IOCTL WACKINESS
Some users will encounter a situation where beep dies with a complaint from ioctl(). The reason for this, as Peter Tirsek was nice enough to point out to me, stems from how the kernel handles beep’s attempt to poke at (for non-programmers: ioctl is a sort of catch-all function that lets you poke at things that have no other predefined poking-at mechanism) the tty, which is how it beeps. The short story is, the kernel checks that either:
- you are the superuser
- you own the current tty
What this means is that root can always make beep work (to the best of my knowledge!), and that any local user can make beep work, BUT a non-root remote user cannot use beep in it’s natural state. What’s worse, an xterm, or other x-session counts, as far as the kernel is concerned, as ’remote’, so beep won’t work from a non-priviledged xterm either. I had originally chalked this up to a bug, but there’s actually nothing I can do about it, and it really is a Good Thing that the kernel does things this way. There is also a solution.
By default beep is not installed with the suid bit set, because that would just be zany. On the other hand, if you do make it suid root, all your problems with beep bailing on ioctl calls will magically vanish, which is pleasant, and the only reason not to is that any suid program is a potential security hole. Conveniently, beep is very short, so auditing it is pretty straightforward.
Decide for yourself, of course, but it looks safe to me - there’s only one buffer and fgets doesn’t let it overflow, there’s only one file opening, and while there is a potential race condition there, it’s with /dev/console.
If someone can exploit this race by replacing /dev/console, you’ve got bigger problems.
So the quick, only, and likely safe solution if beep is not beeping when you want it to is (as root):
# chmod 4755 /usr/bin/beep
(or wherever you put it)
The one snag is that this will give any little nitwit the ability to run beep successfully - make sure this is what you want. If it isn’t, a slightly more complex fix would be something like:
# chgrp beep /usr/bin/beep
# chmod 4750 /usr/bin/beep
and then add only beep-worthy users to the ’beep’ group.