Makemkv requires root access? [SOLVED]

Similar Messages

• Does managing Oracle 10g RAC with ASM require full root access?

  We currently have three entirely separate support areas, Unix, Storage and DBA. We're now considering using Oracle 10g RAC with ASM and as part of the assessment trying to work out if we can still draw similar support boundaries. I know that installing RAC and configuring ASM requires root access but will DBA continue to need root access to manage & support RAC? If so, does anyone know if the commands they need can be RBAC'd or if we just need to share root access going forwards. I've had a look at a number of docs including http://download.oracle.com/docs/cd/B19306_01/rac.102/b14197/toc.htm. which is fairly informative but none of them seem to mention the requirement for root access on Solaris. I'm guessing they just assume that it's available, but that's not generally the case in our environment.
  All advice / info welcome!

  I would have thought that the only reason you would need root access once RAC and ASM had been set up would be to add more disks to the ASM configuration. This would be needed to change the ownership on the raw LUNs or to make additions to metasets (SVM/Oban) or diskgroups (VxVM/CVM). Beyond that, I can't imagine needing root access.
  I'm sure others will chime in if they can think of other reasons!
  Regards,
  Tim
  Edited by: Tim.Read on Jun 3, 2008 2:25 AM

• Libusb requires write access to USB device nodes [SOLVED]

  Hi,
  I have used gtkam to upload photos from my camera for some time now - though on an occasional basis because I don't take very many photographs.  On attempting to use it today for the first time in a while I find that I can't do so as a user.
  "libusb couldn't open USB device /dev/bus/usb/003/002: Permission denied.
  libusb requires write access to USB device nodes."
  Can anyone tell me how to fix this please?
  Last edited by perseus (2011-01-03 22:46:46)

  I did some additional research and found the udev file for libgphoto2: /lib/udev/rules.d/40-gphoto.rules
  I also realized that my camera is not listed in that file:
  Bus 001 Device 011: ID 04a9:31f6 Canon, Inc.
  I tried to add this device and vendor ID to the list of Canon cameras and restarting udev
  ATTRS{idVendor}=="04a9", ATTRS{idProduct}=="31f6", ENV{ID_GPHOTO2}="1", ENV{GPHOTO2_DRIVER}="proprietary", MODE="0660", GROUP="camera"
  # killall udevd && udevd -d
  Unfortunately this didn't work out.
  I also tried to add the following line to that gphoto udev file as suggested by Digital Cameras wiki
  PROGRAM="/lib/udev/check-ptp-camera", MODE="0660", GROUP="camera"
  Still nothing after restarting udev...
  My next try was adding the camera to the HAL fdi file /usr/share/hal/fdi/information/20thirdparty/10-camera-libgphoto2.fdi and restarting HAL.
  This didn't help either.
  I'm getting short on clues...
  For sure I can access the camera as root but that's not what I want to do.
  !! UPDATE !!
  I was dumb. PTP cameras are handled separately so I don't need to have the USB IDs in the udev or fdi files.
  So the question is why PTP cameras are not handled correctly, why the group for these devices is not "camera"?
  Last edited by KoS (2011-01-03 22:19:57)

• [SOLVED] VirtualBox won't recognize host USB devices w/o root access

  VirtualBox is currently unable to detect the host's USB devices without root access. When I try to add a USB filter with user permission, the menu says
  <no devices available>
  but when I run VirtualBox as root, it detects the USB device, obeys the filter once added, and I can access the USB device from inside the virtual machine. Is there any way to get the same behavior from a non-root account?
  This user account is part of the vboxusers group and I have guest additions installed.
  Last edited by boblitz13 (2012-10-19 21:05:01)

  Well, sometimes it's the truly silly things that get you. I rebooted and VB now detects the host USB devices with regular permissions. All of the device filters are now working except the one for my NTFS-formatted external HD. The filter will grab it from the host OS but I cannot access it in the guest. I read that VB used to have a problem with USB 3.0, but that seems to have been resolved in the latest version. Is there any other explanation for why this isn't working?

• Root access question

  I have seen from some other postings that there is supposed to be a root password that is common to the N900. However when I try to use it, it doesn't seem to work. I see a lot of people suggesting the use of rootsh, but surely the same functionality should be achievable by just using sudo su root?
  So, if there is one root password for the N900, isn't that a security hazard and consequently we should all be changing ours to something we choose?
  Thanks for your help.
  Solved!
  Go to Solution.

  I have changed my root password, because I do development and require SSH access TO my phone.. but I would not be surprised if a default phone had no root password.. ie password authentication for root is disabled (this is not the same as having a null password)
  There is, by default, no user authentication way into the n900.. so the root password is irrelivant.. 
  You could change root's password, but you would need root access to do so... the way root access is enabled normally is via "sudo gainroot"
  This command is disabled normally.. It can be enabled by putting your device into R&D mode (which is not recommended and my make your device unstable) or by installing the rootsh package
  sudo su is not supported because it is not allowed in the sudoers file..
  sudo gainroot IS allowed in the sudoers file.
  So, to answer you question.. 
  the easiest way to enable root is to install rootsh (which patches gainroot to allow acces with or without R&D mode)
  changing the root password can be done after you've done that, but unless you are planning to install a root service with authentication, it isn't particularly relevant.. DO do this if you plan to use openssh-server

• How I can get root access to my ST15i updated to ICS?

  Recently I updated my ST15i to ICS I need root access as there is verry limited memory for application
  Solved!
  Go to Solution.

  {GUIDE} How to Root Xperia™ Smartphones
  Discussion guidelines.
  Message me or any other moderator to seek help regarding moderation.

• Linux installing applications requires root password.

  Can anyone explain to me why it is that on Linux, Air
  requires a root password to install an application even if the
  installation directory is specified as somewhere within my own home
  directory?
  That it asks for a root password under such circumstances
  seems very wrong. The application files are being written to my
  home directory, I don't need to be root to write there and I do not
  want files being created in my home directory with root as the
  owner, as Air does when it installs an application.
  Asking for the root password also means that users who have a
  Linux machine that is administered for them by someone else and do
  not have root are unable to install Air applications themselves
  even if the administrator has installed Air on their
  machine.

  First of all, on behalf of myself (and anyone else who has
  been wondering about this particular detail of Adobe AIR) let me
  thank you for your helpful reply. This does still leave me with a
  couple of questions, however...
  quote:
  Originally posted by:
  Ashutosh Sharma
  AIR applications are similar to regular native applications -
  they install as native rpm/deb packages. This requires access to
  the rpm/deb system database (e.g. rpm database lock). And this is
  required even if the installation folder is chosen to be one that
  is owned by the current non-root user. In addition, with root
  privileges, it's also possible to install applications to a
  location that is accessible to other users on the system.
  I have confirmed for myself the accuracy of this information
  and I thank you for pointing it out. While this does make some
  sense on the surface, it does leave me wondering something about
  the security level of this install process. When I install
  applications from my Linux distribution's package sources, I have
  GPG (or PGP) cryptographic key signatures ensuring that all the
  packages are un-altered from their original form on the
  distribution's package servers, and a team of programmers assuring
  me that the code of these packages are (at least somewhat) safe as
  far as they are able to tell. I am thus far unable to find
  information leading me to believe that there is similar assurance
  that I am not willingly installing unknown malware (keystroke
  logger, spyware, etc.) disguised as a desktop widget (for example)
  when installing Adobe AIR applications. As a code savvy user, I can
  personally download and examine the code of many AIR apps to ensure
  their safety myself before installing, but what about users who
  understand code as well as they understand Martian language or
  ancient Egyptian hieroglyphs? Is there any assurance process in
  place for the average user similar to that of native distro
  packages? If so, can anyone point me to where that is discussed on
  the Adobe pages?
  Also, as an aside note; root privileges are not technically
  REQUIRED in order to install an RPM package in a location which the
  user already has write access to, as I personally have on many
  occasions installed source code packages (SRPM) from my
  distribution's package manager in my home folder while logged in as
  a normal user (without the use of 'su' or 'sudo' or such) for the
  purpose of building newer versions of the RPM packages which they
  correspond to.
  quote:
  Originally posted by:
  Ashutosh Sharma
  However, do note that when they are launched, AIR
  applications run with the privileges of the user launching the
  application and not root. The primary executables of AIR
  applications (under the bin/ folder in the installation path) do
  not have the setuid bit set. You should not be worried about AIR
  applications running with root privileges, based on the fact that
  their installation required superuser access - the two are
  completely independent.
  This does still go back to the original point about the
  security of the code itself which is being installed in the first
  place. What quality assurance process is in place (beyond the star
  ratings system on the application showcase site) to ensure that
  malware was not installed (as root) and then happily being run by
  all the users of a system while blissfully unaware of the capture
  of their passwords or other personal information? (Again, an
  example, and not the only such possible worry.) If such an
  assurance system
  is already in place, where can I (and other AIR users) read
  more about it?
  The reasons for this concern should be obvious when one
  considers that a malicious application does not necessarily need to
  be run as root to still do a great deal of damage on a system and a
  sufficiently sneaky malware application could possibly even
  obtain root privileges once installed on a system through
  some other privilege escalation exploit. As an administrator of
  multiple systems and networks, I have to be cautious about which
  applications I allow on to a system or network for this very
  reason.
  Please be aware that I am not making these points and asking
  these questions to be a "troublemaker" or to shoot down the
  achievements of the AIR team, or Adobe. To the contrary, I am very
  impressed by the technology that I've seen so far and would
  very much like to see AIR become and stay a genuinely useful
  part of the web ecosystem on all platforms. As a matter of fact,
  I'm personally reading a few different resources currently about
  how to develop AIR applications in anticipation of satisfactory
  answers to my few remaining concerns about AIR security worries. ;)
  P.S.: If this forum was the wrong place to be discussing
  these specific types of issues and concerns, please feel free to
  point me toward a better place where such things should be better
  covered and where like-minded individuals and groups might either
  continue the discussion or resolve / close this concern entirely.
  An IRC channel where AIR devs hang out maybe, or perhaps another
  Adobe forum where security concerns are discussed, etc.? :)
  Anyhow, sorry about the long rambling post. Thank you to
  Ashutosh Sharma for your initial reply to this thread, and thank
  you in advance to whoever may reply further and bring final
  resolution to any remaining worries I and others may have regarding
  these and similar potential security concerns. :)

• Tasks that require ROOT for RAC DBA

  Our Networking Team and Applications Team are going through some growing pains. We are trying to resolve what permissions should be given to a RAC DBA. Our RAC DBA is responsible for Oracle Clusterware, Oracle Automatic Storage
  Management and Oracle RDBMS software. The OS, Server and Storage Subsystem are the responsibility of the System Administrator. We have the following Environment:
  Production and Test (RAC)
  Oracle Enterprise Linux 5 update 2
  Oracle Clusterware 11.2.0.2 -- Grid Infrastructure
  Oracle ASM 11.2.0.2
  Oracle Database 11.2.0.2 EE
  Development (Single Instance)
  Oracle Enterprise Linux 5 update 2
  Oracle ASM 11.2.0.2 -- Grid Infrastructure
  Oracle Database 11.2.0.2 EE
  As the RAC DBA, I have identified the following areas that require ROOT for RAC and Single Instance DB's; however, I understand there may be more:
  diagcollection.pl
  - diagnostic tool for Oracle Clusterware and may be requested by Oracle Support
  ocrconfig
  - to repair ocr configuration issue (add, replace and remove requires root)
  srvctl modify
  - required root to change ip address
  tar
  - TAR Grid Infrastructure Directory structure preserving files with ROOT ownership
  cluvfy
  - cluvfy fix it scripts need to run as ROOT
  - some cluvfy commands under 11gr1 would only run properly for -post cfs check as ROOT in our last installation
  ASM Libraries
  - ROOT required to install and configure ASM libraries
  fdisk - l
  - this is used to see disks attached which is relevant when ASM disks are not mounted
  /etc/sysconfig/oracleasm
  - oracleasm loading configuration file
  /usr/sbin/oracleasm
  - to make disks available to ASMLIB (scandisks etc.)
  /usr/sbin/asmtool
  - asm config tool due to bug
  asm cluster file system
  - some commands require ROOT (mounting etc.)
  - acfsutil
  /var/log/messages
  - loading errors ohas and oracleasm would be logged here
  cvuqdisk
  - needs to be loaded for new install
  root.sh
  - script needed to run at install, upgrades and patching
  oraInstRoot.sh
  - script needed to run at install
  rootupgrade.sh
  - upgrade script
  roothas.pl
  - upgrade script
  ocrcheck
  - check for ocr corruption
  - corrupt check portion requires ROOT
  - oracle local registry
  Grid Infrstructure
  - .runInstaller from Grid Infrastructure
  - includes upgrades
  asm configuration assistant (asmca)
  - configuration of asm diskgroups
  - vol mgr for asm disks
  ocrconfig
  - ocr configuration tool
  - ocr import
  - ocr export
  - oracle local registry
  ocrdump
  - used to check ocr backup file
  - oracle local registry
  opatch
  - patching grid control requires ROOT
  crsctl
  - Startup and Shutdown Oracle Clusterware, Oracle ASM and Database/Instance
  - restore voting disk
  - restore ocr
  - set log for dynamic debugging
  - check install periodically
  srvctl
  - modify nodeapps (ex. ip address change)
  - add filesystem (acfs)
  What other items would a RAC DBA need to have ROOT access for?

  I'd like to say at the outset that this is a scenario and I am NOT in anyway choosing who does what. A simple -- not so simple -- discussion of roles and responsibilities and associated privileges. If you say that the System Administrator is managing the Grid Infrastructure then this would include all Clusterware and Storage Management (ASM) activities. The System Administrator would manage the OCR and Voting Disks, backups, integrity checks etc. The DBA would then only be responsible for adding the storage within the database itself like assigning tablespaces that reference ASM Disk Groups. This doesn't mean that the DBA can't see the ASM information in the database. The major challenge seems to give your DBA access to the OS, networking and storage tools to preliminarily investigate what they believe to be a OS, networking or storage issue. Without this crossover, your System Administrator may be doing work that is unnecessary. A DBA should have clear understandings of what performance the storage system, cpu, memory and networking should be providing and access to the tools that allow them to understand what side of the fence an issue resides.
  There seem to be choices for an organization.
  1) Is there a position called RAC DBA or is the RAC portion managed by the System Administrator.
  2) If a RAC DBA exists then what should the System Administrator be responsible for
  3) What access is need for an existing RAC DBA?
  4) How will access privileges be given to the RAC DBA?
  5) other considerations regarding security?
  I agree that there needs to be crossover regarding handling workload and issues. The agreements on roles and responsibilities shouldn't stop the crossover but they should help in understanding who is ultimately responsible for certain areas of the system and application.
  If this isn't happening at organizations then how is it handled? or not handled?

• Does ADFS server require Internet access?

  Hello,
  I have two Adfs 3.0  server in intranet and two adfs proxy in DMZ. For the firewall setting in two adfs 3.0 server, I set the default outbound connection as block and create a custom outbound rules allow the connection to intranet. 
  When I add new relying party, ADFS can not verify the certification of the RP. The certificate of the relying party is wildcase cert and issued by DigiCert. I have already install the root CA cert in trusted root certification authorities of two ADFS server.
  But ADFS still can not recognize the certification path. After I change the default outbound connection as allow in firewall setting, ADFS can verify the certificate. I continues the process and close internet access after user can successful login.
  A few days later, user can not login. The following error log exit in ADFS log:
  Event ID 317:
  An error occurred during an attempt to build the certificate chain for the relying party trust 'https://xxxx.xxxx.xxx.xx' certificate identified by thumbprint 'xxxxxxxxx'. Possible causes are that the certificate has been revoked, the certificate chain could
  not be verified as specified by the relying party trust's encryption certificate revocation settings or certificate is not within its validity period. 
  You can use Windows PowerShell commands for AD FS to configure the revocation settings for the relying party encryption certificate. 
  Relying party trust's encryption certificate revocation settings: CheckChainExcludeRoot 
  The following errors occurred while building the certificate chain:  
  The revocation function was unable to check revocation for the certificate.
  The revocation function was unable to check revocation because the revocation server was offline.
  User Action: 
  Ensure that the relying party trust's encryption certificate is valid and has not been revoked. 
  Ensure that AD FS can access the certificate revocation list if the revocation setting does not specify "none" or a "cache only" setting. 
  Verify your proxy server setting. For more information about how to verify your proxy server setting, see the AD FS Troubleshooting Guide (http://go.microsoft.com/fwlink/?LinkId=182180).
  I reopen the firewall in outbound rule. then everything run as normal, user can login again. 
  Does ADFS require internet access for certification path checking? If I really want to block the internet access, which port I need to open in order to allow ADFS check the certificate?
  Thank you very much.

  You can run 
  Set-AdfsClaimsProviderTrust -TargetName "<IDP name>" -SigningCertificateRevocationCheck None
  and see if this fixes the problem (link from the event log will tell you the same thing), As Bart describes in his topic: https://social.msdn.microsoft.com/Forums/vstudio/en-US/47345c69-7b68-4f09-907e-43ed2805cac0/adfs-30-signing-certificate-crl-check-with-http-proxy-to-the-internet?forum=Geneva

• Cold fusion 10 root access to start stop

  hi there,
  urgent help required,,, we got new Linux server and need to install CF 10 on them,,,as we were told by our former team that we need to have vtier sudo access on the server. Now the team that provides access is saying that if a server has vtier account, CF should be started/stopped using vtier account only and root access to vtier will not be provided. As per them, if sudo access to vtier is must for starting/stopiing CF, then there is need to install/configure the CF for vtier account only....vtier account is runtime user...and in filesystem it is /opt/app/<vtierName>.
  I checked the start/stop script for CF and found this:
  1-     it is clearly mentioned that one must be root to start CF. (highlighted in RED)
  if [ "`uname`" = "Darwin" ]; then
              # nothing, on OSX we don't care about the user name.  We assume that the user running it has permission to do everything
  IS_MAC="true"
  elif [ ! $ID -eq 0 ]; then
  echo "You must be root to start ColdFusion ."
          exit 1
  fi
  2- Where it actually tries to start CF with CFSTART, it looks for /sbin/runuser, if it finds out that it start CF with ‘/sbin/runuser –s’ with RUNTIME_USER that is already defined in script as vtier account.
  Linux)
  OS=Linux
  PSCMD="ps -ef"
  LD_LIBRARY_PATH="$CF_DIR/lib:$CF_DIR/lib/_ilnx21/bin:$JAVA_LIBRARY_PATH"
  SUCMDFILE=su
  if [ -x /sbin/runuser ]; then
  SUCMDFILE=/sbin/runuser
  fi
          CFSTART='$SUCMDFILE -s /bin/sh $RUNTIME_USER -c "export LD_LIBRARY_PATH=$LD_LIBRARY_PATH; cd $CF_DIR/bin; nohup $JAVA_EXECUTABLE -classpath $CLASSPATH $JVM_ARGS com.adobe.coldfusion.bootstrap.Bootstrap -start &"'
          CFSTOP='$SUCMDFILE -s /bin/sh $RUNTIME_USER -c "env -i; cd $CF_DIR/bin;$JAVA_EXECUTABLE -classpath $CLASSPATH $JVM_ARGS_NODEBUG com.adobe.coldfusion.bootstrap.Bootstrap -stop"'
  I tried to modify the script, commented the root part condition as in point 1, but looks not possible to amend the part 2 where it actually starts the CF.
  Now my question is:
  1- Do we really need root access to vtier account (runtime user) to start/stop CF?
  2- If we really don't need root access, how can we modify the script and/or do other changes?
  Your help is much appreciated.

  Hi
  Can you show us the screenshot of permissions of wwwroot folder and sub-directory folder?
  Also, can you create a new site in IIS and create the same directory structure however assign permisison as Everyone and then test the behavior. As you have configured the connector with All then you need not to create the connector once again. The reason why CFIDE and jakarta are working fine because they are not the actual directories, they are virtual. So in conclusion, the issue seems like the .cfm present inside the subdirectories are not working fine.
  It seems like .htm is working fine within the subdirectory.
  HTH
  Thanks
  VJ

• Need to run fmsedge process without root access

  1937396
  On Linux, the fmsedge process needed to run without root access.

  I see that in the release notes
  new in this release:
  1937396
  On Linux, the fmsedge process needed to run without root access.
  However I have not found any documentaion on how to do this?
  I would love to run the fmsedge process run as non-root so tht root does not own the 1935 listening port.
  fmsedge   26837  root   19u  IPv4  4007676       TCP localhost:19350 (LISTEN)
  fmsedge   26837  root   24u  IPv4  4007679       TCP *:1935 (LISTEN)
  fmsedge   26837  root   35u  IPv4  4007717       TCP localhost:19350->localhost:59625 (ESTABLISHED)
  fmsedge   26837  root   57u  IPv4 26532589       TCP localhost:19350->localhost:58913 (ESTABLISHED)
  This appear to not be the default setup.
  Thanks in advance if anyone has tackled this!

• ITunes podcast downloading problem.  "Authorization is required to access" error message.

  I've been subsribing to a podcast through iTunes for years with no problems, but today I get the error message:
  "There was a problem downloading (podcast name).  Authorization is required to access (url feed)"
  Its a BBC podcast and I now get the same error message for all the other BBC podcasts that I subscribe to.  I also cant play or download any BBC podcasts from the iTunes Store.  All other podcasts by all other providers are fine.
  Weirdly this problem seems to be limited to the Macbook Pro as the iMac on the same network can access the problem podcasts with no hassle.
  A few web searches have turned up very little, any ideas in Apple Communities-land!

  Hey Roger and thanks for your amazingly quick response.
  I did a quick confirm: it doesn't seem to work on any Windows machines I can get my hands on, so it isn't something specific to me (whew!).  It definitely DOES work on any Mac I can get my hands on (which you also confirmed - thanks).
  That link, the feedproxy.google.com one, works fine on Windows and Mac alike.  I very much imagine that someone else is using FeedBurner and while I'm not huge into podcasts, there are a lot of others who are.  This issue would've come up if it were something like that.  Either way: I can access that link (and thus the content) just fine on any machine I'm on.
  So, what you're saying is to ditch FeedBurner entirely and just submit the raw feed to iTunes.  That sounds good (and, if I want more indepth statistics later, I'll cross that bridge then)...but I'm afraid I'm not sure how to do that.  I've already submitted the FeedBurner feed to iTunes and I'm not sure how I'd go about changing it.  Would I simply ask iTunes to delete the old feed and more or less resubmit?
  Thanks for the help about the artwork.  The individual files may very well be missing the metadata, as when I asked the guy doing that if he had included the artwork, he indicated he was rather confused.  I'll test that out in a bit.  The feed artwork, however, I must admit ignorance about.  Where might I be able to change that?  I'm using WordPress and...PowerPress/BluBrry (or whatever it's referred to).
  Thanks again for being so incredibly helpful with all this.  And so timely, too.

• Internet explorer is required to access some of my financial accounts; what are the risks?  I am running Mac OS X 10.7.2 on a Mac Pro

  Internet explorer is required to access some of my financial accounts; what are the risks?  I am running Mac OS X 10.7.2 on a Mac Pro
  Message was edited by: 74683msn

  Advisable is irrelevant...  It is not possible.  There has not been a version of IE for Mac for a long time.  You will have to load Windows on your Mac in order to run IE, or try making your browser mimic IE.  (In Safari, go to Safari -> Preferences, click the Advanced tab and check the box to show the Develop menu.  Then, in that menu, choose User Agent -> Internet Explorer x.0.)  Note that doing that will not work if the site relies on some weird non-standard feature of IE that no other browser on the planet has.

• HT2476 After updating to OS X Mountain Lion, there is a password locked pdf document in the Downloads Stack. Does anyone know what password is required to access this file?

  After updating to OS X Mountain Lion, there is a password locked pdf document in the Downloads Stack. Does anyone know what password is required to access this file?

  Hello, if your install disk is locked (I assume with FileVault) there is no way to change the password. If it weren't locked there were at least two solutions. As far as I know, the only solutions now are:
  - contact your dad
  - erase and reinstall the OS X clean
  Let us know.

• How to maintain code of 'requirement' of access sequences in SD pricing???

  Hi everyone,
  I have an assignment to maintain the code of 'requirement' of access sequence in SD pricing procedure...
  and I know that the 'requirements' are  pieces of code attached to an access sequence to determine whether or not a certain
  access level should be executed.
  And we can display the codes of SAP predefined 'requirements' with the TCODE VOFM,
  but when i try to enter new requirement number , it just terminated with a ERROR msg: u r not allow to maintain SAP standard requirement...blabla... So i am confused how to do this
  please help me, thanks...
  Richard

  Hello,
  This is due to requirement numbering...
  1 - 899 numbering reserve for SAP standard to be used...
  900 -> onwards are for customer specific enhancement
  Please try to use this...
  Thanks.