* Re: Bug#263079: udev: missing mknod on ppp
2004-08-02 23:11 ` Marco d'Itri
@ 2004-08-03 1:52 ` Alexander E. Patrakov
2004-08-03 8:35 ` Luke Kenneth Casson Leighton
2004-08-03 8:27 ` Luke Kenneth Casson Leighton
` (3 subsequent siblings)
4 siblings, 1 reply; 8+ messages in thread
From: Alexander E. Patrakov @ 2004-08-03 1:52 UTC (permalink / raw)
To: linux-hotplug
Marco d'Itri wrote:
> On Aug 03, Luke Kenneth Casson Leighton <lkcl@lkcl.net> wrote:
>
> > thank you for pointing me at the README.Debian because it makes
> > clear that for SE/Linux there are certain /dev entries that may not
> > get fired up by udev, and consequently won't have se/linux
> > permissions set!
>
> On debian, *all* devices are supposed to be created by udev if udev
> is installed (because /dev is a tmpfs). I don't know why /dev/ppp is
> not being created on your system.
>
Bedause the ppp-generic module is not autoloaded (put it into
/etc/modules or see below).
The same problem exists for all "non-hardware" modules. It can be solved
by explicitly loading all these non-hardware modules at system startup.
The following bootscriptlet loads all modules that potentially create
devices and don't need hardware (i.e. exactly those drivers that are
autoloaded on demand due to "char-major" aliases without udev):
KVERSION=`uname -r`
for module in `egrep '^alias (char|block)-major' \
/lib/modules/$KVERSION/modules.alias /etc/modprobe.conf | \
grep -v 1394 | awk '{print $3;}'`
do
modprobe $module
done
I think it should be a part of Debian udev package (add some blacklist
facility if you wish). "grep -v 1394" is because of the kernel bug
mentioned here:
http://lkml.org/lkml/2004/5/30/143
--
Alexander E. Patrakov
-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel
^ permalink raw reply [flat|nested] 8+ messages in thread* Re: Bug#263079: udev: missing mknod on ppp
2004-08-03 1:52 ` Alexander E. Patrakov
@ 2004-08-03 8:35 ` Luke Kenneth Casson Leighton
0 siblings, 0 replies; 8+ messages in thread
From: Luke Kenneth Casson Leighton @ 2004-08-03 8:35 UTC (permalink / raw)
To: Alexander E. Patrakov
Cc: Marco d'Itri, 263079, linux-hotplug-devel, SE-Linux
On Tue, Aug 03, 2004 at 07:52:25AM +0600, Alexander E. Patrakov wrote:
> Marco d'Itri wrote:
>
> > On Aug 03, Luke Kenneth Casson Leighton <lkcl@lkcl.net> wrote:
> >
> >> thank you for pointing me at the README.Debian because it makes
> >> clear that for SE/Linux there are certain /dev entries that may not
> >> get fired up by udev, and consequently won't have se/linux
> >> permissions set!
> >
> > On debian, *all* devices are supposed to be created by udev if udev
> > is installed (because /dev is a tmpfs). I don't know why /dev/ppp is
> > not being created on your system.
> >
> Bedause the ppp-generic module is not autoloaded (put it into
> /etc/modules or see below).
>
> The same problem exists for all "non-hardware" modules. It can be solved
> by explicitly loading all these non-hardware modules at system startup.
> The following bootscriptlet loads all modules that potentially create
> devices and don't need hardware (i.e. exactly those drivers that are
> autoloaded on demand due to "char-major" aliases without udev):
>
> KVERSION=`uname -r`
> for module in `egrep '^alias (char|block)-major' \
> /lib/modules/$KVERSION/modules.alias /etc/modprobe.conf | \
> grep -v 1394 | awk '{print $3;}'`
> do
> modprobe $module
> done
>
okay.
in addition to calling modprobe, it is necessary to set selinux
permissions.
now, modprobe has a pretty name, but the command to call up the module
contains no information about what node is going to be created in /dev.
therefore, we have a problem.
without the name of the inode, the only way to set the selinux file
permissions is to either guess or to just... endeavour to set the
whole lot with this:
setfiles /etc/selinux/.../file_contexts/file_contexts /dev
this is totally yuk, but is a last resort measure.
anyone got any better ideas?
does anyone know whether doing the modprobe above will result in a
hotplug event from the "non-hardware" devices, such that udev will
be triggered, and a restorecon or createcon performed correctly?
marco kindly mentioned to me that some devices haven't been hooked into
the pci-hotplug stuff yet.
l.
-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Bug#263079: udev: missing mknod on ppp
2004-08-02 23:11 ` Marco d'Itri
2004-08-03 1:52 ` Alexander E. Patrakov
@ 2004-08-03 8:27 ` Luke Kenneth Casson Leighton
2004-08-03 10:03 ` Marco d'Itri
` (2 subsequent siblings)
4 siblings, 0 replies; 8+ messages in thread
From: Luke Kenneth Casson Leighton @ 2004-08-03 8:27 UTC (permalink / raw)
To: Marco d'Itri; +Cc: 263079, linux-hotplug-devel, SE-Linux
On Tue, Aug 03, 2004 at 01:11:48AM +0200, Marco d'Itri wrote:
> On Aug 03, Luke Kenneth Casson Leighton <lkcl@lkcl.net> wrote:
>
> > thank you for pointing me at the README.Debian because it makes clear
> > that for SE/Linux there are certain /dev entries that may not get
> > fired up by udev, and consequently won't have se/linux permissions set!
> On debian, *all* devices are supposed to be created by udev if udev is
> installed (because /dev is a tmpfs).
> I don't know why /dev/ppp is not being created on your system.
this could have something to do with it: it looks like udev
is not quick enough to create the device node in time for pppd
to use it.
Aug 3 09:18:49 localhost udev[3255]: creating device node '/dev/ttyUSB0'
Aug 3 09:18:54 localhost pppd[3258]: pppd is unable to open the /dev/ppp device. You need to create the /dev/ppp device node by executing the following command as root: ^Imknod /dev/ppp c 108 0
Aug 3 09:19:02 localhost kernel: CSLIP: code copyright 1989 Regents of the University of California
Aug 3 09:19:02 localhost kernel: PPP generic driver version 2.4.2
Aug 3 09:19:02 localhost pppd[3270]: pppd 2.4.2 started by root, uid 0
Aug 3 09:19:02 localhost udev[3269]: creating device node '/dev/ppp'
>
> > i've had to modify /etc/init.d/udev to do a manual /sbin/restorecon on
> > all entries listed in /etc/udev/links.conf.
> This is a special-case, links.conf is supposed to be used *only* to
> create some symlinks and directories. I do not know enough about SE
> Linux to tell how it should be integrated with this.
i do.
i've patched my kernel to have tmpfs(shmfs) support se/linux
attributes.
_anything_ that goes into the /dev-mounted tmpfs _must_ have selinux
attributes set on them.
in the case of a persistent filesystem (ext2 etc) those attributes can
be set once, and subsequently ignored.
of course, with a tmpfs, then it's a bit like saying it's okay to
create entries in /dev with chmod 0000 and not calling chgrp,
we'll do it later sort of thing.
so any symlinks and directories, also you _must_ call /sbin/restorecon
or some equivalent.
i've patched udev-0.030 to do likewise: all inodes, all directories
(including subdirectories) and all symlinks in fact all creates,
are now created with the correct selinux context.
>
> > i have some vague and rushed recollection of forcibly doing an
> > /sbin/restorecon in /etc/init.d/modutils, too.
> /etc/init.d/modutils is 2.4.x stuff.
>
> > the issue is, therefore that /etc/init.d/modutils will endeavour to
> > manually install modules at startup - even before udev is run - and
> > it doesn't bother to set the selinux permissions.
> No, it will not: udev is run S04 and module-init-tools at S20 of rcS.d.
hm, then should that order be reversed, or do you think that
module-init-tools should be fixed?
(or other)
l.
-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel
^ permalink raw reply [flat|nested] 8+ messages in thread* Re: Bug#263079: udev: missing mknod on ppp
2004-08-02 23:11 ` Marco d'Itri
2004-08-03 1:52 ` Alexander E. Patrakov
2004-08-03 8:27 ` Luke Kenneth Casson Leighton
@ 2004-08-03 10:03 ` Marco d'Itri
2004-08-03 10:04 ` Marco d'Itri
2004-08-03 13:01 ` Alexander E. Patrakov
4 siblings, 0 replies; 8+ messages in thread
From: Marco d'Itri @ 2004-08-03 10:03 UTC (permalink / raw)
To: linux-hotplug
On Aug 03, "Alexander E. Patrakov" <patrakov@ums.usu.ru> wrote:
> Bedause the ppp-generic module is not autoloaded (put it into
I know. My fault then, I assumed that the user had RTFM as instructed.
> The same problem exists for all "non-hardware" modules. It can be solved
> by explicitly loading all these non-hardware modules at system startup.
I have already seen the code you propose, but it does much more than
this: it loads almost *all* modules and I'm not inclined to add this to
the default configuration.
The debian hotplug package, with my patches, is now able to autoload the
modules for most hardware (notably floppy and rtc too), so the only
non-autoloaded modules left are ppp_generic and loop.
Also, I do not believe that the udev init script should be in the
business of loading drivers.
--
ciao, |
Marco | [7411 pePSA8Hje7qDQ]
-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Bug#263079: udev: missing mknod on ppp
2004-08-02 23:11 ` Marco d'Itri
` (2 preceding siblings ...)
2004-08-03 10:03 ` Marco d'Itri
@ 2004-08-03 10:04 ` Marco d'Itri
2004-08-03 13:01 ` Alexander E. Patrakov
4 siblings, 0 replies; 8+ messages in thread
From: Marco d'Itri @ 2004-08-03 10:04 UTC (permalink / raw)
To: linux-hotplug
On Aug 03, Luke Kenneth Casson Leighton <lkcl@lkcl.net> wrote:
> does anyone know whether doing the modprobe above will result in a
> hotplug event from the "non-hardware" devices, such that udev will
> be triggered, and a restorecon or createcon performed correctly?
Yes, it will.
> > > the issue is, therefore that /etc/init.d/modutils will endeavour to
> > > manually install modules at startup - even before udev is run - and
> > > it doesn't bother to set the selinux permissions.
> > No, it will not: udev is run S04 and module-init-tools at S20 of
> > rcS.d.
> hm, then should that order be reversed, or do you think that
> module-init-tools should be fixed?
I see nothing broken here.
--
ciao, |
Marco | [7412 alLaOcAiVbgKs]
-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel
^ permalink raw reply [flat|nested] 8+ messages in thread* Re: Bug#263079: udev: missing mknod on ppp
2004-08-02 23:11 ` Marco d'Itri
` (3 preceding siblings ...)
2004-08-03 10:04 ` Marco d'Itri
@ 2004-08-03 13:01 ` Alexander E. Patrakov
4 siblings, 0 replies; 8+ messages in thread
From: Alexander E. Patrakov @ 2004-08-03 13:01 UTC (permalink / raw)
To: linux-hotplug
Marco d'Itri wrote:
> On Aug 03, "Alexander E. Patrakov" <patrakov@ums.usu.ru> wrote:
>>Bedause the ppp-generic module is not autoloaded (put it into
> I know. My fault then, I assumed that the user had RTFM as instructed.
>
>>The same problem exists for all "non-hardware" modules. It can be solved
>>by explicitly loading all these non-hardware modules at system startup.
>
> I have already seen the code you propose, but it does much more than
> this: it loads almost *all* modules and I'm not inclined to add this to
> the default configuration.
It loads the following:
the modules that it is intended to load (good, see the list below)
old cdrom drivers (bad)
watchdogs (very bad)
> The debian hotplug package, with my patches, is now able to autoload the
> modules for most hardware (notably floppy and rtc too), so the only
> non-autoloaded modules left are ppp_generic and loop.
You are an optimist. The more complete list of undetectable (and
unloadable with udev) non-hardware modules in Debian Sarge that want to
create devices is:
microcode
apm
ppdev
nvram
lp
loop
tun
ppp-generic
(not sure if I want to see sg here)
The list is rather short :) so they look like good candidates for
/etc/modules. Also please solve the snd-pcm-oss-and-the-like problem:
add the following to modprobe.conf when installing udev:
install snd-pcm modprobe -i snd-pcm ; modprobe snd-pcm-oss ; true
install snd-seq modprobe -i snd-seq ; modprobe snd-seq-oss ; true
install parport modprobe -i parport ; modprobe lp ; modprobe \
ppdev ; true
install mptbase modprobe -i mptbase ; modprobe mptscsih ; modprobe \
mptctl ; modprobe mptlan ; true
install scsi-mod modprobe -i scsi-mod ; modprobe sd-mod ; modprobe \
sr-mod ; true # sg may be better added here
The problem is that module autoloading due to char-majors breaks with
udev, and no package wants to load them instead. So you have virtually
no choice: either put these entries into /etc/modules at udev
installation (maybe after asking the user a question), or make a new
package (that contains just these /etc/modules entries) and make the
udev package recommend it, or just leave the current broken situation.
--
Alexander E. Patrakov
-------------------------------------------------------
This SF.Net email is sponsored by OSTG. Have you noticed the changes on
Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now,
one more big change to announce. We are now OSTG- Open Source Technology
Group. Come see the changes on the new OSTG site. www.ostg.com
_______________________________________________
Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel
^ permalink raw reply [flat|nested] 8+ messages in thread