You are not logged in.
I have virtualbox setup so that it has direct (raw) access to my SSD (which is formatted with NTFS if it that matters) but the only way I can currently get it to work is by running virtualbox with root permissions. How can I make it work with my normal user?
Last edited by brando56894 (2011-07-26 16:15:06)
Offline
So the problem is that your user have no rights on the /dev/sdXY device on your hostsystem? Let's assume that your SSD is /dev/sdc.
If you look at: ls -l /dev/sdc you will see that only user root and members of group disk have access(rw) on this device.
One could think: ok, i put my normal user in group disk, problem solved. That's right, but it opens unneccassary security risks. It's bad to give a user more rights than needed exactly for one job. In group disk the user has direct access to all blockdevices on the host.
So one possible solution: Devices in /dev are setup by udev via rules. So write a rule that change ownership on exactly the SSD device (sdc). Maybe with owner root:privdev, and put your user in the (new) privdev group.
The IMHO better, simpler solution is IMHO: Use ACL's. (from package acl)
With above example /dev/sdc:
getfacl /dev/sdc
getfacl: Removing leading '/' from absolute path names
# file: dev/sdc
# owner: root
# group: disk
user::rw-
group::rw-
other::---
Now add a acl for your user (username brando for ex.)
setfacl -m u:brando:rw /dev/sdc
Control with getfacl and you will see that brando have now rw access directly on the device.
You could put this permanently in /etc/rc.local
Instead of /dev/sdxy in device naming it's better to work with ID's or UUID's. Adressing could be then:
/dev/disk/by-id/???
/dev/disk/by-uuid/???
Identify your SSD device by looking in these directories. Not using the "old" /dev/sdxy naming prevents from wrong access when the SSD may changes the order of blockdevices.
Last edited by GerBra (2011-07-26 08:27:53)
Offline
Awesome, thanks! Just what I was looking for!
Offline