From mboxrd@z Thu Jan 1 00:00:00 1970 From: Frank Steiner Date: Wed, 27 Oct 2004 05:59:40 +0000 Subject: Re: permissions: udev vs. pam_devperm.so Message-Id: <417F394C.6010401@bio.ifi.lmu.de> List-Id: References: <417DF0A8.2060108@bio.ifi.lmu.de> In-Reply-To: <417DF0A8.2060108@bio.ifi.lmu.de> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: linux-hotplug@vger.kernel.org Kay Sievers wrote >>Just one comment: >>Having "hdc*:root:disk:660" in udev.permissions and calling "udevstart" >>will always set /dev/hdc to root:disk and 600. With owner and group >>fields empty, udevstart will not change the owner and the group. I'm >>not sure if udevstart triggers "add" events, likely not? > > > Sure, udevstart simulates a "add" event for every device it can find. I > can't reproduce the failure. I expect you have a earlier line matching in > one of your .permissions files. > udev searches the list from the top and the first match will make it. Do > you have "hd*:..." or similar before the "hdc*"? No, but I don't see a failure here (except that I wrote the permission was set to 600. Sorry, it was indeed changed to 660 like defined. Sorry for the confusion). With your explanation it seems correct that udevstart sets the owner and permission back to the values defined in the permissions file, if it triggers an "add" for every device. >>With the permission field empty, udevstart will set the permissions >>to 000, although udev.conf specifies 0600 as default, so I guess this >>is wrong... > > > Yes, it is wrong. We only apply the defaults if we don't match any rule. > The attached patch should fix this. Yes, that works. Thanks! Now I can just remove the values from the permission lines for all entries pam_devperm handles on login. And whenever udev works on one of these devices (like detecting /dev/hdc as block device after the user logged in), it won't change the permissions if the device already exists. So that's indeed the feature I needed :-) cu, Frank -- Dipl.-Inform. Frank Steiner Web: http://www.bio.ifi.lmu.de/~steiner/ Lehrstuhl f. Bioinformatik Mail: http://www.bio.ifi.lmu.de/~steiner/m/ LMU, Amalienstr. 17 Phone: +49 89 2180-4049 80333 Muenchen, Germany Fax: +49 89 2180-99-4049 * Rekursion kann man erst verstehen, wenn man Rekursion verstanden hat. * ------------------------------------------------------- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_idU88&alloc_id065&op=click _______________________________________________ Linux-hotplug-devel mailing list http://linux-hotplug.sourceforge.net Linux-hotplug-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel