Devices and permissions

[Matias Féliciano]

Le mercredi 20 octobre 2004 à 13:48 +0200, Alain PORTAL a écrit :
> Hi Nils, thanks for your answer.
> 
> Le mercredi 20 Octobre 2004 11:32, Nils Philippsen a écrit :
> 
> > So is it a client or a server application?
> 
> Perhaps I need to tell more about this application: this is an IDE for the 
> developpement of Microchip PIC based applications. This IDE also can program 
> chip devices through serial or paralell ports programmers.
> http://pikdev.free.fr/
> So, logged user need to access to the serial/paralell ports in RW mode.
> We should consider that is a client application.
> 
> > If it's a client application, 
> > all users who want to use it must have the permissions, either by
> > belonging to a special group or /etc/security/console.perms trickeries.
> 
> Create a special group doesn't seem to me a good idea because if a new user is 
> added after the package installation, he won't belong to the new group and 
> administrator will need to add him manually.
> I prefer a solution where all users can use the application by default.
> 
> So, using /etc/security/console.perms seems the best way.
> Here is my purposal:
> 
> # device classes 
> <serialport>=/dev/ttyS[0-9]
> <paralellport>=/dev/parport[0-7]
> 
> # permission definitions
> <console>  0600 <serialport>      0660 root.uucp
> <console>  0600 <paralellport>    0660 root.lp
> 
> Does it seem right for you?
> 
> How can I add/remove these lines via rpm (un)installation?
> 

With Perl, sed ...

Personally, I don't like that third party package touch security files.
Put some instructions in README or INSTALL file and let the
administrator do his job :-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message
	=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20041020/736d2066/attachment-0002.bin