creating dynamic access control lists for a device: systemd and udev
Adam Williamson
awilliam at redhat.com
Tue Mar 27 18:00:19 UTC 2012
On Sun, 2012-03-25 at 13:22 +0100, Ian Malone wrote:
> Or indeed, if anyone can show me where this is documented. All I've
> managed to find with google are git commits and irrelevant mailing
> list fragments. systemd-logind isn't documented,
> /lib/udev/rules.d/70-uaccess.rules appears to deal with this, but what
> I've seen so far appears to say that udev handling of this is being
> deprecated for systemd,
70-uaccess.rules is in fact owned by systemd. This is the systemd
handling of it.
> also there are no suitable ID_ in there, which
> brings me back to the question of choosing suitable names. Is there a
> list of reserved names or naming rules? If you were creating
> site-specific rules presumably they could go in /etc/... To have the
> package for the software add its own rules would Fedora accept a new
> ID_ into wherever ID_ needs to go? (70-uaccess.rules?).
That is what you need, yes. AIUI, anyway. My experience with this is in
the context of libconcord, which handles Harmony remote controls; Kay
got ID_REMOTE_CONTROL added to udev (at the time) and 70-uaccess.rules
owned by systemd (now) for libconcord to use in its udev rules file.
> I assume that
> setting TAG+="uaccess" directly (assuming that's what's needed, is it?
> how should I know?) in a device rule would be frowned on.
I believe so, yeah. The idea is to handle categories of device together
so that admins can more easily customize the behaviour, I think.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
http://www.happyassassin.net
More information about the devel
mailing list