Managing ACL's on device nodes
Artem Kachitchkine
Artem.Kachitchkin at Sun.COM
Wed Feb 7 11:10:18 PST 2007
Kay Sievers wrote:
> On Wed, 2007-02-07 at 10:40 -0800, Artem Kachitchkine wrote:
>>> So for this I envision that hal will maintain a state file of ACL's
>>> granted somewhere in /var/run/hald, say /var/run/hal/acls_granted. On
>>> startup of hal we process this file and removes the ACL's previously
>>> added (want to be careful not to remove ACL's not granted by HAL).
>> ACLs aren't cumulative, are they? I.e. if HAL sets the ACL, then
>> something else sets the same ACL, then HAL unsets it, the ACL is unset.
>
> We don't really need to care, HAL is the only instance expected to do
> this.
That's an interesting assumption. Anyway, if that's the assumption being
made, then "want to be careful not to remove ACL's not granted by HAL"
does not apply either.
-Artem.
More information about the hal
mailing list