ownership of devices
Charles Lopes
tjarls at iee.lu
Tue Sep 20 10:06:59 UTC 2005
Bill Nottingham wrote:
>Ignacio Vazquez-Abrams (ivazquez at ivazquez.net) said:
>
>
>>>The only problem is that apparently it is hard for an rpm to add a group
>>>when a system is being upgraded between distros; ie, while anaconda
>>>could add this new group just fine, people doing a dist upgrade, it is
>>>claimed, will not get this group installed.
>>>
>>>
>>I seem to recall a long-winded discussion about the fedora-usermgmt
>>package. Perhaps it's time to move it into Core and make it responsible
>>for creating the groups if needed.
>>
>>
>
>Dynamically modified groups + setgid programs are a poor solution for
>device access.
>
>Runtime ACLs done via HAL is probably a better solution - I remember
>Colin having some ideas in this area.
>
>Bill
>
>
>
Do you mean using the extended POSIX ACLs instead of just the base ACLs
(traditional unix perms). Otherwise there would be limitations in
sharing a device between users. Should /dev be always in a filesystem
mounted with acl support? Some people might use tmpfs or ramfs for /dev.
Do they support ACLs? What about devpts or capifs?
All in all, I would love to see ACLs used in /dev. That could solve some
other minor problems like the ownership of /dev/tty* when doing a "su"
from root for example.
Charles
More information about the fedora-devel-list
mailing list