From: Kay Sievers <kay.sievers@vrfy.org>
To: linux-hotplug@vger.kernel.org
Subject: Re: permissions: udev vs. pam_devperm.so
Date: Tue, 26 Oct 2004 12:25:07 +0000 [thread overview]
Message-ID: <1098793507.9714.49.camel@localhost.localdomain> (raw)
In-Reply-To: <417DF0A8.2060108@bio.ifi.lmu.de>
On Tue, 2004-10-26 at 08:37 +0200, Frank Steiner wrote:
> when logging in via kdm on our SuSE, the pam_devperm module sets
> permissions and owner of local devices like /dev/hdc (for cdrom). So
> if user "bart" logs in, he get
>
> brw------- 1 bart disk 22, 0 Sep 23 2003 /dev/hdc
>
>
> But on some events like calling k3b etc., hotplug/udev sometimes jump
> in (not always) an re-detect the block device /dev/hdc, thus setting
> the permissions back to the defaults:
>
> brw-rw---- 1 root disk 22, 0 Sep 23 2003 /dev/hdc
>
> This stops user bart from accessing the cdrom for burning etc.
>
> Can I tel udev to leave the permission of *existing* nodes untouched?
> I figured out that I could set the line in the permissions file to
>
> hdc*:::660
>
> but the drawback is that udev will create /dev/hdc with the defaults
> root:root and 600 like defined in udev.conf, and not with root:disk 660
> like it should when no local user is logged in.
Empty fields mean default permissions, so this will not work. udev will
overwrite everything on "add". Only the inode may be preserved, if the
node already exists with the correct major/minor.
> Any way to achieve that? Like a flag "leave node untouched if it exists"?
There is currently no way to tell udev about this. But this job can be
done by a script in /etc/dev.d/. This will work with custom names too.
Best,
Kay
-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel
next prev parent reply other threads:[~2004-10-26 12:25 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-10-26 6:37 permissions: udev vs. pam_devperm.so Frank Steiner
2004-10-26 12:25 ` Kay Sievers [this message]
2004-10-26 12:30 ` Frank Steiner
2004-10-26 13:16 ` Kay Sievers
2004-10-26 13:20 ` Frank Steiner
2004-10-26 13:49 ` Frank Steiner
2004-10-26 14:47 ` Kay Sievers
2004-10-26 14:57 ` Kay Sievers
2004-10-27 0:02 ` Kay Sievers
2004-10-27 5:59 ` Frank Steiner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1098793507.9714.49.camel@localhost.localdomain \
--to=kay.sievers@vrfy.org \
--cc=linux-hotplug@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).