You are not logged in.

Pages: 1

#1 2023-09-30 09:25:12

maziar
Member
Registered: 2022-08-28
Posts: 58

[Solved] NVMe devices permission for user without sudo

Hi

I  try to use fdisk - l for users without root or sudo

Then add fdisk -l to sudoers.

and add the user to the disk & storage group
but have no permission to access the nvme disk:
fdisk: cannot open /dev/nvme0n1: Permission denied


Need to change udev to add nvme disk to disk group?
This related to
KERNEL=="qft[0-9]*|nqft[0-9]*|zqft[0-9]*|nzqft[0-9]*|rawqft[0-9]*|nrawqft[0-9]*", GROUP="disk" in 50-udev-default.rules ?

Last edited by maziar (2023-10-01 09:47:44)

Offline

#2 2023-09-30 12:14:01

loqs
Member
Registered: 2014-03-06
Posts: 18,928

Re: [Solved] NVMe devices permission for user without sudo

What is the current ownership and permissions of /dev/nvme0n1?  Why add fdisk -l to sudoers if you run it without sudo?  What is the output of the following:

ls -la /dev/nvme0n1
sudo -u nobody -g disk parted -l

Offline

#3 2023-09-30 15:09:09

maziar
Member
Registered: 2022-08-28
Posts: 58

Re: [Solved] NVMe devices permission for user without sudo

ls -la /dev/nvme0n1:
brw-rw---- 1 root disk 259, 1 Sep 30 11:53 /dev/nvme0n1

sudo -u nobody -g disk parted -l:
Sorry, user zz is not allowed to execute '/usr/bin/parted -l' as nobody:disk on r4b.

Offline

#4 2023-09-30 15:20:46

loqs
Member
Registered: 2014-03-06
Posts: 18,928

Re: [Solved] NVMe devices permission for user without sudo

The sudo command needs to be run by a user that can execute arbitrary commands as other users such as root or if you had used one of the first three examples from Sudo#Example_entries.
What groups is your user currently in?

groups

Offline

#5 2023-09-30 16:03:59

maziar
Member
Registered: 2022-08-28
Posts: 58

Re: [Solved] NVMe devices permission for user without sudo

user:
root sys wheel disk kvm storage users rfkill i2c libvirt zz

Last edited by maziar (2023-09-30 16:04:40)

Offline

#6 2023-09-30 18:45:55

seth
Member
From: Won't reply 2 private help req
Registered: 2012-09-03
Posts: 76,089

Re: [Solved] NVMe devices permission for user without sudo

So your user is in the "disk" group and should™ not require sudo to read the nvme device?

Post the complete, unedited, output of

LC_ALL=C sudo -l
LC_ALL=C fdisk -l /dev/nvme0n1

How to upload text · How to boot w/o GUI · Disable Windows Fast-Start! · Fix your xinitrc

Online

#7 2023-10-01 09:47:15

maziar
Member
Registered: 2022-08-28
Posts: 58

Re: [Solved] NVMe devices permission for user without sudo

yes was set group & sudoers for the user don't require sudo :

   (root) /usr/bin/fdisk -l
    (root) NOEXEC: NOPASSWD: /sbin/dmidecode, /sbin/lsof, /usr/bin/fdisk -l, /usr/sbin/dmsetup ls,
        /usr/sbin/dmsetup table*, /usr/sbin/multipath -ll, /usr/sbin/iscsiadm list *, /usr/sbin/fcinfo
    (ALL) ALL

fdisk -l /dev/nvme0n1
Disk /dev/nvme0n1:*****                 
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes





I don't understand why but today the problem was fixed!

Last edited by maziar (2023-10-01 09:49:18)

Offline

Pages: 1

Board footer

Powered by FluxBB