2022-11-11 00:15:43 +00:00
|
|
|
From 0e8c18bc2639da328274d02d9222ee2c1f6bf696 Mon Sep 17 00:00:00 2001
|
2018-03-08 01:30:53 +00:00
|
|
|
From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
|
|
|
|
Date: Tue, 6 Mar 2018 23:39:47 +0100
|
|
|
|
Subject: [PATCH] Use Arch Linux' device access groups
|
2022-11-11 00:15:43 +00:00
|
|
|
MIME-Version: 1.0
|
|
|
|
Content-Type: text/plain; charset=UTF-8
|
|
|
|
Content-Transfer-Encoding: 8bit
|
2018-03-08 01:30:53 +00:00
|
|
|
|
|
|
|
cdrom → optical
|
|
|
|
dialout → uucp
|
|
|
|
tape → storage
|
|
|
|
---
|
2021-07-11 23:24:27 +00:00
|
|
|
meson.build | 6 +++---
|
|
|
|
meson_options.txt | 12 ++++++------
|
2019-12-04 19:22:14 +00:00
|
|
|
rules.d/50-udev-default.rules.in | 14 +++++++-------
|
2021-04-01 20:23:39 +00:00
|
|
|
sysusers.d/basic.conf.in | 6 +++---
|
2021-07-11 23:24:27 +00:00
|
|
|
4 files changed, 19 insertions(+), 19 deletions(-)
|
2018-03-08 01:30:53 +00:00
|
|
|
|
2021-07-11 23:24:27 +00:00
|
|
|
diff --git a/meson.build b/meson.build
|
2022-11-11 00:15:43 +00:00
|
|
|
index 76ad51d3fb..5cf679b088 100644
|
2021-07-11 23:24:27 +00:00
|
|
|
--- a/meson.build
|
|
|
|
+++ b/meson.build
|
2022-11-11 00:15:43 +00:00
|
|
|
@@ -915,19 +915,19 @@ conf.set_quoted('NOBODY_GROUP_NAME', nobody_group)
|
2021-07-11 23:24:27 +00:00
|
|
|
static_ugids = []
|
|
|
|
foreach option : ['adm-gid',
|
|
|
|
'audio-gid',
|
|
|
|
- 'cdrom-gid',
|
|
|
|
- 'dialout-gid',
|
|
|
|
'disk-gid',
|
|
|
|
'input-gid',
|
|
|
|
'kmem-gid',
|
|
|
|
'kvm-gid',
|
|
|
|
'lp-gid',
|
|
|
|
+ 'optical-gid',
|
|
|
|
'render-gid',
|
|
|
|
'sgx-gid',
|
|
|
|
- 'tape-gid',
|
|
|
|
+ 'storage-gid',
|
|
|
|
'tty-gid',
|
|
|
|
'users-gid',
|
|
|
|
'utmp-gid',
|
|
|
|
+ 'uucp-gid',
|
|
|
|
'video-gid',
|
|
|
|
'wheel-gid',
|
|
|
|
'systemd-journal-gid',
|
|
|
|
diff --git a/meson_options.txt b/meson_options.txt
|
2022-11-11 00:15:43 +00:00
|
|
|
index 814f340840..253a77ecb3 100644
|
2021-07-11 23:24:27 +00:00
|
|
|
--- a/meson_options.txt
|
|
|
|
+++ b/meson_options.txt
|
2022-11-11 00:15:43 +00:00
|
|
|
@@ -257,10 +257,6 @@ option('adm-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
description : 'soft-static allocation for the "adm" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
option('audio-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
description : 'soft-static allocation for the "audio" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
-option('cdrom-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
- description : 'soft-static allocation for the "cdrom" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
-option('dialout-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
- description : 'soft-static allocation for the "dialout" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
option('disk-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
description : 'soft-static allocation for the "disk" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
option('input-gid', type : 'integer', value : 0,
|
|
|
|
@@ -271,18 +267,22 @@ option('kvm-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
description : 'soft-static allocation for the "kvm" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
option('lp-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
description : 'soft-static allocation for the "lp" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
+option('optical-gid', type : 'integer', value : '0',
|
2021-07-11 23:24:27 +00:00
|
|
|
+ description : 'soft-static allocation for the "optical" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
option('render-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
description : 'soft-static allocation for the "render" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
option('sgx-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
description : 'soft-static allocation for the "sgx" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
-option('tape-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
- description : 'soft-static allocation for the "tape" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
+option('storage-gid', type : 'integer', value : '0',
|
2021-07-11 23:24:27 +00:00
|
|
|
+ description : 'soft-static allocation for the "storage" group')
|
|
|
|
option('tty-gid', type : 'integer', value : 5,
|
|
|
|
description : 'the numeric GID of the "tty" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
option('users-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
description : 'soft-static allocation for the "users" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
option('utmp-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
description : 'soft-static allocation for the "utmp" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
+option('uucp-gid', type : 'integer', value : '0',
|
2021-07-11 23:24:27 +00:00
|
|
|
+ description : 'soft-static allocation for the "uucp" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
option('video-gid', type : 'integer', value : 0,
|
2021-07-11 23:24:27 +00:00
|
|
|
description : 'soft-static allocation for the "video" group')
|
2022-11-11 00:15:43 +00:00
|
|
|
option('wheel-gid', type : 'integer', value : 0,
|
2019-12-04 19:22:14 +00:00
|
|
|
diff --git a/rules.d/50-udev-default.rules.in b/rules.d/50-udev-default.rules.in
|
2022-11-11 00:15:43 +00:00
|
|
|
index 843bdaf9ce..a192f091df 100644
|
2019-12-04 19:22:14 +00:00
|
|
|
--- a/rules.d/50-udev-default.rules.in
|
|
|
|
+++ b/rules.d/50-udev-default.rules.in
|
2022-11-11 00:15:43 +00:00
|
|
|
@@ -26,7 +26,7 @@ SUBSYSTEM=="tty", KERNEL=="sclp_line[0-9]*", GROUP="tty", MODE="0620"
|
2018-03-08 01:30:53 +00:00
|
|
|
SUBSYSTEM=="tty", KERNEL=="ttysclp[0-9]*", GROUP="tty", MODE="0620"
|
|
|
|
SUBSYSTEM=="tty", KERNEL=="3270/tty[0-9]*", GROUP="tty", MODE="0620"
|
|
|
|
SUBSYSTEM=="vc", KERNEL=="vcs*|vcsa*", GROUP="tty"
|
|
|
|
-KERNEL=="tty[A-Z]*[0-9]|ttymxc[0-9]*|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*", GROUP="dialout"
|
|
|
|
+KERNEL=="tty[A-Z]*[0-9]|ttymxc[0-9]*|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*", GROUP="uucp"
|
|
|
|
|
|
|
|
SUBSYSTEM=="mem", KERNEL=="mem|kmem|port", GROUP="kmem", MODE="0640"
|
|
|
|
|
2022-11-11 00:15:43 +00:00
|
|
|
@@ -72,13 +72,13 @@ KERNEL=="irlpt[0-9]*", GROUP="lp"
|
2018-03-08 01:30:53 +00:00
|
|
|
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0701??:*", GROUP="lp"
|
|
|
|
|
|
|
|
SUBSYSTEM=="block", GROUP="disk"
|
|
|
|
-SUBSYSTEM=="block", KERNEL=="sr[0-9]*", GROUP="cdrom"
|
|
|
|
-SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", GROUP="cdrom"
|
|
|
|
-KERNEL=="sch[0-9]*", GROUP="cdrom"
|
|
|
|
-KERNEL=="pktcdvd[0-9]*", GROUP="cdrom"
|
|
|
|
-KERNEL=="pktcdvd", GROUP="cdrom"
|
|
|
|
+SUBSYSTEM=="block", KERNEL=="sr[0-9]*", GROUP="optical"
|
|
|
|
+SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="4|5", GROUP="optical"
|
|
|
|
+KERNEL=="sch[0-9]*", GROUP="optical"
|
|
|
|
+KERNEL=="pktcdvd[0-9]*", GROUP="optical"
|
|
|
|
+KERNEL=="pktcdvd", GROUP="optical"
|
|
|
|
|
|
|
|
-SUBSYSTEM=="scsi_generic|scsi_tape", SUBSYSTEMS=="scsi", ATTRS{type}=="1|8", GROUP="tape"
|
|
|
|
+SUBSYSTEM=="scsi_generic|scsi_tape", SUBSYSTEMS=="scsi", ATTRS{type}=="1|8", GROUP="storage"
|
|
|
|
SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="0", GROUP="disk"
|
|
|
|
KERNEL=="qft[0-9]*|nqft[0-9]*|zqft[0-9]*|nzqft[0-9]*|rawqft[0-9]*|nrawqft[0-9]*", GROUP="disk"
|
|
|
|
KERNEL=="loop-control", GROUP="disk", OPTIONS+="static_node=loop-control"
|
|
|
|
diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in
|
2022-11-11 00:15:43 +00:00
|
|
|
index a602b872e4..8d38febb6a 100644
|
2018-03-08 01:30:53 +00:00
|
|
|
--- a/sysusers.d/basic.conf.in
|
|
|
|
+++ b/sysusers.d/basic.conf.in
|
2022-11-11 00:15:43 +00:00
|
|
|
@@ -23,17 +23,17 @@ g utmp {{UTMP_GID }} - -
|
2018-03-08 01:30:53 +00:00
|
|
|
|
2021-07-11 23:24:27 +00:00
|
|
|
# Physical and virtual hardware access groups
|
|
|
|
g audio {{AUDIO_GID }} - -
|
|
|
|
-g cdrom {{CDROM_GID }} - -
|
|
|
|
-g dialout {{DIALOUT_GID}} - -
|
|
|
|
g disk {{DISK_GID }} - -
|
|
|
|
g input {{INPUT_GID }} - -
|
|
|
|
g kmem {{KMEM_GID }} - -
|
|
|
|
g kvm {{KVM_GID }} - -
|
|
|
|
g lp {{LP_GID }} - -
|
|
|
|
+g optical {{OPTICAL_GID}} - -
|
|
|
|
g render {{RENDER_GID }} - -
|
|
|
|
g sgx {{SGX_GID }} - -
|
|
|
|
-g tape {{TAPE_GID }} - -
|
|
|
|
+g storage {{STORAGE_GID}} - -
|
|
|
|
g tty {{TTY_GID }} - -
|
|
|
|
+g uucp {{UUCP_GID }} - -
|
|
|
|
g video {{VIDEO_GID }} - -
|
2018-03-08 01:30:53 +00:00
|
|
|
|
|
|
|
# Default group for normal users
|
2022-11-11 00:15:43 +00:00
|
|
|
|
|
|
|
From 9e2987a7b4d09d7b554141e9ef2c911cb3fda570 Mon Sep 17 00:00:00 2001
|
2021-12-28 22:20:58 +00:00
|
|
|
From: Christian Hesse <mail@eworm.de>
|
|
|
|
Date: Mon, 27 Dec 2021 23:32:42 +0100
|
|
|
|
Subject: [PATCH] generate tmpfiles.d/legacy.conf
|
2022-11-11 00:15:43 +00:00
|
|
|
|
2021-12-28 22:20:58 +00:00
|
|
|
---
|
|
|
|
tmpfiles.d/legacy.conf.in | 3 ---
|
|
|
|
tmpfiles.d/meson.build | 2 +-
|
|
|
|
2 files changed, 1 insertion(+), 4 deletions(-)
|
|
|
|
|
|
|
|
diff --git a/tmpfiles.d/legacy.conf.in b/tmpfiles.d/legacy.conf.in
|
|
|
|
index 4f2c0d7c43..62e2ae0986 100644
|
|
|
|
--- a/tmpfiles.d/legacy.conf.in
|
|
|
|
+++ b/tmpfiles.d/legacy.conf.in
|
|
|
|
@@ -12,9 +12,6 @@
|
|
|
|
|
|
|
|
d /run/lock 0755 root root -
|
|
|
|
L /var/lock - - - - ../run/lock
|
|
|
|
-{% if CREATE_LOG_DIRS %}
|
|
|
|
-L /var/log/README - - - - ../..{{DOC_DIR}}/README.logs
|
|
|
|
-{% endif %}
|
|
|
|
|
|
|
|
# /run/lock/subsys is used for serializing SysV service execution, and
|
|
|
|
# hence without use on SysV-less systems.
|
|
|
|
diff --git a/tmpfiles.d/meson.build b/tmpfiles.d/meson.build
|
2022-11-11 00:15:43 +00:00
|
|
|
index ca1abbf3fe..25e2b53402 100644
|
2021-12-28 22:20:58 +00:00
|
|
|
--- a/tmpfiles.d/meson.build
|
|
|
|
+++ b/tmpfiles.d/meson.build
|
2022-11-11 00:15:43 +00:00
|
|
|
@@ -29,7 +29,7 @@ foreach pair : files
|
2021-12-28 22:20:58 +00:00
|
|
|
endforeach
|
|
|
|
|
|
|
|
in_files = [['etc.conf', ''],
|
|
|
|
- ['legacy.conf', 'HAVE_SYSV_COMPAT'],
|
|
|
|
+ ['legacy.conf', ''],
|
|
|
|
['static-nodes-permissions.conf', ''],
|
|
|
|
['systemd.conf', ''],
|
|
|
|
['var.conf', ''],
|