[systemd-devel] Debugging acl settings for /dev//snd/pcm* nodes
Kay Sievers
kay at vrfy.org
Mon Jan 20 01:56:13 PST 2014
On Mon, Jan 20, 2014 at 9:42 AM, Hans de Goede <hdegoede at redhat.com> wrote:
> Hi,
>
> For some reason after I've built the Xorg xserver from git, and then login
> through gdm (on an otherwise unmodified F-20 install), the acls on
> /dev/snd/pcm* (and likely others too) no longer get setup to give the user
> I've just logged in with access to them.
>
> Reverting to Xorg from the F-20 packages fixes this. I was wonder if someone
> could give a short step by step of all components involved in doing the acl
> management for devices which should be usable by console users now a days.
>
> As well as some hints for debugging this.
There are udev rules adding a tag to the devices which should get ACLs attached:
/usr/lib/udev/rules.d/70-uaccess.rules
TAG+="uaccess"
After device processing, the tags end up in the udev database:
$ udevadm info /sys/class/sound/controlC0 | grep TAGS
E: TAGS=:uaccess:
Private implementation details, never read directly, but useful for debugging:
$ grep G: /run/udev/data/c116\:10
G:uaccess
$ ls -1 /run/udev/tags/uaccess/
c10:232
c10:58
c116:10
...
During rules processing udev calls internally:
/usr/lib/udev/rules.d/73-seat-late.rules
RUN{builtin}+="uaccess"
which actually adds the ACLs directly in the hotplug path.
At login/logout time, pam_systemd calls out to systemd-logind, logind
reads the above tags directory (with libudev) and applies/removes ACLs
to all devices with the uaccess tag.
Kay
More information about the systemd-devel
mailing list