В Fri, 07 Mar 2014 21:17:20 +0200
Samuli Suominen <ssuomi...@gentoo.org> пишет:
> - sys-apps/systemd has it's own service to handle /dev/rfkill from
> 99-systemd.rules we don't install with sys-fs/udev:
>
> SUBSYSTEM=="rfkill", TAG+="systemd", IMPORT{builtin}="path_id",
> ENV{SYSTEMD_WANTS}+="systemd-rfkill@$name.service"
>
The above rule from systemd just run a special unit which
saves/restores rfkill state across reboots. It has nothing to do
with permissions of device nodes and/or ACLs.
> - so this is about sys-fs/udev (and perhaps, sys-auth/consolekit for
> ACLs)
> - since the udev .rules are not application specific, we should
> control it from sys-fs/udev's /lib/udev/rules.d/40-gentoo.rules
> - sys-fs/udev leaves it to root:root as:
>
> KERNEL=="rfkill", MODE="0664"
>
> - third party packages like mate-bluetooth, gnome-bluetooth install
> both their own udev .rules to adjust /dev/rfkill to plugdev:
>
> KERNEL=="rfkill", GROUP="plugdev", MODE="0664"
>
> So I'd like to propose some unification:
>
> I don't have a system with /dev/rfkill unfortunately to test this,
> but I believe we should add this to 40-gentoo.rules and create group
> 'rfkill':
>
> SUBSYSTEM=="rfkill", GROUP="rfkill", MODE="0664"
>
> And this line would go as /lib/udev/rules.d/70-gentoo-acl.rules (as
> the original filename in upstream ConsoleKit is 70-udev-acl.rules):
>
> SUBSYSTEM=="rfkill", TAG+="udev-acl"
>
> So that it would then look like:
>
> $ ls -ld /dev/rfkill
> crw-rw----+ 1 root rfkill 116, 1 Feb 21 16:27 /dev/rfkill
>
> Notice the "+" there for ACLs if user is active (logged in using
> ConsoleKit):
>
> $ getfacl -a /dev/rfkill
> # file: dev/rfkill
> # owner: root
> # group: rfkill
> user::rw-
> user:ssuominen:rw-
> group::rw-
> mask::rw-
> other::---
>
> I didn't actually run that just on /dev/rfkill, but I took an example
> from /dev/snd/seq, and edited those at this mail.
>
> I'd like someone with /dev/rfkill to test I'm right, if possible, and
> verify no other cruft is interfering with it (like those of installed
> by those apps I mentioned, `grep rfkill /lib/udev/rules.d/*`)
>
> Any thoughts?
>
--
Alexander Tsoy
