sdxy naming prevents from wrong access when the SSD may changes the order of blockdevices.

Last edited by GerBra (2011-07-26 08:27:53)

Offline

#3 2011-07-26 16:14:49

brando56894
Member
From: NYC
Registered: 2008-08-03
Posts: 681

Re: [Solved] Giving A Normal User R/W Access To A SSD

Awesome, thanks! Just what I was looking for!

Offline

Pages: 1

Board footer

Powered by FluxBB