Phi Tran wrote:
> Neal Pollack wrote:
>> On 03/04/09 19:04, Phi Tran wrote:
>>>> I'm glad that you've decided to use an existing profile and not add
>>>> new authorizations. I just wanted to clarify that these are two
>>>> separate decisions.
>>>>
>>>
>>> There was an issue brought up about fdisk which doesn't have an entry
>>> in exec_attr. I assume the intention was to not allow regular users to
>>> use fdisk or maybe this is a bug. One could call fdisk from format,
>>> but I don't think that was a requirement to use fdisk.
>>>
>>> I think parted and fdisk should be allowed for regular users since
>>> these commands could be useful for removable media.
>>
>> So, how do you keep one of the regular users on a SunRay server from
>> destroying the partitions with fdisk?
>
> The above means regular users with privileges actually. These users
> (non-root) need the File System Management profile to get the
> privileges.
Right. You don't give such users this profile, any more than you'd give
them Primary Administrator, or grant them "sudo" privileges or give them
the root password to use with "su".
(Unless your and idjit administrator--- and such folks *do* exist. But
they get what they deserve...)
-- Garrett
>
> Phi
>>
>> Neal
>>
>>
>>> These commands can
>>> be included with the File System Management profile and given
>>> appropriate privileges as suggested previously.
>>>
>>> I'd like to get any comments to see if there should be a
>>> reason that parted should follow fdisk permission handling or if the
>>> case should continue with adding parted to the File System Management
>>> profile with appropriate privileges.
>>>
>>> Thanks,
>>>
>>> Phi
>>
>
>
