tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Ownership of ugen usb devices

Hey folks,

while investigation possible solutions for PR 50340 (can't use uscanner*
any more since the last sane-backends update), I thought about options
to chown only a subset of usb devices to the current user owning the
console, the idea is to pass things like scanners and epass/yubikey
over, but not arbitrary devices happening to be connected via usb.

Of course this is an admin decision and needs to be local configurable.
Idealy it should be simple pattern list in /etc, but I did not get quite

This all is important if you want to run tools like xsane (that can not
run as root in any sane X config, but would need root to access the
scanner device nodes). With uscannner* it was simple to chown only the
uscanner* device nodes, but if you do not want that for all ugen* devices,
it becomes tricky.

The stuff attached depends on a (yet uncommited) patch by Jared to add
a -x option to usbdevs, which acts like this:

# usbdevs -x ugen0
ugen0 product=0x0001 vendor=0x055f rev=1.00

With this output it is easy to match the devices we are interested in.
So I created three scripts:

	this one gets the devices description and decides whether to
	chwon to the user or not. Idealy it would read a list file,
	but this was a good start for testing.

	this gests the device name passed and would be called either from
	a devpubd hook handling the attach event, or from
	/etc/X11/xdm/TakeConsole when the user logs in (and devices are
	already present)

	called from /etc/X11/xdm/GiveConsole when the user logs out

Comments or better ideas how to handle this welcome!


Description: Bourne shell script

Home | Main Index | Thread Index | Old Index