Automagically create a new installation DVD for openSUSE 12.1

With openSUSE 12.1 available now many users want to download the ISO file and burn their installation DVD. I have updated an old bash script doing all required steps automatically. The script will verify the checksum of the created media, avoiding possible trouble later on during the installation process.

The script can be found here:

How to burn your installation DVD

I waon’t spoil the joy of your script and thus post here: is it realy needed to do that as root? I can do the whole process of downloading, checling and burning as a dumb end user from my KDE GUI. Thus IMHO when you want to do it from the CLI (typing commands or using your script), doing it as a normal user should be feasable.

is it really needed to do that as root?

Yes, if you want to burn with nice -19, and this really helps to get a good burn on some (slower) machines. And on quite a few (misconfigured) installations root is needed to burn at all (unlike yours).

Edit:

From the wodim man page:

It is recommended to be root or install the application as suid-root, because certain versions of Linux (kernel) limit the set of SCSI commands allowed for non-root users. Even if usage without root identity is possible in many cases, some device drivers still may fail, show unexplainable problems and generally the problems become harder to debug. The risk for buffer-underruns is also increased.

Then my advice would be to add a warning to your post (and comment in the script). Your script is clearly written for newbies (well, I won’t say anybody could use it to advantage) and they could get a complete wrong impression on where to use root for.

EDIT: I would prefer then to install as suid root. But I agree that that may be difficult to explain to the same audience as I assume above.

I would prefer then to install as suid root.

Thank you for your thoughts and suggestions. You know that you are putting me in a real dilemma? Let me summarize my intentions first:

  1. The script must produce a reliable installation DVD as far as the system permits. I can do nothing against misaligned burners, but I can do all the checking required and I want to have the media check done before the DVD is booted for the very first time. For the burning process itself I want to create the best possible environment to make it succeed. I could have added a caveat like “Run this on an otherwise idle system” but this does not help because some system hogging process could be started at any time by cron. That’s why I need to renice to -19 and run cdrecord/wodim as root.

  2. The intended audience is users on any Linux distro who might want to give openSUSE a try. This is not just openSUSE 11.3 and 11.4. As this is a bash script I may assume that the user already has some minimal Linux experience because he needs a running installation to use the script. Hence I assume that the user knows how to run a command from the commandline as root.

Now to my dilemma: I call the burning program by it’s name cdrecord, because this exists on older systems, but it is a symbolic link to wodim on newer installations. Whatever the user has, he would have to make either one of the two suid root. This still does not solve the ‘nice’ problem, is a bit tricky for newbies and requires root privileges as well, and it leaves the user’s system in an altered state which is possibly inconsistent with his security settings.

Making the script itself suid root is a no go. It might still be writable for users and that would introduce a capital security risk. Any decent security checker would and should barf at this.

As we all know, different distros have very different ways to run something with root priviledges. I simply do not know how to code it to make it run (almost) everywhere when I want to change to root just for the burning process (would be su -c ‘<command>’ on openSUSE).

Finally, we do not know if the user wants to download the ISO files into his /home/usr directory or /tmp where he can write as an ordinary user. Being root for the download has some advantages too, being able to do the download to any location. Using aria2c should be safe for this, as yast is using it as root as well.

The whole situation is very similar to ‘make install’. There are some moments in life where you have to run something as root. When a user is paranoid he just won’t use the script. Otherwise he can have a look at the code and decide for himself, or he can delete the EUID guard and the ‘nice -19’ and run it a an ordinary user, but he still would have to be a member of group cdrom.

If anyone knows a better tradeoff please let me know.

I completely understand your dilemma and that is why I added: “But I agree that that may be difficult to explain to the same audience as I assume above”.

BTW My remark about making suid root was about the tool where it’s documentation mentions it. Not about your script. And again the documentation mentioning it as one of the choices, I told what I personaly would prefer when I would install the tool.

The only thing I realy would like is a good documentation/warning, to make it clear to everybody whatever his knowledge/experience level, that there are security issues here and that using root here should be for the running of the script only (no claims to vodoo when users are using root before and after the script execution!)

The main problem with this script is that while it may be interesting for the author’s amusement, it has little of value or interest to the openSUSE user. It just does not offer any advantage over the openSUSE provided tools.