Re: udev rules for new firewire driver stack

[Stefan Richter <stefanr@s5r6.in-berlin.de>]

David Moore wrote:
> On Wed, 2008-08-20 at 22:57 +0200, Stefan Richter wrote:
>> David Moore wrote:
>>> On Wed, 2008-08-20 at 21:39 +0200, Stefan Richter wrote:
>>>> SUBSYSTEM="firewire", ATTR{specifier_id}="0x00a02d", ATTR{version}="0x010001",\
>>>>  PROGRAM="/bin/chgrp video /dev/%P"
>>>>
>>> I tried playing with rules like this about a year ago, but it didn't
>>> work because the spec_id was only available in the child nodes of the
>>> firewire device, so udev couldn't match on it (see more below).  Has
>>> that changed so these work now?
>> This hasn't changed; hence I use chgrp on %P which is the parent.
>>
>> I.e. these rules trigger on fwX.Y events but modify the (then already 
>> existing) /dev/fwX file.
>>
> 
> Okay, I see.  The reason that didn't work on Fedora 7 was that a SYMLINK
> rule can't use this %P trick since the target of the symlink can't be
> overriden (at least to my knowledge).  And Fedora didn't like putting
> chgrp commands directly in the udev rule since there was some PAM
> console.perms magic elsewhere that dealt with the chgrping all in one
> place based on filename.
> 
> Of course, for Fedora at least, all that is moot now since the PAM magic
> is replaced with PolicyKit magic.  I'm not sure if other distributions
> still use console.perms.

The simplest alternative would of course just be

     SUBSYSTEM="firewire", GROUP="video"
or
     KERNEL="fw[0-9]*", GROUP="video"

or an equivalent PAM or CamelCaseKit based approach.  This would leave 
an opportunity unused to improve device security relative to raw1394, 
but that's not a big deal.

Another alternative is that we add a sysfs attribute to the parent 
device, e.g. one which contains a list of the specifier:version tuples 
of all unit directories of a node --- if that would make life easier for 
integrators.
-- 
Stefan Richter
-===-=--- =--- =-=-http://arcgraph.de/sr/