Hi Marco! Marco d'Itri [2004-11-09 19:32 +0100]: > On Nov 09, Martin Pitt <[EMAIL PROTECTED]> wrote: > > > We solved (4) by introducing a new group called 'plugdev'. Every user > > who is a member of this group can access hotpluggable devices (digital > > cameras, USB drives etc.). pmount can only be executed by members of > > this group (it is root:plugdev 750), hal runs in this group to be able > > to detect file systems (but it does not run in 'disk'), and udev > > assigns the 'plugdev' group to removable devices (static drives remain > > in group 'disk'). > I'm not sure about what I should do as the udev maintainer. The default > udev configuration does not really know for sure if a given device is > removable.
Our /etc/udev/udev.rules has two new rules directly after the cdrom
and floppy rules:
# put removable IDE/SCSI devices into group 'plugdev' instead of 'disk'
BUS="scsi", KERNEL="sd[a-z]*", PROGRAM="/etc/udev/removable.sh %k", RESULT="1",
NAME="%k", MODE="0660", GROUP="plugdev"
BUS="ide", KERNEL="hd[a-z]*", PROGRAM="/etc/udev/removable.sh %k", RESULT="1",
NAME="%k", MODE="0660", GROUP="plugdev"
The removable.sh shell script (pasted below) returns whether a device
is actually removable by looking at the "removable" sysfs attribute.
However, this attribute was introduced in the kernel not before 2.6.8.
This is okay for Ubuntu since it ships with 2.6.8.1, and since even
Sarge ships with 2.6.8.1 (at some architectures at least), Etch will
certainly use 2.6.8+ as standard kernel. BTW, I do not want to force
this solution into Sarge, it is too late in the release cycle for such
changes (pmount has an RC bug to prevent Sarge migration).
However, this udev modification is safe even on older kernels; the
script will always return 0 there, which effectively disables above
rules. If devices are not in the plugdev group, but rather in "disk",
the following features will not work:
- pmount will refuse to mount PCMCIA drives since they look like
normal IDE adapters; mounting USB and FireWire devices will still
work, though, because pmount then checks the sysfs ancestry for
USB/FireWire nodes.
- Media checking will not work (e. g. hal will not recognize the
insertion of a card into an USB card reader), because hal does not
run in the "disk" group.
- hal will be unable to detect file systems and device labels on the
removeable devices for the same reason (not being in "disk").
- Users will be unable to partition, format, and label their USB
devices.
So hal/pmount/g-v-m will still be able to mount USB sticks, USB hard
drives, iPods, and so on, but will lack some reasonably important
features.
Martin
----------- /etc/udev/removable.sh -----------------------
#!/bin/sh -e
# print "1" if device $1 is removable, "0" otherwise.
# The "removable" attribute appeared in Linux 2.6.8; this script will always
# print "0" for earlier kernels.
DEV="${1%[0-9]*}"
REMOVABLE="/sys/block/$DEV/removable"
if [ -e "$REMOVABLE" ]; then
cat "$REMOVABLE"
else
echo "0"
fi
exit 0
----------------------------------------------------------
--
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntulinux.org
Debian GNU/Linux Developer http://www.debian.org
signature.asc
Description: Digital signature
