access regulation for block devices with hal?
Martin Pitt
martin.pitt at ubuntu.com
Wed Oct 29 02:07:19 PDT 2008
Hi Jelle,
Jelle de Jong [2008-10-29 9:50 +0100]:
> I would love to create some hal rules that check the owner and group of
> a device, and then mount it with some corresponding rules. any examples
> would be great, since I have no idea how to do this with hal.
HAL provides a general mechanism for adding ACLs to devices, based on
PolicyKit privileges [1]. These privileges are usually assigned based
on local console presence (from ConsoleKit), but of course you can
assign those privileges to individual users with polkit-auth or
polkit-gnome-authorization.
However, it might actually be easier for you to just write some udev
rules for assigning groups (GROUP="users", MODE="660"). Look at the
existing udev rules for some examples.
Martin
[1] http://people.freedesktop.org/~david/hal-spec/hal-spec.html#access-control
[2] /usr/share/hal/fdi/policy/10osvendor/20-acl-management.fdi
--
Martin Pitt | http://www.piware.de
Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
More information about the hal
mailing list