https://bugzilla.novell.com/show_bug.cgi?id=550021
https://bugzilla.novell.com/show_bug.cgi?id=550021#c59
--- Comment #59 from Jörg Schiling
(In reply to comment #54)
The comment in linux/capability.h lead to CAP_SYS_ADMIN as a prerequisite for being able to send any SCSI command. Do I need CAP_SYS_RAWIO in addition?
I have skimmed the source code (linux-kernel/drivers/scsi/sg.c), and it would seem that CAP_SYS_RAWIO is sufficient in many spots where it is used:
13:43 ares07:../drivers/scsi > grep SYS_RAWIO *.c hpsa.c: if (!capable(CAP_SYS_RAWIO)) hpsa.c: if (!capable(CAP_SYS_RAWIO)) scsi_debug.c: if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) scsi_ioctl.c: if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO)) scsi_ioctl.c: if (!capable(CAP_SYS_ADMIN) || !capable(CAP_SYS_RAWIO))
.... Did you also check layered transports like *ATA and USB? There is ATAPI and USB mass storage encapsulation, that may apply filters. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.