Date: Tue, 27 Nov 2001 11:41:33 +0000 From: Josef Karthauser <joe@tao.org.uk> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: mjacob@feral.com, arch@FreeBSD.org Subject: Re: Anybody working on devd? Message-ID: <20011127114133.S643@tao.org.uk> In-Reply-To: <200111270325.fAR3P6e25466@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Mon, Nov 26, 2001 at 10:25:06PM -0500 References: <20011126212937.AD31B380D@overcee.netplex.com.au> <20011126230600$59b3@traf.lcs.mit.edu> <200111270325.fAR3P6e25466@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
--TOcFo/l1T3s1H/TJ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Nov 26, 2001 at 10:25:06PM -0500, Garrett Wollman wrote: > In article <20011126230600$59b3@traf.lcs.mit.edu> you write: >=20 > >It seems to me wrong to do 'adjustments'. Either you have a model that t= rusts > >drivers to do the right thing when the call make_dev, or you don't. >=20 > My site policy about what permissions certain device nodes should have > should not, and in some cases probably cannot, be written directly > into a device driver. The driver should use the most conservative > possible settings -- in most cases, root:wheel/600 -- and let > user-land code apply whatever policy is desired. We already have > mechanisms for expressing some of that policy (e.g., /etc/fbtab) but > it's not cognizant of transient devices. That's part of the problem > which needs to be solved. Devices that come and go can come and go quickly. For instance a USB sync'd palmpilot only appears as a usb device once the hotsync button has been pressed, and disappears once the sync process has finished. A userland process that wants to sync has to wait until it sees the usb device node appear to know that it is there (unless usbd can fire the process off at enumeration time). If a userland process pokes with the node permissions sometime after the device node appears, there's a race between the application and the userland devd. Sometimes the sync will succeed, sometimes it will fail due to wrong dev node permissions. For this reason I'd prefer the devnode to be created with the right permissions in the first place. Phk was talking about loading user/group policies into the kernel so that make_dev can use them whilst creating the node. Joe --TOcFo/l1T3s1H/TJ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjwDe+wACgkQXVIcjOaxUBb/uACgvQ+Mi481V5gr3ZguLE+uZJds 9esAnjJbFGG5K6qsiokduaZhbayVJ6rW =IYWY -----END PGP SIGNATURE----- --TOcFo/l1T3s1H/TJ-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011127114133.S643>