Which group has access to devices?

Hi all. I am trying to setup new virtual macine (WinXp) on VirtualBox v 2.1.0 on suse 11.1 with support of shared folders. When I try to run the machine I get an error saying

“Cannot open host device ‘/dev/sr0’ for readonly access. Check the permissions of that device (’/bin/ls -l /dev/sr0’): Most probably you need to be member of the device group. Make sure that you logout/login after changing the group settings of the current user (VERR_ACCESS_DENIED).”

So I gues I have to add the current user the rights for devices, but looking at the existing groups there is no group named “device”, I added the group “uucp” but after logout and login I still get the same error. I would appreciate any help I can get.

Try to add your user to crdom group.

ram88 thanks, but I susspect I did gues the right one. I tried to add “bin” and after logout login that error is gone :slight_smile: But I’m still not sure this is the correct one. Should a normal user be member of bin group, I mean for security reasons?

No, bin is not a group for normal users. cdrom is the right group for /dev/sr?. Please don’t go guessing which groups a user should be in, you are unlikely to find the answer by trial and error. It’s certainly not uucp. Feel free to ask here.

Sorry, that was my mistake. The owner for sr0 is the disk group. :shame:

Thanks guys. If I understood well the normal user can be member of groups cdrom and disk. Just out of curiosity, what permissions does the bin group provide? Thanks again for your help. VirtualBox now works ok with cdrom group :slight_smile:

No, disk is not a normal group for users. It’s dangerous because it allows users to examine the raw disk. Normally this group is only given to backup programs that dump the whole disk.

bin as a group doesn’t seem to be used much for files these days. You can check this by doing find / -group bin. I didn’t get any hits but I interrupted, too bored to wait for the whole scan. I’m having difficulty remembering what the bin group was used for in Unix. I think it was a group assigned to program files. These days program files are usually group root. There isn’t much significance either way, they are inaccessible to users in either group bin or root.

bin is a primary group for bin user and supplementary group for the daemon user. Again I would have to dig to understand the significance of these system users and groups.

But the main thing is: bin is not a group for normal users.

ken_yap thanks for explanation :slight_smile: