| 1 |
÷ Fri, 07 Mar 2014 21:17:20 +0200 |
| 2 |
Samuli Suominen <ssuominen@g.o> ÐÉÛÅÔ: |
| 3 |
|
| 4 |
> - sys-apps/systemd has it's own service to handle /dev/rfkill from |
| 5 |
> 99-systemd.rules we don't install with sys-fs/udev: |
| 6 |
> |
| 7 |
> SUBSYSTEM=="rfkill", TAG+="systemd", IMPORT{builtin}="path_id", |
| 8 |
> ENV{SYSTEMD_WANTS}+="systemd-rfkill@$name.service" |
| 9 |
> |
| 10 |
|
| 11 |
The above rule from systemd just run a special unit which |
| 12 |
saves/restores rfkill state across reboots. It has nothing to do |
| 13 |
with permissions of device nodes and/or ACLs. |
| 14 |
|
| 15 |
> - so this is about sys-fs/udev (and perhaps, sys-auth/consolekit for |
| 16 |
> ACLs) |
| 17 |
> - since the udev .rules are not application specific, we should |
| 18 |
> control it from sys-fs/udev's /lib/udev/rules.d/40-gentoo.rules |
| 19 |
> - sys-fs/udev leaves it to root:root as: |
| 20 |
> |
| 21 |
> KERNEL=="rfkill", MODE="0664" |
| 22 |
> |
| 23 |
> - third party packages like mate-bluetooth, gnome-bluetooth install |
| 24 |
> both their own udev .rules to adjust /dev/rfkill to plugdev: |
| 25 |
> |
| 26 |
> KERNEL=="rfkill", GROUP="plugdev", MODE="0664" |
| 27 |
> |
| 28 |
> So I'd like to propose some unification: |
| 29 |
> |
| 30 |
> I don't have a system with /dev/rfkill unfortunately to test this, |
| 31 |
> but I believe we should add this to 40-gentoo.rules and create group |
| 32 |
> 'rfkill': |
| 33 |
> |
| 34 |
> SUBSYSTEM=="rfkill", GROUP="rfkill", MODE="0664" |
| 35 |
> |
| 36 |
> And this line would go as /lib/udev/rules.d/70-gentoo-acl.rules (as |
| 37 |
> the original filename in upstream ConsoleKit is 70-udev-acl.rules): |
| 38 |
> |
| 39 |
> SUBSYSTEM=="rfkill", TAG+="udev-acl" |
| 40 |
> |
| 41 |
> So that it would then look like: |
| 42 |
> |
| 43 |
> $ ls -ld /dev/rfkill |
| 44 |
> crw-rw----+ 1 root rfkill 116, 1 Feb 21 16:27 /dev/rfkill |
| 45 |
> |
| 46 |
> Notice the "+" there for ACLs if user is active (logged in using |
| 47 |
> ConsoleKit): |
| 48 |
> |
| 49 |
> $ getfacl -a /dev/rfkill |
| 50 |
> # file: dev/rfkill |
| 51 |
> # owner: root |
| 52 |
> # group: rfkill |
| 53 |
> user::rw- |
| 54 |
> user:ssuominen:rw- |
| 55 |
> group::rw- |
| 56 |
> mask::rw- |
| 57 |
> other::--- |
| 58 |
> |
| 59 |
> I didn't actually run that just on /dev/rfkill, but I took an example |
| 60 |
> from /dev/snd/seq, and edited those at this mail. |
| 61 |
> |
| 62 |
> I'd like someone with /dev/rfkill to test I'm right, if possible, and |
| 63 |
> verify no other cruft is interfering with it (like those of installed |
| 64 |
> by those apps I mentioned, `grep rfkill /lib/udev/rules.d/*`) |
| 65 |
> |
| 66 |
> Any thoughts? |
| 67 |
> |
| 68 |
|
| 69 |
|
| 70 |
-- |
| 71 |
Alexander Tsoy |
Archives