libburnia/libisoburn
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

New command -drive_access, new -as cdrecord option --drive_not_exclusive

Browse Source
This commit is contained in:
Thomas Schmitt
2019-09-08 12:30:52 +02:00
parent 8828d6f465
commit 901939986a
15 changed files with 509 additions and 288 deletions
Download Patch File Download Diff File Expand all files Collapse all files

108
xorriso/xorriso.texi
View File

@ -50,7 +50,7 @@
@c man .\" First parameter, NAME, should be all caps
@c man .\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
@c man .\" other parameters are allowed: see man(7), man(1)
@c man .TH XORRISO 1 "Version 1.5.1, Apr 15, 2019"
@c man .TH XORRISO 1 "Version 1.5.1, Sep 04, 2019"
@c man .\" Please adjust this date whenever revising the manpage.
@c man .\"
@c man .\" Some roff macros, for reference:
@ -69,7 +69,7 @@
xorriso - creates, loads, manipulates and writes ISO 9660 filesystem images
with Rock Ridge extensions.
Copyright @copyright{} 2007 - 2017 Thomas Schmitt
Copyright @copyright{} 2007 - 2019 Thomas Schmitt
@quotation
Permission is granted to distrubute this text freely.
@ -903,6 +903,68 @@ apply. See above paragraph "Libburn drives".
An empty address string "" gives up the current output drive
without acquiring a new one. No writing is possible without an output drive.
@c man .TP
@item -drive_class "harmless"|"banned"|"caution"|"clear_list" disk_pattern
@kindex -drive_class controls drive accessability
@cindex Drive, accessability, -drive_class
Add a drive path pattern to one of the safety lists or make those lists empty.
There are three lists defined which get tested in the following sequence:
@*
If a drive address path matches the "harmless" list then the drive will be
accepted. If it is not a MMC device then the prefix "stdio:" will be prepended
automatically. This list is empty by default.
@*
Else if the path matches the "banned" list then the drive will not be
accepted by @command{xorriso} but rather lead to a FAILURE event.
This list is empty by default.
@*
Else if the path matches the "caution" list and if it is not a MMC device,
then its address must have the prefix "stdio:" or it will be rejected.
This list has by default one entry: "/dev".
@*
If a drive path matches no list then it is considered "harmless". By default
these are all paths which do not begin with directory "/dev".
@*
A path matches a list if one of its parent paths or itself matches a list
entry. Address prefix "stdio:" or "mmc:" will be ignored when
testing for matches.
@*
By pseudo-class "clear_list" and pseudo-patterns "banned", "caution",
"harmless", or "all", the lists may be made empty.
@*
E.g.: -drive_class clear_list banned
@*
One will normally define the -drive_class lists in one of the @command{xorriso}
Startup Files.
@*
Note: This is not a security feature but rather a bumper for the superuser to
prevent inadverted mishaps. For reliably blocking access to a device file you
have to deny its rw-permissions in the filesystem.
@c man .TP
@item -drive_access "exclusive"|"shared":"unrestricted"|"readonly"
@kindex -drive_access control device file locking
@cindex Device file locking, -drive_access
Control whether device file locking mechanisms shall be used when acquiring a
drive, and whether status or content of the medium in the drive may be
altered. Useful and most harmless are the setting "shared:readonly"
and the default setting "exclusive:unrestricted".
@*
"exclusive" enables tests and locks when acquiring the drive. It depends on the
operating system which locking mechanisms get applied, if any. On GNU/Linux
it is open(O_EXCL). On FreeBSD it is flock(LOCK_EX).
@*
"shared" disables the use of these mechanisms to become able to acquire drives
which are mounted, or opened by some process, or guarded by /dev/pktcdvd*.
@*
"unrestricted" enables all technically appropriate operations on an acquired
drive. "shared:unrestricted" risks to get own burn runs spoiled by other
processes or to vice versa spoil activities of such processes. So use
"exclusive:unrestricted" unless you know for sure that "shared" is safe.
@*
"readonly" disables operations which might surprise a co-user of the drive.
For -outdev these are formatting, blanking, writing, ejecting. For -indev
this is ejecting. Be aware that even reading and drive status inquiries can
disturb an ongoing burn run on CD-R[W] and DVD-R[W].
@c man .TP
@item -scsi_dev_family "default"|"sr"|"scd"|"sg"
@kindex -scsi_dev_family choose Linux device file type
@cindex Linux device type, -scsi_dev_family
@ -1044,43 +1106,6 @@ to employ a loop device instead.)
In both cases, the ISO sessions should be self contained, i.e. not add-on
sessions to an ISO image outside their track or partition.
@c man .TP
@item -drive_class "harmless"|"banned"|"caution"|"clear_list" disk_pattern
@kindex -drive_class controls drive accessability
@cindex Drive, accessability, -drive_class
Add a drive path pattern to one of the safety lists or make those lists empty.
There are three lists defined which get tested in the following sequence:
@*
If a drive address path matches the "harmless" list then the drive will be
accepted. If it is not a MMC device then the prefix "stdio:" will be prepended
automatically. This list is empty by default.
@*
Else if the path matches the "banned" list then the drive will not be
accepted by @command{xorriso} but rather lead to a FAILURE event.
This list is empty by default.
@*
Else if the path matches the "caution" list and if it is not a MMC device,
then its address must have the prefix "stdio:" or it will be rejected.
This list has by default one entry: "/dev".
@*
If a drive path matches no list then it is considered "harmless". By default
these are all paths which do not begin with directory "/dev".
@*
A path matches a list if one of its parent paths or itself matches a list
entry. Address prefix "stdio:" or "mmc:" will be ignored when
testing for matches.
@*
By pseudo-class "clear_list" and pseudo-patterns "banned", "caution",
"harmless", or "all", the lists may be made empty.
@*
E.g.: -drive_class clear_list banned
@*
One will normally define the -drive_class lists in one of the @command{xorriso}
Startup Files.
@*
Note: This is not a security feature but rather a bumper for the superuser to
prevent inadverted mishaps. For reliably blocking access to a device file you
have to deny its rw-permissions in the filesystem.
@c man .TP
@item -read_fs "any"|"norock"|"nojoliet"|"ecma119"
@kindex -read_fs filesystem type for image loading
@cindex Image, filesystem to load, -read_fs
@ -1277,7 +1302,7 @@ for timestamps of ISO 9660 nodes without a disk source file and as default
for superblock timestamps.
@*
If a timestring is given, then it is used for such timestamps. For the formats
of time strings see command @strong{-alter_date}.
of timestrings see command @strong{-alter_date}.
@c man .TP
@item -disk_dev_ino "on"|"ino_only"|"off"
@kindex -disk_dev_ino fast incremental backup
@ -5504,7 +5529,8 @@ write permission. Default is "sort_lba_off".
Option "o_excl_on" is the default unless the program was started with leafname
"osirrox". On GNU/Linux it tries to avoid using drives which are mounted or in
use by other libburn programs.
Option "o_excl_off" on GNU/Linux enables access to such drives. Drives which
Option "o_excl_off" on GNU/Linux enables access to such drives by the
equivalent of -drive_access "shared:readonly". I.e. drives which
get acquired while "o_excl_off" will refuse to get blanked, formatted,
written, or ejected. But be aware that even harmless inquiries can spoil
ongoing burns of CD-R[W] and DVD-R[W].