[Spice-devel] [PATCH] usbredir: fix redirection of user-accesible device nodes.
Christophe Fergeau
cfergeau at redhat.com
Mon Jun 29 07:36:48 PDT 2015
Hey,
On Mon, Jun 29, 2015 at 03:46:56PM +0200, Michal Suchanek wrote:
> This basically reverts 63c8526c699692b6fdca15db8209730fca7eb817
>
> After this change opening the device node is not tried at all.
Imo this is what should be fixed
>
> So when user has access to the device node and policykit ACL is not set
> up access is denied while in fact the device could be accessed.
The log of commit 63c852 is fairly clear that spice-gtk considers the
normal case to be ""policykit is setup, usb device node is not
accessible to the user". Is this a wrong assumption? Did you have these
issues with an out-of-the-box distro installation, or is it some
customizations that you are making?
> The change was made to prevent logging error when opening the device is
> attempted. However, unless some really complex error processing is
> implemented logging the error from libusb and displaying the error from
> ACL helper to the user seems like the best thing we can do.
My understanding is that the issue was that when using policykit ACL
(with no access to the device node), trying first to open the device
node would cause an error to be logged even if the policykit code would
then succeed, ie the libusb error was some kind of 'false-positive'
Christophe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/spice-devel/attachments/20150629/5697f526/attachment.sig>
More information about the Spice-devel
mailing list