Policy for storage devices

David Zeuthen david at fubar.dk
Thu Oct 14 13:39:26 PDT 2004 

Hi,

I just committed a change to the hal spec, the .fdi file parser and
fstab-sync to allow configurable policy for how to handle storage
devices. All of these are documented in the spec - I've just uploaded
the latest HTML version here

  http://freedesktop.org/~david/hal-spec/hal-spec.html 

Basically, the problems I wanted to solve was that 

 1. it must be possible for a system administrator to control what
    storage devices should be allowed to be mounted by unprivileged
    users (e.g. go into /etc/fstab)

 2. it would be nice to have persistent mount point names

 3. it should be possible to customize policy, both globally and on an
    per-device basis

 4. the policy shouldn't be tied to fstab-sync - it should be able to
    work with policy mount wrappers

 5. all policy is in a single location

 6. all policy must be documented

 7. no new parsers (which require security reviews etc.) or significant
    new amount of code

 8. default policy for a distribution must be somewhat easy to express

So, basically, I think that I've been able to capture the requirements
for Fedora right here in this device information file (that goes in
fdi/90defaultpolicy)

 http://freedesktop.org/cgi-bin/viewcvs.cgi/*checkout*/hal/hal/fdi/90defaultpolicy/storage-policy.fdi

As evident in the policy, the new defaults is to use label, UUID and
storage.drive_type in that order.

Here are some more wacky examples (to go in fdi/95userpolicy)

 http://freedesktop.org/cgi-bin/viewcvs.cgi/*checkout*/hal/hal/doc/conf/storage-policy-examples.fdi
 http://freedesktop.org/cgi-bin/viewcvs.cgi/*checkout*/hal/hal/doc/conf/storage-non-fixed.fdi
 http://freedesktop.org/cgi-bin/viewcvs.cgi/*checkout*/hal/hal/doc/conf/storage-skip-all.fdi

Basically, the changes I've put in amounts to

 a. new features in the .fdi file parser

 b. definition of storage.policy, volume.policy and 
    storage.policy.default properties in the hal spec

 c. write default policy as a device information file

 d. add C wrapper functions for the new properties in libhal-storage

 e. make fstab-sync use libhal-storage

 f. write a manpage for fstab-sync

One might argue that this is a change on how we use device information
files; e.g. now we merge policy and not just facts, and, yes it is.

However, the point of hal is to merge *all* interesting information
about a device and this does include policy. If and when we get a public
device information file repository we need to ensure that these files
doesn't contain policy.

Cheers,
David

_______________________________________________
hal mailing list
hal at freedesktop.org
http://freedesktop.org/mailman/listinfo/hal

More information about the Hal mailing list