| 1 |
Hi there! |
| 2 |
|
| 3 |
As you all know up to now we have our very own rules file 50-udev.rules |
| 4 |
This is good for getting our specials - but bad from maintainance view. |
| 5 |
|
| 6 |
So here we are: |
| 7 |
In udev git-gtree suse and redhat rules are already merged. |
| 8 |
But they use a different permission / group system than we have, they have |
| 9 |
less groups and assign some desktop permissions via pam_console. |
| 10 |
|
| 11 |
I also got all of our rules files (except 50-udev.rules) merged with what the |
| 12 |
other distros use (already in git). |
| 13 |
|
| 14 |
Slackware has already started merging the rules with this "upstream" common |
| 15 |
rules, and they also are more near to our approach by using groups for |
| 16 |
audio/tape/cdrom/... |
| 17 |
But I have not yet seen their rules yet. So for now we are on our own. |
| 18 |
|
| 19 |
So before doing to much work we should get a sane concept. |
| 20 |
And for that concept we need: |
| 21 |
* A (maybe formal) definition what each group should be used for |
| 22 |
* what devices it contains (if not obvious) |
| 23 |
* if permissions should be read/read-write for the group |
| 24 |
* and nothing/read for world. |
| 25 |
|
| 26 |
The question arises as we use MODE=660 for most groups but upstream does 640 |
| 27 |
most of the time. |
| 28 |
|
| 29 |
|
| 30 |
This are the groups. |
| 31 |
1. audio |
| 32 |
All alsa and oss devices. |
| 33 |
Rules are not contained in upstream rules - they will in future be installed |
| 34 |
by media-libs/alsa-lib |
| 35 |
And upstream split of file for also also does not contain this group |
| 36 |
but sure it should keep MODE=660 / group audio |
| 37 |
(Or should we still support oss without having alsa installed) |
| 38 |
|
| 39 |
2. cdrom |
| 40 |
Used for all cdrom/cdwriter devices and for scsi also the associated sg |
| 41 |
device. |
| 42 |
MODE=660 |
| 43 |
Upstream has no such group - member of disk for them. |
| 44 |
|
| 45 |
3. cdrw |
| 46 |
Only used for pktcdvd with MODE=660 |
| 47 |
Should this be merged into group cdrom? |
| 48 |
|
| 49 |
4. disk |
| 50 |
Contains every device with SUBSYSTEM==block, with MODE=660 |
| 51 |
the raw-devices (still needed?) |
| 52 |
+ some devices needed for ata-over-ethernet (with modes 220 or 440) |
| 53 |
Upstream uses MODE=640 (Like old unix group for backup usage). |
| 54 |
|
| 55 |
5. floppy |
| 56 |
The fd* devices, MODE=660 |
| 57 |
Upstream uses MODE=640 |
| 58 |
|
| 59 |
6. lp |
| 60 |
Used for all *lp* and parport devices with MODE=660 |
| 61 |
Upstream uses it same way. |
| 62 |
|
| 63 |
7. tape |
| 64 |
Contains all tape devices with MODE=660. |
| 65 |
Upstream has no such group - member of disk group. |
| 66 |
|
| 67 |
8. tty |
| 68 |
Same usage as upstream (maybe only very slight changes) |
| 69 |
|
| 70 |
9. usb |
| 71 |
Devices for libusb (/dev/bus/usb/...) with MODE=664. |
| 72 |
+ legousbtower device |
| 73 |
Upstream has no such group but has libusb stuff root:root with MODE=644 |
| 74 |
|
| 75 |
If default world permission is reading then every package changing permissions |
| 76 |
here (like gphoto, iscan, sane) should also keep world-read I think! |
| 77 |
|
| 78 |
|
| 79 |
10. uucp |
| 80 |
serial devices, isdn and more for dialout usage MODE=660 |
| 81 |
Upstream uses it same way. |
| 82 |
|
| 83 |
11. video |
| 84 |
A lot of misc stuff: dri/card*, nvidia, 3dfx, framebuffer, ieee1394, v4l, dvb |
| 85 |
with MODE=660 |
| 86 |
Upstream has no such group - they keep group at root and grant access via pam. |
| 87 |
|
| 88 |
|
| 89 |
|
| 90 |
Groups we do not use yet: |
| 91 |
|
| 92 |
12. kmem |
| 93 |
Upstream uses it for /dev/mem /dev/kmem /dev/port with MODE=640 |
| 94 |
Should be ok to use - we have group=root, MODE=640 for now |
| 95 |
|
| 96 |
|
| 97 |
Matthias |
| 98 |
|
| 99 |
-- |
| 100 |
Matthias Schwarzott (zzam) |
| 101 |
-- |
| 102 |
gentoo-dev@g.o mailing list |
Archives