On Mon, 2004-08-23 at 09:12 -0400, Alan Cox wrote: > > HAL needs to run as root to invoke callouts. See this diagram > > http://freedesktop.org/~david/hal-spec/hal-spec.html#ov_hal_linux26 > > Needs some rights. Root is kind of going away in SELinux. > Sure. > > and surrounding text for more information, background etc. Presumably we > > can move to callouts (such as fstab-sync) to a separate helper process > > and by then drop a lot of privileges etc. Until that happens we need to > > run as root because the callouts may need privileges. > > Yep. So all your callouts touch complex shared files with locking rules > and possible race attacks (or without sane locking rules sometimes). Hard > to avoid though > Not anymore; in hal HEAD (will be out in the next release pretty, some of it is already in the rawhide version) all callouts per device run sequentially and a device isn't processed before the callouts from the parent is complete. But in general, yeah, if you touch an important file, like /etc/fstab, you should of course use locking. > Take a look at how magicdev does things. Magicdev sucks but it does the basic > open device, unlock door and poll stuff although it doesn't use the newer > media stuff > Hmm, IIRC hal does basically pretty much the same as magicdev. Would the newer media stuff mean that we can indeed detect media changes without ruining everything? Btw, Alan, please file a bug against hal so we can it to work with your cd changer or at least make sure that it doesn't screw anything up the way you describe. Thanks, David
