Message ID | 20190329225410.26435-1-mhei@heimpold.de |
---|---|
State | Superseded |
Headers | show |
Series | [OpenWrt-Devel] base-files/hotplug: add "dialout" user group and use it for ttyXYZ devices | expand |
Hi, the "tty" group has been introduced exactly for this purpose some time ago (1)(2). Any reason why we need "dialout" as well? ~ Jo 1: https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=5523ee3459a2d346ad068ce359cdb60dcda1239d 2: https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=124ab1dc0a6235007f60953a796bf29122dfa242
Hi, > the "tty" group has been introduced exactly for this purpose some time > ago (1)(2). Any reason why we need "dialout" as well? > > ~ Jo > > 1: > https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=5523ee3459a2d3 > 46ad068ce359cdb60dcda1239d 2: > https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=124ab1dc0a6235 > 007f60953a796bf29122dfa242 well, it seems that the second commit did not survive (at least in master branch)... I noticed the "tty" group on OpenWrt but on my desktop system, it has slightly different meaning, see https://wiki.debian.org/SystemGroups So I guessed the meaning is the same on OpenWrt, thus the proposal to add "dialout" as well. You are right, that we don't need a second group to the same purpose. However, then I'd propose to rename the group "tty" to "dialout" to prevent other users to do the same mistake like me, i.e. confuse both groups due to mixing knowledge from other distros. Michael
Hi Michael, > well, it seems that the second commit did not survive (at least in master > branch)... indeed, it was broken by an improperly rebased commit: https://git.openwrt.org/?p=openwrt/openwrt.git;a=commitdiff;h=5209cfa534293cb6d27574b51d03bd69a5defb0c I'd be fine with a v2 which reintroduces the lost hunk and renames tty to dialout at the same time. ~ Jo
diff --git a/package/base-files/files/etc/group b/package/base-files/files/etc/group index e8e2adf4ac..723a3832e8 100644 --- a/package/base-files/files/etc/group +++ b/package/base-files/files/etc/group @@ -3,6 +3,7 @@ daemon:x:1: adm:x:4: tty:x:5: mail:x:8: +dialout:x:20: audio:x:29: www-data:x:33: ftp:x:55: diff --git a/package/system/procd/files/hotplug.json b/package/system/procd/files/hotplug.json index 1c949bbea3..4221e15fe9 100644 --- a/package/system/procd/files/hotplug.json +++ b/package/system/procd/files/hotplug.json @@ -20,6 +20,10 @@ [ "regex", "DEVNAME", "^snd" ], [ "makedev", "/dev/%DEVNAME%", "0660", "audio" ] ], + [ "if", + [ "regex", "DEVNAME", "^tty[A-Za-z]+[0-9]+" ], + [ "makedev", "/dev/%DEVNAME%", "0660", "dialout" ] + ], [ "if", [ "has", "DEVNAME" ], [ "makedev", "/dev/%DEVNAME%", "0600" ]
This add that "well-known" group to the system database and changes hotplug default rules to assign /dev/tty[A-Za-z]+[0-9]+ nodes to this new group. Background is to allow more fine-granulated permissions, e.g. for daemons like ser2net which make UART ports available via network and thus should not run as root when avoidable. Signed-off-by: Michael Heimpold <mhei@heimpold.de> --- package/base-files/files/etc/group | 1 + package/system/procd/files/hotplug.json | 4 ++++ 2 files changed, 5 insertions(+)