Re: What changes my device permissions

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Michal Nazarewicz <mina86@tlen.pl>
To: Christoph Pleger <Christoph.Pleger@cs.tu-dortmund.de>
Cc: linux-admin@vger.kernel.org
Subject: Re: What changes my device permissions
Date: Tue, 08 Jun 2010 13:50:30 +0200	[thread overview]
Message-ID: <87eighg2ux.fsf@erwin.mina86.com> (raw)
In-Reply-To: <20100608122037.175176ca.Christoph.Pleger@cs.tu-dortmund.de> (Christoph Pleger's message of "Tue, 8 Jun 2010 12:20:37 +0200")

[-- Attachment #1: Type: text/plain, Size: 1256 bytes --]

Christoph Pleger <Christoph.Pleger@cs.tu-dortmund.de> writes:

> Hello,
>
> I have been using pam_devperm for a long time. If pam_devperm is
> configured like I did, it causes that, when a user logs in on :0, the
> permissions and ownerships of some device nodes in /dev are changed so
> that the device file belongs to the user on :0 and has permissions
> 600. Now, I upgraded to a new OS version and found, that after logging
> in on :0, some of the device file have permissions 660, not 600. It
> seems that, after pam_devperm has changed the permissions to 600, some
> other process resets them to 660.
>
> How can I find out what is changing the device permissions?

There's the hard way: use process accounting.

There's also easier way which *might* work: provide a shell wrapper for
chmod, like so:

$ : >/tmp/chmod-log && chmod 666 /tmp/chmod-log
$ cd /usr/bin
$ mv chmod chmod-
$ cat >chmod <<EOF
#!/bin/sh
echo "$@" >>/tmp/log
/usr/bin/chmod- "$@"
EOD

-- 
Best regards,                                         _     _
 .o. | Liege of Serenly Enlightened Majesty of      o' \,=./ `o
 ..o | Computer Science,  Michal "mina86" Nazarewicz   (o o)
 ooo +--<mina86-tlen.pl>--<jid:mina86-jabber.org>--ooO--(_)--Ooo--

[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]

next prev parent reply	other threads:[~2010-06-08 11:50 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-06-08 10:20 What changes my device permissions Christoph Pleger
2010-06-08 11:50 ` Michal Nazarewicz [this message]
2010-06-08 14:42   ` Christoph Pleger

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=87eighg2ux.fsf@erwin.mina86.com \
    --to=mina86@tlen.pl \
    --cc=Christoph.Pleger@cs.tu-dortmund.de \
    --cc=linux-admin@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.