"console" virtual group for desktop users
Matthew Mastracci
matt at aclaro.com
Sat Apr 3 07:58:04 EEST 2004
I originally posted this message to Redhat's pam-list, but I didn't
receive any responses. I'm not certain if these lists are the best
place for it, but I can see possible overlap with some of the Project
Utopia and general Linux Hotplug work and thought it could provoke some
useful discussion here.
The summary of the message is the replacement of the "console.perms"
style permissions with a "console" group, whose members would be
provided by an nsswitch library. These members would dynamically update
as users create/kill X sessions, allowing two locally logged in users
with different X sessions to share local devices (ie: /dev/dsp,
/dev/dvd, etc.)
--- Previous Message ---
After having some issues with pam_console applying permissions to some
nvidia* files, I was wondering - would it be better to assign these
devices a group of "console" and use nsswitch to dynamically assign
console users?
I've had to reset the permissions of the device to 777, owner root and
disable the entry in console.perms, but that does allow non-local users
access to these devices.
An nsswitch module could just enumerate the entries in
/var/run/console/* and return them as part of the console group. These
users should then have access to the given console device.
Thoughts?
--
Matthew Mastracci <matt at aclaro.com>
More information about the xdg
mailing list