hal/fdi/90defaultpolicy Makefile.am, NONE, 1.1 storage-policy.fdi, NONE, 1.1

David Zeuthen david at freedesktop.org
Tue Oct 12 13:17:10 PDT 2004


Update of /cvs/hal/hal/fdi/90defaultpolicy
In directory gabe:/tmp/cvs-serv22195/fdi/90defaultpolicy

Added Files:
	Makefile.am storage-policy.fdi 
Log Message:
2004-10-12  David Zeuthen  <davidz at redhat.com>

	First part of big patch to use .fdi files for policy properties.

	* configure.in: Add a bunch of new configure.in variables

	* doc/Makefile.am: Add conf directory

	* doc/conf/Makefile.am: New file

	* doc/conf/storage-policy-examples.fdi: New file

	* fdi/30osvendor/Makefile.am: New file

	* fdi/40oem/Makefile.am: New file

	* fdi/50user/Makefile.am: New file

	* fdi/90defaultpolicy/Makefile.am: New File

	* fdi/90defaultpolicy/storage-policy.fdi: New file

	* fdi/95userpolicy/Makefile.am: New file

	* fdi/Makefile.am: Added new subdirs

	* hald/Makefile.am: Link with libselinux if selinux is enabled

	* hald/device.c: 
	(hal_device_property_get_as_string): New function
	(hal_device_copy_property): New function

	* hald/device.h: Add prototypes for two new functions

	* hald/device_info.c:
	(resolve_udiprop_path): New function 
	(match_compare_property): New function
	(handle_match): Allow property names to contain UDI dirct and indirect
	references. Add support for 'exists', 'empty', 'is_absolute_path', 
	'compare_lt', 'compare_le', 'compare_gt', 'compare_ge'
	(handle_merge): Add support for 'copy_property'
	(handle_append): New function
	(start): Support new 'append' operation (like merge)
	(end): Also support MERGE_TYPE_COPY_PROPERTY. Fixup compare bug in 
	match_depth_first_fail that made several matches on the same level
	impossible.
	(process_fdi_file): Init match_depth_first_fail to -1

	* hald/linux/osspec.c (osspec_probe): Add selinux support to
	root computer device object.



--- NEW FILE: Makefile.am ---

fdi90defaultpolicydir = $(datadir)/hal/fdi/90defaultpolicy

dist_fdi90defaultpolicy_DATA = storage-policy.fdi

--- NEW FILE: storage-policy.fdi ---
<?xml version="1.0" encoding="ISO-8859-1"?> <!-- -*- SGML -*- --> 

<deviceinfo version="0.2">

  <!-- Default policies merged onto computer root object  -->
  <device>
    <match key="info.udi" string="/org/freedesktop/Hal/devices/computer">
      <merge key="storage.policy.default.mount_root" type="string">/media</merge>
      <merge key="storage.policy.default.use_managed_keyword" type="bool">true</merge>
      <merge key="storage.policy.default.managed_keyword.primary" type="string">managed</merge>
      <merge key="storage.policy.default.managed_keyword.secondary" type="string">kudzu</merge>
      <merge key="storage.policy.default.mount_option.noauto" type="bool">true</merge>
      <merge key="storage.policy.default.mount_option.user" type="bool">true</merge>
      <merge key="storage.policy.default.mount_option.exec" type="bool">true</merge>
    </match>
  </device>

  <device>
    <!-- Whitelist bus types of storage devices we care about  -->
    <match key="info.category" string="storage">
      <match key="storage.bus" string="usb">
	<merge key="storage.policy.should_mount" type="bool">true</merge>      
      </match>
      <match key="storage.bus" string="ide">
	<merge key="storage.policy.should_mount" type="bool">true</merge>
      </match>
      <match key="storage.bus" string="ieee1394">
	<merge key="storage.policy.should_mount" type="bool">true</merge>
      </match>
      <match key="storage.bus" string="sata">
	<merge key="storage.policy.should_mount" type="bool">true</merge>
      </match>
    </match>

    <!-- Handle drives with non-partitioned media  -->
    <match key="storage.no_partitions_hint" bool="true">
      <!-- optical drives -->
      <match key="storage.drive_type" string="cdrom">
	<merge key="storage.policy.mount_filesystem" type="string">iso9660,udf</merge>
	<merge key="storage.policy.desired_mount_point" type="string">cdrom</merge>
	<merge key="storage.policy.mount_option.ro" type="bool">true</merge>
	<match key="storage.cdrom.cdr" bool="true">
	  <merge key="storage.policy.desired_mount_point" type="string">cdrecorder</merge>
	</match>
	<match key="storage.cdrom.cdrw" bool="true">
	  <merge key="storage.policy.desired_mount_point" type="string">cdrecorder</merge>
	</match>
	<match key="storage.cdrom.dvdplusr" bool="true">
	  <merge key="storage.policy.desired_mount_point" type="string">cdrecorder</merge>
	</match>
	<match key="storage.cdrom.dvdplusrw" bool="true">
	  <merge key="storage.policy.desired_mount_point" type="string">cdrecorder</merge>
	</match>
	<match key="storage.cdrom.dvdram" bool="true">
	  <merge key="storage.policy.desired_mount_point" type="string">cdrecorder</merge>
	</match>
	<match key="storage.cdrom.dvdr" bool="true">
	  <merge key="storage.policy.desired_mount_point" type="string">cdrecorder</merge>
	</match>
	<match key="storage.cdrom.dvdrw" bool="true">
	  <merge key="storage.policy.desired_mount_point" type="string">cdrecorder</merge>
	</match>
	<match key="/org/freedesktop/Hal/devices/computer:linux.is_selinux_enabled" bool="true">
	  <merge key="storage.policy.mount_option.fscontext=system_u:object_r:removable_t" type="bool">true</merge>
	</match>
      </match>
      <!-- floppy drives -->
      <match key="storage.drive_type" string="floppy">
	<merge key="storage.policy.mount_filesystem" type="string">auto</merge>
	<merge key="storage.policy.desired_mount_point" type="string">floppy</merge>
	<match key="/org/freedesktop/Hal/devices/computer:linux.is_selinux_enabled" bool="true">
	  <merge key="storage.policy.mount_option.fscontext=system_u:object_r:removable_t" type="bool">true</merge>
	</match>
      </match>
    </match>

    <!-- Normal volumes; use volume label, uuid or drive_type -->
    <match key="block.is_volume" bool="true">
      <match key="volume.fsusage" string="filesystem">

	<merge key="volume.policy.should_mount" type="bool">true</merge>
	<merge key="volume.policy.mount_filesystem" type="copy_property">volume.fstype</merge>

	<!-- Fallback is '<storage.drive_type>', e.g. disk, compact_flash etc. -->
	<merge key="volume.policy.desired_mount_point" type="copy_property">@block.storage_device:storage.drive_type</merge>
	
	<!-- Better: if available use UUID -->
        <match key="volume.uuid" empty="false">
          <merge key="volume.policy.desired_mount_point" type="copy_property">volume.uuid</merge>
        </match>

        <!-- Best: If available use filesystem label -->
        <match key="volume.label" empty="false">
          <!-- unless it's a path (e.g. /boot, /, /home etc) -->
          <match key="volume.label" is_absolute_path="false">
            <merge key="volume.policy.desired_mount_point" type="copy_property">volume.label</merge>
          </match>
        </match>

	<!-- Should never mount Apple Bootstrap partitions (it would be
	     a security hole) - should use the bootable flag from the
	     Mac partition table instead -->
	<match key="volume.fstype" string="hfs">
	  <match key="volume.label" string="bootstrap">
	    <merge key="volume.policy.should_mount" type="bool">false</merge>
	  </match>
	</match>

	<!-- Use selinux mount options for hotpluggable and removable
	     volumes -->
	<match key="/org/freedesktop/Hal/devices/computer:linux.is_selinux_enabled" bool="true">
	  <match key="@block.storage_device:storage.hotpluggable" bool="true">
	    <merge key="volume.policy.mount_option.fscontext=system_u:object_r:removable_t" type="bool">true</merge>
	  </match>
	  <match key="@block.storage_device:storage.removable" bool="true">
	    <merge key="volume.policy.mount_option.fscontext=system_u:object_r:removable_t" type="bool">true</merge>
	  </match>
	</match>

	<!-- Use noatime and sync options for all hotpluggable or removable
	     volumes smaller than 2GB -->
	<match key="volume.size" compare_lt="2147483648">
	  <match key="@block.storage_device:storage.hotpluggable" bool="true">
	    <merge key="volume.policy.mount_option.async" type="bool">true</merge>
	    <merge key="volume.policy.mount_option.noatime" type="bool">true</merge>
	  </match>
	  <match key="@block.storage_device:storage.removable" bool="true">
	    <merge key="volume.policy.mount_option.async" type="bool">true</merge>
	    <merge key="volume.policy.mount_option.noatime" type="bool">true</merge>
	  </match>
	</match>

      </match>
    </match>
  </device>

</deviceinfo>




More information about the hal-commit mailing list