#983861 k3b: Permissions of external program should be of group "cdrom" and not "operator"

Package:
k3b
Source:
k3b
Description:
Sophisticated CD/DVD burning application
Submitter:
Fab Stz
Date:
2026-03-11 14:57:01 UTC
Severity:
normal
Tags:
#983861#5
Date:
2021-03-02 11:45:54 UTC
From:
To:
Dear Maintainer,

With k3b, when wanting to set the external program permissions, it wants to
set
them with user "operator" instead of "cdrom" which may be more adequate
according to the description of the groups in
https://wiki.debian.org/SystemGroups

- operator: Operator was (historically) the only 'user' account that could
login remotely.
- cdrom: This group can be used locally to give a set of users access to a
CDROM drive and other optical drives.

This will patch k3b to use "cdrom" instead.

BTW, in buster, permissions used to be set to "root.root". I don't know why
it's not the same since that piece of code didn't change.

#983861#10
Date:
2021-03-02 13:31:12 UTC
From:
To:
Hi,

not that I am an expert, and cd burning is anyway only for maniacs (like
me!!!) who want to get into contact with whom-who-must-not-be-named.

Well, the original code is rather bad indeed, because it relies on the
order of groups returned by getgrent, and picks the *last* available
one. In your case, if you have an "operator" group, it will be used.

I am not sure, maybe this is intended, but I guess there should be
either a break out of the loop after the first groupname is found,
or something else.

Best

Norbert

#983861#15
Date:
2021-03-02 15:59:35 UTC
From:
To:
Hello,

Ok, this explains it then.

Well it's a fresh debian install of testing/bullseye to find some bugs before
the upcoming release. And on a fresh install "operator" group is present.

If k3b's deb could be fixed for the next release of debian so that the package
conforms debian's policies that would be great. I think this patch is
sufficient since the group that fits this purpose, according to the group
definition is "cdrom", so no need to search any other, and on debian it does
exist.

Regards

Le mardi 2 mars 2021, 14:31:12 CET Norbert Preining a écrit :

#983861#20
Date:
2022-10-12 17:39:41 UTC
From:
To:
Hello Norbert,

This is still relevant for 22.04.2-1

Would you please add that patch to the package?

Since the "operator" group is present on a fresh install of Debian, and since
it is prefered to have group "cdrom" used by k3b, I think it would be better
if the patch was applied.

Rgds
Fab


Le mardi 2 mars 2021, 16:59:35 CEST Fab Stz a écrit :

#983861#25
Date:
2026-03-11 14:54:18 UTC
From:
To:
Hello,

This is still a problem with 25.04.0-1 which is in trixie.

You wanted an example when this is not applied.
I tried erasing a CD-RW and got that error.

When going to k3b options to set the permissions it wants to set group to "operator" but this not the correct group for cd burning in debian.
It should be group "cdrom". Operator has another use in Debian. That's why I think this is a Debian specific issue and justifies patching in debian only.

Regards
Fab