Russell Coker writes:
> On Thu, 7 Mar 2002 07:12, Richard Gooch wrote:
> > > > > > I have hacked support for SE Linux into devfsd.
> > > > >
> > > > > I have found one problem with my current code. devfsd wants to
> > > > > re-apply it's permissions to device nodes whenever it's restarted
> > > > > and whenever you do "killall -1 devfsd" to tell it to reload it's
> > > > > config.
> > > >
> > > > I'm open to (clean) suggestions on what to do about this. Perhaps a
> > > > separate signal to reload the config file but don't generate the
> > > > synthetic events?
> > >
> > > Sounds reasonable.
> >
> > OK. How about SIGUSR1? If you have a better signal, let me know.
>
> Sounds fine, SIGUSR1 is free for whatever you want...
I was thinking more of whether to re-use some other signal, so as to
conserve signals. But I guess it doesn't matter. I've coded it up to
use SIGUSR1.
> > > > > Also this is not an issue that is restricted to SE Linux. Currently
> > > > > if I run "killall -1 devfsd" it will be equivalent to "mesg n" for
> > > > > all users!
> > > >
> > > > But in general devfsd should be configured to *not* touch permissions
> > > > for PTY's, so this shouldn't be a problem. What are you doing?
> > >
> > > The following is in my devfsd.conf to change the group of the pts
> > > devices to group tty:
> > > REGISTER ^pts/.* PERMISSIONS -1.tty 0600
> > >
> > > Is there any better way to do this?
> >
> > That's fine. In fact, this is sufficient:
> > REGISTER ^pts/ PERMISSIONS -1.tty 0600
> >
> > and is actually the same, since "pts/" matches ^pts/.* and may be more
> > efficient than having the trailing .* in the regexp.
>
> True. But I still have the issue of a restart changing the mode.
Fixed in my tree. Use SIGUSR1.
> Maybe I should write a .so for managing pts/*?
Is there a need, now that SIGUSR1 is available? What would this .so
do?
Regards,
Richard....
Permanent: rgooch@xxxxxxxxxxxxx
Current: rgooch@xxxxxxxxxxxxxxx
|