Attila schrieb:
If the default group of some of these devices should be changed (looks like tun should be in the network group by default), please file a bug reportOh, i don't know if tun should have this permissions or if the file mask 666 is needed from another application. Until udev-139 this was my way and that is the reason why i recognized it.
In /lib/udev/devices, I simply replicated the default udev rule from 139 (which says root:root, 0666).
The permissions of /dev/net/tun do not matter at all. If you access the device, you will only be able to use those interfaces that you own. Creating interfaces and setting the owner requires privileges.
For example, if you run tunctl -u attila -t tap0the only users that can access the tap0 device are attila and root. The kernel checks the permissions separately and independently of the permissions of the special file.
I'm only wondering that nothing from rules.d or permissions.d is used for creating this device. The loop devices at example has the same permissions as in /etc/udev/permissions.d/udev.permissions.
These devices are simply copied in rc.sysinit line 23: /bin/cp -a /lib/udev/devices/* /dev/udev rules are not applied until the module is loaded and a uevent for creating the device is issued, then udev reads the rule(s) and acts accordingly.
Attachment:
signature.asc
Description: OpenPGP digital signature
