[systemd-devel] [PATCH] tmpfiles: only change device permissions if mknod succeeded
Tom Gundersen
teg at jklm.no
Mon Oct 27 08:53:27 PDT 2014
On Mon, Oct 27, 2014 at 4:48 PM, Lennart Poettering
<mzerqung at 0pointer.de> wrote:
> On Sat, 25.10.14 01:36, Tom Gundersen (teg at jklm.no) wrote:
>
>> On Mon, Oct 20, 2014 at 9:32 PM, Lennart Poettering
>> <lennart at poettering.net> wrote:
>> > On Tue, 14.10.14 16:19, Jan Synacek (jsynacek at redhat.com) wrote:
>> >
>> >> https://bugzilla.redhat.com/show_bug.cgi?id=1147248
>> >
>> > Hmm, so far tmpfiles always adjust access modes, for all types of
>> > lines, if that's possible. I think this makes sense. The bug
>> > referenced above seems to suggest though that the access mode of the
>> > /dev/fuse file node is specified differently in two places
>> > though. This sounds like something to fix first?
>>
>> Well, the /run/tmpfiles.d/kmod.conf one is what the kernel exposes,
>> and then the udev rules overrides this. We could surely fix this case,
>> but in general I think we should expect that these may differ.
>>
>> To me it seems that we should not create devices nodes at all, except
>> in systemd-tmpfiles-setup-dev.service, the reason being that udev
>> rules are only applied to static nodes at udev startup, so any device
>> nodes created (or changed) after that may end up with the wrong
>> permissions (as seen here).
>
> Hmm, so does this mean that the kmod tmpfiles converter really should
> suffixits lines with the exclamation mark? That way, only invocation
> of tmpfiles with --boot would honour those files, which are the ones
> we start at boot.
>
> Does that make sense?
Yes, indeed, this is precisely what we want. I had missed that
feature. I'll do a patch.
Thanks!
Tom
More information about the systemd-devel
mailing list