diff options
author | Kay Sievers <kay.sievers@vrfy.org> | 2011-07-14 02:02:35 +0200 |
---|---|---|
committer | Kay Sievers <kay.sievers@vrfy.org> | 2011-07-14 02:02:35 +0200 |
commit | c874e22e0da6f87aa72ade635f11421e6ecb6e48 (patch) | |
tree | ecf2b34607249f54a7732d681cc40f36c60c2784 | |
parent | 1985c76e48753c200b5a15630b00245c3f60775b (diff) |
udev-acl: skip ACLs when systemd is running, disable by default
-rw-r--r-- | Makefile.am | 2 | ||||
-rw-r--r-- | configure.ac | 28 | ||||
-rw-r--r-- | extras/udev-acl/70-udev-acl.rules (renamed from extras/udev-acl/70-acl.rules) | 3 |
3 files changed, 18 insertions, 15 deletions
diff --git a/Makefile.am b/Makefile.am index 0599bb24cf..d2e9b855fe 100644 --- a/Makefile.am +++ b/Makefile.am @@ -360,7 +360,7 @@ if ENABLE_UDEV_ACL extras_udev_acl_udev_acl_SOURCES = extras/udev-acl/udev-acl.c extras_udev_acl_udev_acl_CPPFLAGS = $(AM_CPPFLAGS) $(GLIB_CFLAGS) extras_udev_acl_udev_acl_LDADD = libudev/libudev-private.la -lacl $(GLIB_LIBS) -dist_udevrules_DATA += extras/udev-acl/70-acl.rules +dist_udevrules_DATA += extras/udev-acl/70-udev-acl.rules libexec_PROGRAMS += extras/udev-acl/udev-acl udevacl-install-hook: diff --git a/configure.ac b/configure.ac index 7bdb229043..d1327ab5d2 100644 --- a/configure.ac +++ b/configure.ac @@ -127,20 +127,6 @@ fi AM_CONDITIONAL([ENABLE_HWDB], [test "x$enable_hwdb" = xyes]) # ------------------------------------------------------------------------------ -# udev_acl - apply ACLs for users with local forground sessions -# ------------------------------------------------------------------------------ -AC_ARG_ENABLE([udev_acl], - AS_HELP_STRING([--disable-udev_acl], [disable local user acl permissions support]), - [], [enable_udev_acl=yes]) -if test "x$enable_udev_acl" = xyes; then - AC_CHECK_LIB([acl], [acl_init], [:], AC_MSG_ERROR([libacl not found])) - AC_CHECK_HEADER([acl/libacl.h], [:], AC_MSG_ERROR([libacl header not found])) - - PKG_CHECK_MODULES([GLIB], [glib-2.0 >= 2.22.0 gobject-2.0 >= 2.22.0]) -fi -AM_CONDITIONAL([ENABLE_UDEV_ACL], [test "x$enable_udev_acl" = xyes]) - -# ------------------------------------------------------------------------------ # GUdev - libudev gobject interface # ------------------------------------------------------------------------------ AC_ARG_ENABLE([gudev], @@ -184,6 +170,20 @@ fi AM_CONDITIONAL([ENABLE_KEYMAP], [test "x$enable_keymap" = xyes]) # ------------------------------------------------------------------------------ +# udev_acl - apply ACLs for users with local forground sessions +# ------------------------------------------------------------------------------ +AC_ARG_ENABLE([udev_acl], + AS_HELP_STRING([--enable-udev_acl], [enable local user acl permissions support]), + [], [enable_udev_acl=no]) +if test "x$enable_udev_acl" = xyes; then + AC_CHECK_LIB([acl], [acl_init], [:], AC_MSG_ERROR([libacl not found])) + AC_CHECK_HEADER([acl/libacl.h], [:], AC_MSG_ERROR([libacl header not found])) + + PKG_CHECK_MODULES([GLIB], [glib-2.0 >= 2.22.0 gobject-2.0 >= 2.22.0]) +fi +AM_CONDITIONAL([ENABLE_UDEV_ACL], [test "x$enable_udev_acl" = xyes]) + +# ------------------------------------------------------------------------------ # create_floppy_devices - historical floppy kernel device nodes (/dev/fd0h1440, ...) # ------------------------------------------------------------------------------ AC_ARG_ENABLE([floppy], diff --git a/extras/udev-acl/70-acl.rules b/extras/udev-acl/70-udev-acl.rules index 5dc5ed0bfc..2dac283101 100644 --- a/extras/udev-acl/70-acl.rules +++ b/extras/udev-acl/70-udev-acl.rules @@ -6,6 +6,9 @@ ENV{MAJOR}=="", GOTO="acl_end" ACTION=="remove", GOTO="acl_apply" +# systemd replaces udev-acl entirely, skip if active +TEST=="/sys/fs/cgroup/systemd", TAG=="uaccess", GOTO="acl_end" + # PTP/MTP protocol devices, cameras, portable media players SUBSYSTEM=="usb", ENV{ID_USB_INTERFACES}=="*:060101:*", TAG+="udev-acl" |