I think it is wrong to run a script that does no system changed to run as root. I don't understand why `mount -o loop` can not be done as user. That would be the more correct question. I can download an iso, burn it and read the content as user. I can not download the iso and mount the iso.
While I personally think running such a script as this should be done as user, I wouldn't get stuck at sudo. I also see that it is not possible to run this script as user, because it needs to mount ISO images. Using other programs to copy out the files from the ISO image is a bad idea IMHO. Personally I thnk having a script which turns the 5 CDs (plus/minus any other packages) into a functional SUSE DVD is well worth having, and thanks for all the work on it. Whether the script can be run as !root is something I don't care about right now. A functional script is much more valuable. I would suggest you do either/some of these: 1) Insert information into --help which states what lines to put into sudo's config to make it work with sudo, and what the implications are. 2) Mention in --help that the script must be run as root to be able to copy out the contents from ISO images. 3) Suggest a line in --help to be put into /etc/fstab, which allows any user to mount any ISO image from a defined public place at a predefined mount point. MAKE SURE(!) that dev,suid are on and auto is off on the mount options. You might find other options useful too.
Also now it is proven that I can copy the content of the iso to anywhere, it is strange that loop demands this. I believe it is not so much sudoers that must be changed, it is loop that must be changed.
You don't understand the loop mechanism. In *ix, mounting a filesystem is a priviledged operation, and with darn good reason. The mounting of your removable media is done by root, and controlled with suitable mount options as I outlined above. This prevents users from burning a SUID root shell to a CD and inserting into into a Linux box for a quick root. Under specific conditions, mount is permitted by non-root. The conditions are: user, users, or group are specified (and their condition match), the device is specified, and the mount point is specified. You can not relax on the last two conditions, as doing so would allow $USER to mount their USB gimmick on /bin and sitting back to watch the entertainment. All that loop does is turning a file into a block device, because that's the only thing you can mount. The mount command calls losetup in the background for you, after having found itself a free loop device (/dev/loop*). Volker -- Volker Kuhlmann is list0570 with the domain in header http://volker.dnsalias.net/ Please do not CC list postings to me.