# /etc/security/console.perms # # This file determines the permissions that will be given to priviledged # users of the console at login time, and the permissions to which to # revert when the users log out. # format is: # =list of regexps specifying consoles or globs specifying files # file-glob| perm dev-regex| \ # revert-mode revert-owner[.revert-group] # the revert-mode, revert-owner, and revert-group are optional, and default # to 0600, root, and root, respectively. # # For more information: # man 5 console.perms # file classes -- these are regular expressions =tty[0-9][0-9]* vc/[0-9][0-9]* :[0-9]\.[0-9] :[0-9] =:[0-9]\.[0-9] :[0-9] # device classes -- these are shell-style globs =/dev/ttyS* =/dev/fd[0-1]* \ /dev/floppy/* /mnt/floppy* =/dev/dsp* /dev/audio* /dev/midi* \ /dev/mixer* /dev/sequencer* \ /dev/sound/* /dev/snd/* /dev/beep \ /dev/admm* \ /dev/adsp* /dev/aload* /dev/amidi* /dev/dmfm* \ /dev/dmmidi* /dev/sndstat =/dev/cdrom* /dev/rdvd /dev/ide/*/*/*/*/cd /dev/scsi/*/*/*/*/cd \ /dev/cdroms/* /dev/cdwriter* /mnt/cdrom* =/dev/pilot =/mnt/jaz* =/mnt/pocketzip* /mnt/zip* =/dev/ls120 /mnt/ls120* =/dev/scanner /dev/usb/scanner* =/dev/usb/rio500 =/mnt/camera* /dev/usb/dc2xx* /dev/usb/mdc800* =/mnt/memstick* =/mnt/flash* =/mnt/diskonkey* =/mnt/microdrive* =/dev/fb /dev/fb[0-9]* \ /dev/fb/* =/dev/kbd =/dev/js[0-9]* =/dev/video* /dev/radio* /dev/winradio* /dev/vtx* /dev/vbi* \ /dev/video/* /dev/vttuner =/dev/gpmctl =/dev/nvidia* /dev/3dfx* =/dev/apm_bios =/dev/scd* /dev/sg* /dev/pcd* /dev/pg* /dev/cdwriter /dev/scsi/*/*/*/*/generic =/dev/usb/dabusb* /dev/usb/mdc800* /dev/usb/rio500 /dev/ttyUSB* \ /proc/usb/[0-9][0-9][0-9]/[0-9][0-9][0-9] # permission definitions 0660 0660 root.tty 0666 0660 root.floppy 0666 0600 root.audio 0666 0660 root.cdrom 0600 0660 root.uucp 0600 0660 root.disk 0600 0660 root.disk 0600 0660 root.disk 0600 0600 root 0666 0600 root 0666 0600 root 0600 0600 root 0600 0660 root.disk 0600 0660 root.disk 0600 0600 root 0600 0600 root 0600 0600 root 0666 0600 root.sys 0700 0700 root 0600 0600 root 0660 0660 root.cdrw 0666 0660 root.usb 0600 0600 root 0600 /dev/console 0600 root.root 0600 0600 root