Overriding permissions from udev sample rules
bruce.dubbs at gmail.com
Sun Oct 14 08:56:51 PDT 2007
Bryan Kadzban wrote:
> Or use :=, but that's what I was trying to avoid if possible. There are
> a few other differences between our permissions (or groups) and udev's,
> which I was hoping to override by moving 25- to 51- and leaving those
> rules alone.
Using :+ or "last_rule" really shouldn't be that big a deal. Besides,
it is educational if someone analyzes the file. The udev ducumentation
says that "I suggest you create a file at
/etc/udev/rules.d/10-local.rules and write all your rules into this
file." Looking at other distros, several seem to use 40, but several
have a 64 too.
Speaking of that, Kay has debian, gentoo, frugalware, redhat, etc.
Maybe if we sent him the LFS rules, he would include them too. Just a
> One instance is everywhere that udev assigns "uucp", we seem to assign
> "dialout" instead. I think that's because we have no "uucp" group.
Yes. uucp is an anachronism, but most still use it. RedHat seems to use
it for a lot of serial devices, but we just use dialout for that.
Actually dialout is a bit dated too. Who uses a modem any more? Not
anyone I know.
We could override that group with a 64- file or use :=.
Another option is to revert to uucp. The only place that dialout is in
the book is section 6.6 and then it is only in a cat > /etc/group <<
"EOF". It is not explained there. It is also not mentioned in BLFS at
all. This may be the simplest route as the custom rules could jsut not
mention this at all.
> Another is all the input devices: we assign 0644, but udev assigns 0640
> or 0600, depending on the device. I'd rather not have to be a member of
> a certain group in order to test input devices. Another is agpgart:
> udev assigns 0600, but we assign 0666. (This may not matter, since X is
> setuid root.) The last two are disk and tape devices: udev assigns tape
> devices to group "disk" instead of "tape", and disk devices get mode
> 0640 instead of our 0660.
I would think that the simpler we make our rules, the better. For
comparison RedHat only has 15 rules in 40- and 1 rule in 64- (and that
is for pam and wouldn't apply to LFS). Similarly, suse has 11 rules in
40- and all the rules in 64- apply to something called device-mapper
that doesn't apply to LFS.
> All of those can be overridden if we move our rules to 51-; just the TTY
> devices can't be. So if we want to go with udev's permissions for TTYs
> (which sound like they'd probably work), then that should be fine.
Looking at other distros, I'm not sure anymore if we need any custom
rules at all. I haven't looked at it in detail, but suse only changes
some groups to video and redhat generally sets some symlinks and changes
the owner and group of vc* devices. All this customization would depend
on non-LFS packages. I see it rare, if at all, that BLFS would need to
address the issue.
More information about the lfs-dev