tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Ownership of ugen usb devices



Hey folks,

while investigation possible solutions for PR 50340 (can't use uscanner*
any more since the last sane-backends update), I thought about options
to chown only a subset of usb devices to the current user owning the
console, the idea is to pass things like scanners and epass/yubikey
over, but not arbitrary devices happening to be connected via usb.

Of course this is an admin decision and needs to be local configurable.
Idealy it should be simple pattern list in /etc, but I did not get quite
there.

This all is important if you want to run tools like xsane (that can not
run as root in any sane X config, but would need root to access the
scanner device nodes). With uscannner* it was simple to chown only the
uscanner* device nodes, but if you do not want that for all ugen* devices,
it becomes tricky.

The stuff attached depends on a (yet uncommited) patch by Jared to add
a -x option to usbdevs, which acts like this:

# usbdevs -x ugen0
ugen0 product=0x0001 vendor=0x055f rev=1.00

With this output it is easy to match the devices we are interested in.
So I created three scripts:

 usbdev-chown-console-user
	this one gets the devices description and decides whether to
	chwon to the user or not. Idealy it would read a list file,
	but this was a good start for testing.

 usb-take-console
	this gests the device name passed and would be called either from
	a devpubd hook handling the attach event, or from
	/etc/X11/xdm/TakeConsole when the user logs in (and devices are
	already present)

 usb-release-console
	called from /etc/X11/xdm/GiveConsole when the user logs out


Comments or better ideas how to handle this welcome!

Martin

Attachment: libexec-usb.sh
Description: Bourne shell script



Home | Main Index | Thread Index | Old Index