KERNEL=="ptmx", GROUP="tty", MODE="0666"
KERNEL=="tty", GROUP="tty", MODE="0666"
KERNEL=="tty[0-9]*", GROUP="tty", MODE="0620"
-KERNEL=="console", MODE="0600"
KERNEL=="vcs|vcs[0-9]*|vcsa|vcsa[0-9]*", GROUP="tty"
# serial
KERNEL=="tty[A-Z]*[0-9]|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*", GROUP="dialout"
-KERNEL=="ppp", MODE="0600"
KERNEL=="mwave", GROUP="dialout"
KERNEL=="hvc*|hvsi*", GROUP="dialout"
KERNEL=="winradio*", GROUP="video"
# graphics
-KERNEL=="agpgart", MODE="0600", GROUP="video"
+KERNEL=="agpgart", GROUP="video"
KERNEL=="pmu", GROUP="video"
KERNEL=="nvidia*|nvidiactl*", GROUP="video"
SUBSYSTEM=="graphics", GROUP="video"
SUBSYSTEM=="aoe", KERNEL=="err", MODE="0440"
# network
-KERNEL=="tun", MODE="0666"
+KERNEL=="tun", MODE="0666", OPTIONS+="static_node=net/tun"
KERNEL=="rfkill", MODE="0644"
# CPU
KERNEL=="cpu[0-9]*", MODE="0444"
# miscellaneous
-KERNEL=="fuse", MODE="0666"
+KERNEL=="fuse", MODE="0666", OPTIONS+="static_node=fuse"
SUBSYSTEM=="rtc", DRIVERS=="rtc_cmos", SYMLINK+="rtc"
KERNEL=="mmtimer", MODE="0644"
KERNEL=="rflash[0-9]*", MODE="0400"
err = mknod(file_tmp, mode, devnum);
udev_selinux_resetfscreatecon(udev);
if (err != 0) {
- err(udev, "mknod(%s, %#o, %u, %u) failed: %m\n",
- file_tmp, mode, major(devnum), minor(devnum));
+ err(udev, "mknod '%s' %u:%u %#o failed: %m\n",
+ file_tmp, major(devnum), minor(devnum), mode);
goto exit;
}
err = rename(file_tmp, file);
if (err != 0) {
- err(udev, "rename(%s, %s) failed: %m\n", file_tmp, file);
+ err(udev, "rename '%s' '%s' failed: %m\n", file_tmp, file);
unlink(file_tmp);
goto exit;
}
- info(udev, "set permissions %s, %#o, uid=%u, gid=%u\n", file, mode, uid, gid);
+ info(udev, "set permissions '%s' %#o uid=%u gid=%u\n", file, mode, uid, gid);
chmod(file, mode);
chown(file, uid, gid);
}
} else {
- info(udev, "mknod(%s, %#o, (%u,%u))\n", file, mode, major(devnum), minor(devnum));
+ info(udev, "mknod '%s' %u:%u %#o\n", file, major(devnum), minor(devnum), mode);
do {
err = util_create_path(udev, file);
if (err != 0 && err != -ENOENT)
udev_selinux_resetfscreatecon(udev);
} while (err == -ENOENT);
if (err != 0)
- err(udev, "mknod(%s, %#o, (%u,%u) failed: %m\n", file, mode, major(devnum), minor(devnum));
- info(udev, "set permissions %s, %#o, uid=%u, gid=%u\n", file, mode, uid, gid);
+ err(udev, "mknod '%s' %u:%u %#o' failed: %m\n", file, major(devnum), minor(devnum), mode);
+ info(udev, "set permissions '%s' %#o uid=%u gid=%u\n", file, mode, uid, gid);
chmod(file, mode);
chown(file, uid, gid);
}
udev_selinux_resetfscreatecon(udev);
} while (err == -ENOENT);
if (err != 0) {
- err(udev, "symlink(%s, %s) failed: %m\n", target, slink_tmp);
+ err(udev, "symlink '%s' '%s' failed: %m\n", target, slink_tmp);
goto exit;
}
err = rename(slink_tmp, slink);
if (err != 0) {
- err(udev, "rename(%s, %s) failed: %m\n", slink_tmp, slink);
+ err(udev, "rename '%s' '%s' failed: %m\n", slink_tmp, slink);
unlink(slink_tmp);
}
exit:
const char *devnode;
struct stat stats;
struct udev_device *dev_check;
- char filename[UTIL_PATH_SIZE];
int err = 0;
/* remove/update symlinks, remove symlinks from name index */
goto out;
}
- util_strscpyl(filename, sizeof(filename), LIBEXECDIR "/devices", &devnode[strlen(udev_get_dev_path(udev))], NULL);
- if (stat(filename, &stats) == 0 && stats.st_rdev == udev_device_get_devnum(dev)) {
- info(udev, "static device entry found '%s', skip removal\n", devnode);
- goto out;
- }
-
info(udev, "removing device node '%s'\n", devnode);
err = util_unlink_secure(udev, devnode);
util_delete_path(udev, devnode);
TK_A_OWNER_ID, /* uid_t */
TK_A_GROUP_ID, /* gid_t */
TK_A_MODE_ID, /* mode_t */
+ TK_A_STATIC_NODE, /* val */
TK_A_ENV, /* val, attr */
TK_A_TAG, /* val */
TK_A_NAME, /* val */
/* we try to pack stuff in a way that we take only 12 bytes per token */
struct token {
union {
- unsigned char type; /* same as in rule and key */
+ unsigned char type; /* same in rule and key */
struct {
enum token_type type:8;
- unsigned int flags:8;
+ bool can_set_name:1;
+ bool has_static_node:1;
+ unsigned int unused:6;
unsigned short token_count;
unsigned int label_off;
unsigned short filename_off;
[TK_A_MODE] = "A MODE",
[TK_A_OWNER_ID] = "A OWNER_ID",
[TK_A_GROUP_ID] = "A GROUP_ID",
+ [TK_A_STATIC_NODE] = "A STATIC_NODE",
[TK_A_MODE_ID] = "A MODE_ID",
[TK_A_ENV] = "A ENV",
[TK_A_TAG] = "A ENV",
dbg(rules->udev, "%s %u\n", token_str(type), token->key.watch);
break;
case TK_A_DEVLINK_PRIO:
- dbg(rules->udev, "%s %s %u\n", token_str(type), operation_str(op), token->key.devlink_prio);
+ dbg(rules->udev, "%s %u\n", token_str(type), token->key.devlink_prio);
break;
case TK_A_OWNER_ID:
dbg(rules->udev, "%s %s %u\n", token_str(type), operation_str(op), token->key.uid);
case TK_A_MODE_ID:
dbg(rules->udev, "%s %s %#o\n", token_str(type), operation_str(op), token->key.mode);
break;
+ case TK_A_STATIC_NODE:
+ dbg(rules->udev, "%s '%s'\n", token_str(type), value);
+ break;
case TK_A_EVENT_TIMEOUT:
- dbg(rules->udev, "%s %s %u\n", token_str(type), operation_str(op), token->key.event_timeout);
+ dbg(rules->udev, "%s %u\n", token_str(type), token->key.event_timeout);
break;
case TK_A_GOTO:
dbg(rules->udev, "%s '%s' %u\n", token_str(type), value, token->key.rule_goto);
static int attr_subst_subdir(char *attr, size_t len)
{
- int found = 0;
+ bool found = false;
if (strstr(attr, "/*/")) {
char *pos;
continue;
util_strscpyl(attr, len, dirname, "/", dent->d_name, tail, NULL);
if (stat(attr, &stats) == 0) {
- found = 1;
+ found = true;
break;
}
}
case TK_A_MODE_ID:
token->key.mode = *(mode_t *)data;
break;
+ case TK_A_STATIC_NODE:
+ token->key.value_off = add_string(rule_tmp->rules, value);
+ break;
case TK_A_EVENT_TIMEOUT:
token->key.event_timeout = *(int *)data;
break;
}
rule_add_key(&rule_tmp, TK_A_NAME, op, value, NULL);
}
- rule_tmp.rule.rule.flags = 1;
+ rule_tmp.rule.rule.can_set_name = true;
continue;
}
flag = 1;
rule_add_key(&rule_tmp, TK_A_DEVLINK, op, value, &flag);
}
- rule_tmp.rule.rule.flags = 1;
+ rule_tmp.rule.rule.can_set_name = true;
continue;
}
} else if (rules->resolve_names >= 0) {
rule_add_key(&rule_tmp, TK_A_OWNER, op, value, NULL);
}
- rule_tmp.rule.rule.flags = 1;
+ rule_tmp.rule.rule.can_set_name = true;
continue;
}
} else if (rules->resolve_names >= 0) {
rule_add_key(&rule_tmp, TK_A_GROUP, op, value, NULL);
}
- rule_tmp.rule.rule.flags = 1;
+ rule_tmp.rule.rule.can_set_name = true;
continue;
}
rule_add_key(&rule_tmp, TK_A_MODE_ID, op, NULL, &mode);
else
rule_add_key(&rule_tmp, TK_A_MODE, op, value, NULL);
- rule_tmp.rule.rule.flags = 1;
+ rule_tmp.rule.rule.can_set_name = true;
continue;
}
dbg(rules->udev, "inotify watch of device requested\n");
}
}
+ pos = strstr(value, "static_node=");
+ if (pos != NULL) {
+ rule_add_key(&rule_tmp, TK_A_STATIC_NODE, 0, &pos[strlen("static_node=")], NULL);
+ rule_tmp.rule.rule.has_static_node = true;
+ }
continue;
}
err(rules->udev, "unknown key '%s' in %s:%u\n", key, filename, lineno);
{
char *key_value = &rules->buf[token->key.value_off];
char *pos;
- int match = 0;
+ bool match = false;
if (val == NULL)
val = "";
/* loop through token list, match, run actions or forward to next rule */
cur = &rules->tokens[0];
rule = cur;
- while (1) {
+ for (;;) {
dump_token(rules, cur);
switch (cur->type) {
case TK_RULE:
/* current rule */
rule = cur;
/* possibly skip rules which want to set NAME, SYMLINK, OWNER, GROUP, MODE */
- if (!can_set_name && rule->rule.flags)
+ if (!can_set_name && rule->rule.can_set_name)
goto nomatch;
esc = ESCAPE_UNSET;
break;
{
size_t devlen = strlen(udev_get_dev_path(event->udev))+1;
struct udev_list_entry *list_entry;
- int match = 0;
+ bool match = false;
udev_list_entry_foreach(list_entry, udev_device_get_devlinks_list_entry(event->dev)) {
const char *devlink;
devlink = &udev_list_entry_get_name(list_entry)[devlen];
if (match_key(rules, cur, devlink) == 0) {
- match = 1;
+ match = true;
break;
}
}
if (event->owner_final)
break;
if (cur->key.op == OP_ASSIGN_FINAL)
- event->owner_final = 1;
+ event->owner_final = true;
udev_event_apply_format(event, &rules->buf[cur->key.value_off], owner, sizeof(owner));
event->uid = util_lookup_user(event->udev, owner);
info(event->udev, "OWNER %u %s:%u\n",
if (event->group_final)
break;
if (cur->key.op == OP_ASSIGN_FINAL)
- event->group_final = 1;
+ event->group_final = true;
udev_event_apply_format(event, &rules->buf[cur->key.value_off], group, sizeof(group));
event->gid = util_lookup_group(event->udev, group);
info(event->udev, "GROUP %u %s:%u\n",
if (event->mode_final)
break;
if (cur->key.op == OP_ASSIGN_FINAL)
- event->mode_final = 1;
+ event->mode_final = true;
udev_event_apply_format(event, &rules->buf[cur->key.value_off], mode, sizeof(mode));
event->mode = strtol(mode, &endptr, 8);
if (endptr[0] != '\0') {
- err(event->udev, "invalide mode '%s' set default mode 0660\n", mode);
- event->mode = 0660;
+ err(event->udev, "invalide mode '%s' set default mode 0600\n", mode);
+ event->mode = 0600;
}
info(event->udev, "MODE %#o %s:%u\n",
event->mode,
if (event->owner_final)
break;
if (cur->key.op == OP_ASSIGN_FINAL)
- event->owner_final = 1;
+ event->owner_final = true;
event->uid = cur->key.uid;
info(event->udev, "OWNER %u %s:%u\n",
event->uid,
if (event->group_final)
break;
if (cur->key.op == OP_ASSIGN_FINAL)
- event->group_final = 1;
+ event->group_final = true;
event->gid = cur->key.gid;
info(event->udev, "GROUP %u %s:%u\n",
event->gid,
if (event->mode_final)
break;
if (cur->key.op == OP_ASSIGN_FINAL)
- event->mode_final = 1;
+ event->mode_final = true;
event->mode = cur->key.mode;
info(event->udev, "MODE %#o %s:%u\n",
event->mode,
&rules->buf[rule->rule.filename_off],
rule->rule.filename_line);
break;
+ case TK_A_STATIC_NODE:
+ break;
case TK_A_ENV:
{
const char *name = &rules->buf[cur->key.attr_off];
if (event->name_final)
break;
if (cur->key.op == OP_ASSIGN_FINAL)
- event->name_final = 1;
+ event->name_final = true;
udev_event_apply_format(event, name, name_str, sizeof(name_str));
if (esc == ESCAPE_UNSET || esc == ESCAPE_REPLACE) {
count = udev_util_replace_chars(name_str, "/");
if (major(udev_device_get_devnum(event->dev)) == 0)
break;
if (cur->key.op == OP_ASSIGN_FINAL)
- event->devlink_final = 1;
+ event->devlink_final = true;
if (cur->key.op == OP_ASSIGN || cur->key.op == OP_ASSIGN_FINAL)
udev_device_cleanup_devlinks_list(event->dev);
(unsigned int) (cur - rules->tokens));
}
}
+
+void udev_rules_apply_static_dev_perms(struct udev_rules *rules)
+{
+ struct token *cur;
+ struct token *rule;
+ uid_t uid = 0;
+ gid_t gid = 0;
+ mode_t mode = 0;
+
+ if (rules->tokens == NULL)
+ return;
+
+ cur = &rules->tokens[0];
+ rule = cur;
+ for (;;) {
+ switch (cur->type) {
+ case TK_RULE:
+ /* current rule */
+ rule = cur;
+
+ /* skip rules without a static_node tag */
+ if (!rule->rule.has_static_node)
+ goto next;
+
+ uid = 0;
+ gid = 0;
+ mode = 0;
+ break;
+ case TK_A_OWNER_ID:
+ uid = cur->key.uid;
+ break;
+ case TK_A_GROUP_ID:
+ gid = cur->key.gid;
+ break;
+ case TK_A_MODE_ID:
+ mode = cur->key.mode;
+ break;
+ case TK_A_STATIC_NODE: {
+ char filename[UTIL_PATH_SIZE];
+ struct stat stats;
+ /* we assure, that the permissions tokens are sorted before the static token */
+ if (mode == 0 && uid == 0 && gid == 0)
+ goto next;
+ util_strscpyl(filename, sizeof(filename), udev_get_dev_path(rules->udev), "/",
+ &rules->buf[cur->key.value_off], NULL);
+ if (stat(filename, &stats) != 0)
+ goto next;
+ if (!S_ISBLK(stats.st_mode) && !S_ISCHR(stats.st_mode))
+ goto next;
+ if (mode != 0 && mode != (stats.st_mode & 0777)) {
+ chmod(filename, mode);
+ info(rules->udev, "chmod '%s' %#o\n", filename, mode);
+ }
+ if ((uid != 0 && uid != stats.st_uid) || (gid != 0 && gid != stats.st_gid)) {
+ chown(filename, uid, gid);
+ info(rules->udev, "chown '%s' %u %u\n", filename, uid, gid);
+ }
+ utimensat(AT_FDCWD, filename, NULL, 0);
+ break;
+ }
+ case TK_END:
+ return;
+ }
+
+ cur++;
+ continue;
+next:
+ /* fast-forward to next rule */
+ cur = rule + rule->rule.token_count;
+ continue;
+ }
+}
uid_t uid;
gid_t gid;
struct udev_list_node run_list;
- unsigned int group_final:1;
- unsigned int owner_final:1;
- unsigned int mode_final:1;
- unsigned int name_final:1;
- unsigned int devlink_final:1;
- unsigned int run_final:1;
- unsigned int inotify_watch:1;
+ bool group_final;
+ bool owner_final;
+ bool mode_final;
+ bool name_final;
+ bool devlink_final;
+ bool run_final;
+ bool inotify_watch;
};
struct udev_watch {
struct udev_rules *udev_rules_new(struct udev *udev, int resolve_names);
void udev_rules_unref(struct udev_rules *rules);
int udev_rules_apply_to_event(struct udev_rules *rules, struct udev_event *event);
+void udev_rules_apply_static_dev_perms(struct udev_rules *rules);
/* udev-event.c */
struct udev_event *udev_event_new(struct udev_device *dev);
#include <sys/stat.h>
#include <sys/ioctl.h>
#include <sys/inotify.h>
+#include <sys/utsname.h>
#include "udev.h"
}
}
+static void static_dev_create_from_modules(struct udev *udev)
+{
+ struct utsname kernel;
+ char modules[UTIL_PATH_SIZE];
+ char buf[4096];
+ FILE *f;
+
+ uname(&kernel);
+ util_strscpyl(modules, sizeof(modules), "/lib/modules/", kernel.release, "/modules.devname", NULL);
+ f = fopen(modules, "r");
+ if (f == NULL)
+ return;
+
+ while (fgets(buf, sizeof(buf), f) != NULL) {
+ char *s;
+ const char *modname;
+ const char *devname;
+ const char *devno;
+ int maj, min;
+ char type;
+ mode_t mode;
+ char filename[UTIL_PATH_SIZE];
+
+ if (buf[0] == '#')
+ continue;
+
+ modname = buf;
+ s = strchr(modname, ' ');
+ if (s == NULL)
+ continue;
+ s[0] = '\0';
+
+ devname = &s[1];
+ s = strchr(devname, ' ');
+ if (s == NULL)
+ continue;
+ s[0] = '\0';
+
+ devno = &s[1];
+ s = strchr(devno, ' ');
+ if (s == NULL)
+ s = strchr(devno, '\n');
+ if (s != NULL)
+ s[0] = '\0';
+ if (sscanf(devno, "%c%u:%u", &type, &maj, &min) != 3)
+ continue;
+
+ if (type == 'c')
+ mode = 0600 | S_IFCHR;
+ else if (type == 'b')
+ mode = 0600 | S_IFBLK;
+ else
+ continue;
+
+ util_strscpyl(filename, sizeof(filename), udev_get_dev_path(udev), "/", devname, NULL);
+ util_create_path(udev, filename);
+ udev_selinux_setfscreatecon(udev, filename, mode);
+ info(udev, "mknod '%s' %c%u:%u\n", filename, type, maj, min);
+ if (mknod(filename, mode, makedev(maj, min)) < 0 && errno == EEXIST)
+ utimensat(AT_FDCWD, filename, NULL, 0);
+ udev_selinux_resetfscreatecon(udev);
+ }
+
+ fclose(f);
+}
+
static int copy_dir(struct udev *udev, DIR *dir_from, DIR *dir_to, int maxdepth)
{
struct dirent *dent;
return 0;
}
-static void prepare_dev(struct udev *udev)
+static void static_dev_create_links(struct udev *udev, DIR *dir)
{
struct stdlinks {
const char *link;
{ "stderr", "/proc/self/fd/2" },
};
unsigned int i;
- DIR *dir_from, *dir_to;
- dir_to = opendir(udev_get_dev_path(udev));
- if (dir_to == NULL)
- return;
-
- /* create standard symlinks to /proc */
for (i = 0; i < ARRAY_SIZE(stdlinks); i++) {
- udev_selinux_setfscreateconat(udev, dirfd(dir_to), stdlinks[i].link, S_IFLNK);
- if (symlinkat(stdlinks[i].target, dirfd(dir_to), stdlinks[i].link) < 0 && errno == EEXIST)
- utimensat(dirfd(dir_to), stdlinks[i].link, NULL, AT_SYMLINK_NOFOLLOW);
+ udev_selinux_setfscreateconat(udev, dirfd(dir), stdlinks[i].link, S_IFLNK);
+ if (symlinkat(stdlinks[i].target, dirfd(dir), stdlinks[i].link) < 0 && errno == EEXIST)
+ utimensat(dirfd(dir), stdlinks[i].link, NULL, AT_SYMLINK_NOFOLLOW);
udev_selinux_resetfscreatecon(udev);
}
+}
+
+static void static_dev_create_from_devices(struct udev *udev, DIR *dir)
+{
+ DIR *dir_from;
- /* copy content from /lib/udev/devices to /dev */
dir_from = opendir(LIBEXECDIR "/devices");
- if (dir_from != NULL) {
- copy_dir(udev, dir_from, dir_to, 8);
- closedir(dir_from);
- }
+ if (dir_from == NULL)
+ return;
+ copy_dir(udev, dir_from, dir, 8);
+ closedir(dir_from);
+}
+
+static void static_dev_create(struct udev *udev)
+{
+ DIR *dir;
- closedir(dir_to);
+ dir = opendir(udev_get_dev_path(udev));
+ if (dir == NULL)
+ return;
+
+ static_dev_create_links(udev, dir);
+ static_dev_create_from_devices(udev, dir);
+
+ closedir(dir);
}
static int mem_size_mb(void)
if (write(STDERR_FILENO, 0, 0) < 0)
dup2(fd, STDERR_FILENO);
- prepare_dev(udev);
-
/* init control socket, bind() ensures, that only one udevd instance is running */
udev_ctrl = udev_ctrl_new_from_socket(udev, UDEV_CTRL_SOCK_PATH);
if (udev_ctrl == NULL) {
max_childs = strtoul(value, NULL, 10);
info(udev, "initialize max_childs to %u\n", max_childs);
+ static_dev_create(udev);
+ static_dev_create_from_modules(udev);
+ udev_rules_apply_static_dev_perms(rules);
+
udev_list_init(&event_list);
udev_list_init(&worker_list);