Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!ucbvax!pasteur!betelgeuse!carlton From: carlton@betelgeuse (Mike Carlton) Newsgroups: comp.sys.next Subject: Re: More Questions Message-ID: <9583@pasteur.Berkeley.EDU> Date: 7 Feb 89 03:50:50 GMT References: <8668@orstcs.CS.ORST.EDU> Sender: news@pasteur.Berkeley.EDU Reply-To: carlton@betelgeuse (Mike Carlton) Organization: University of California at Berkeley Lines: 174 In article <8668@orstcs.CS.ORST.EDU> leach@neptune.oce.orst.edu (Tom Leach) writes: >OK, after bouncing the cube around, I've got a few more questions about >the NeXT OS and Jot. . . . >Lastly, has anyone gotten the Optical disk usable by general users? >I've hacked together a way, but it involves making disk, umount, and >mount suid to root :-(, but those programs are only executable by the >group optical. This is a security hole in that anyone in optical can >trash any disks on the cube. Anybody have a better way? If anyone >wants to see how I did it, send email. > Attached below is a set of scripts we have installed in /usr/local to allow a user to mount and eject an optical disk. Of course, this all assumes that you are running off of the SCSI disk, as I don't believe you can eject the optical when you have booted off it. To install them, copy them (as root) to /usr/local and do a 'chmod 4755' on mountod and ejectod and a 'chmod 755' on rootejectod. This will set the first two to run as root. The scripts mount (or unmount) the two partitions on the optical in two directories in the user's home directory. The directories are named according to the label on the disk (i.e. fooa and foob for a disk labeled foo). They check for most error conditions. It turns out that the opticals can get pretty screwed up if they aren't flushed before ejecting, so the eject script does a sync and sleeps to wait for it to complete. Anybody know how to force a "synchronous" sync that doesn't return until it is done? The drawback with the way these are set up is that only the user who mounted the optical can unmount it (to avoid problems of users unmounting someone else's disk while it might be in use). The rootejectod script allows root to eject a disk no matter who mounted it in case someone leaves an optical in the machine by mistake. A warning: you can't unmount a partition while it is active, including merely being in one of its directories. If you try to do an ejectod while your current directory is on the optical, the unmount will fail, but tell you why. Disclaimer: These work for us, but any program that runs as setuid to root is certain to have security problems. Use them at your own risk if you're worried about security. These programs have not been tested other than on our machine and likely contain bugs. And now my question for the net: does anyone know how to initialize the optical disk so as to have only one large partition? If I could figure out how to do this, these scripts wouldn't have to monkey with the silly 'foo'a and 'foo'b stuff. Enjoy, -- mike (carlton@ji.berkeley.edu or ...!ucbvax!ji!carlton) ------------------------------ Cut here ---------------------------------------- #! /bin/csh -fb # /usr/local/mountod (root must do a chmod 4755 /usr/local/mountod) # Allows user to mount optical disk # The user must have created two directories in his home directory # named {label}a and {label}b, where {label} is the disk label. # Bruce Holmer & Mike Carlton 1/23/89 # Check for a disk in the drive /etc/disk -q /dev/rod0a >& /dev/null if ($status) then echo "Please make sure the disk is inserted in the drive" exit endif # Extract the disk label set diskinfo = `echo 'label\\ print\\ quit' | /etc/disk /dev/rod0a | /bin/awk '$0~/^disk label:/ { print $3 }'` # Check for presence of directories if (!(-e ~$USER/${diskinfo}a) || !(-e ~$USER/${diskinfo}b)) then echo "You must first create two directories ~$USER/${diskinfo}a and ~$USER/${diskinfo}b" exit endif # Mount the two partitions /etc/mount /dev/od0a ~$USER/${diskinfo}a if ($status) then echo "Mount failed" exit endif /etc/mount /dev/od0b ~$USER/${diskinfo}b if ($status) then echo "Mount failed" /etc/umount ~$USER/${diskinfo}a exit endif # Change the user ownership /etc/chown $USER ~$USER/${diskinfo}a /etc/chown $USER ~$USER/${diskinfo}b ------------------------------ Cut here ---------------------------------------- #! /bin/csh -fb # /usr/local/ejectod (root must do a chmod 4755 /usr/local/ejectod) # Allows user to eject optical disk # Bruce Holmer & Mike Carlton 1/23/89 # Flush disk buffers /bin/sync sleep 5 # Check for a disk in the drive /etc/disk -q /dev/rod0a >& /dev/null if ($status) then echo "Please make sure the disk is inserted in the drive" exit endif # Extract the disk label set diskinfo = `echo 'label\\ print\\ quit' | /etc/disk /dev/rod0a | /bin/awk '$0~/^disk label:/ { print $3 }'` # Unmount the partitions set error = `/etc/umount ~$USER/${diskinfo}a |& cat` if (${#error}) then echo "Unmount failed" exit endif set error = `/etc/umount ~$USER/${diskinfo}b |& cat` if (${#error}) then echo "Unmount failed" /etc/mount /dev/od0a ~$USER/${diskinfo}a exit endif # Eject the optical disk /etc/disk -e /dev/rod0a ------------------------------ Cut here ---------------------------------------- #! /bin/csh -fb # /usr/local/rootejectod (root must do a chmod 755 /usr/local/rootejectod) # Allows root to eject optical disk mounted on a user's directory # Bruce Holmer & Mike Carlton 1/23/89 if ($#argv != 1) then echo "Usage: rootejectod user" exit 1 endif # Flush disk buffers /bin/sync sleep 5 # Check for a disk in the drive /etc/disk -q /dev/rod0a >& /dev/null if ($status) then echo "Please make sure the disk is inserted in the drive" exit endif # Extract the disk label set diskinfo = `echo 'label\\ print\\ quit' | /etc/disk /dev/rod0a | /bin/awk '$0~/^disk label:/ { print $3 }'` # Unmount the partitions set error = `/etc/umount ~$1/${diskinfo}a |& cat` if (${#error}) then echo "Unmount failed" exit endif set error = `/etc/umount ~$1/${diskinfo}b |& cat` if (${#error}) then echo "Unmount failed" /etc/mount /dev/od0a ~$1/${diskinfo}a exit endif # Eject the optical disk /etc/disk -e /dev/rod0a