In /etc/security/console.perms, there is a
section with lines like:
<floppy>=/dev/fd[0-1]* \
/dev/floppy/* /mnt/floppy*
<sound>=/dev/dsp* /dev/audio* /dev/midi* \
/dev/mixer* /dev/sequencer \
/dev/sound/* /dev/beep \
/dev/snd/*
<cdrom>=/dev/cdrom* /dev/cdroms/* /dev/cdwriter* /mnt/cdrom* |
You can add your own lines to this section, if necessary. Make sure
that any lines you add refer to the appropriate device. For example,
you could add the following line:
<scanner>=/dev/scanner /dev/usb/scanner* |
(Of course, make sure that /dev/scanner is really
your scanner and not, say, your hard drive.)
That is the first step. The second step is to define what is done with
those files. Look in the last section of
/etc/security/console.perms for lines similar to:
<console> 0660 <floppy> 0660 root.floppy
<console> 0600 <sound> 0640 root
<console> 0600 <cdrom> 0600 root.disk |
and add a line like:
<console> 0600 <scanner> 0600 root |
Then, when you log in at the console, you are given ownership of the
/dev/scanner device with the permissions of 0600
(readable and writable by you only). When you log out, the device is
owned by root and still has the permissions 0600 (now readable and
writable by root only).