diff options
-rw-r--r-- | etc/conf.d/udev | 11 | ||||
-rw-r--r-- | etc/dev.d/default/pam_console.dev | 56 |
2 files changed, 45 insertions, 22 deletions
diff --git a/etc/conf.d/udev b/etc/conf.d/udev deleted file mode 100644 index 50eda3a970..0000000000 --- a/etc/conf.d/udev +++ /dev/null @@ -1,11 +0,0 @@ -# if selinux file attributes -# should be restored (leave to yes, if unsure) -UDEV_SELINUX="yes" - -# if console permissions (pam_console) -# should be restored (leave to yes, if unsure) -UDEV_CONSOLE="yes" - -# if dbus messages should be sent -UDEV_DBUS="no" - diff --git a/etc/dev.d/default/pam_console.dev b/etc/dev.d/default/pam_console.dev index 563051d7f6..4c69ea3576 100644 --- a/etc/dev.d/default/pam_console.dev +++ b/etc/dev.d/default/pam_console.dev @@ -1,18 +1,52 @@ #!/bin/sh -if [ -f /etc/sysconfig/udev ]; then - . /etc/sysconfig/udev -fi +# Fedora solution to set the ownership/permissions of s device to the local +# logged in user. Uses the program pam_console_setowner to match the names of +# the device node and the symlinks against a device list and applies the +# configured ownership and permission to the node. -if [ -f /etc/conf.d/udev ]; then - . /etc/conf.d/udev -fi +[ "$ACTION" != "add" ] && exit 0 + +# we do not have console users in rc.sysinit +[ -n "$IN_INITLOG" ] && exit 0 + +if [ -x /sbin/pam_console_setowner -a -f /var/run/console/console.lock \ + -a -e "$DEVNAME" ]; then -[ "$UDEV_CONSOLE" != "yes" ] && exit 0 + if [ -x /usr/bin/logger ]; then + LOGGER=/usr/bin/logger + elif [ -x /bin/logger ]; then + LOGGER=/bin/logger + else + unset LOGGER + fi + # + # for diagnostics + # + if [ -t 1 -o -z "$LOGGER" ]; then + mesg () { + echo "$@" + } + else + mesg () { + $LOGGER -t $(basename $0)"[$$]" "$@" + } + fi -if [ -x /sbin/pam_console_setowner ]; then - if [ "$UDEV_LOG" = "yes" ] && [ -x /usr/bin/logger ]; then - /usr/bin/logger -p auth.debug "Restoring console permissions for $DEVNAME" + debug_mesg () { + test "$udev_log" = "" -o "$udev_log" = "no" && return + mesg "$@" + } + + if [ -f /etc/udev/udev.conf ]; then + . /etc/udev/udev.conf fi - exec /sbin/pam_console_setowner $DEVNAME + + SYMLINKS="" + for i in $(/usr/bin/udevinfo -q symlink -p "$DEVPATH"); do + [ $? -gt 0 ] && break + SYMLINKS="$SYMLINKS ${udev_root%%/}/$i" + done + debug_mesg "Restoring console permissions for $DEVNAME $SYMLINKS" + /sbin/pam_console_setowner "$DEVNAME" $SYMLINKS fi |