Bill Nottingham wrote:
Ignacio Vazquez-Abrams (ivazquez@xxxxxxxxxxxx) said:
The only problem is that apparently it is hard for an rpm to add a group
when a system is being upgraded between distros; ie, while anaconda
could add this new group just fine, people doing a dist upgrade, it is
claimed, will not get this group installed.
I seem to recall a long-winded discussion about the fedora-usermgmt
package. Perhaps it's time to move it into Core and make it responsible
for creating the groups if needed.
Dynamically modified groups + setgid programs are a poor solution for
device access.
Runtime ACLs done via HAL is probably a better solution - I remember
Colin having some ideas in this area.
Bill
Do you mean using the extended POSIX ACLs instead of just the base ACLs
(traditional unix perms). Otherwise there would be limitations in
sharing a device between users. Should /dev be always in a filesystem
mounted with acl support? Some people might use tmpfs or ramfs for /dev.
Do they support ACLs? What about devpts or capifs?
All in all, I would love to see ACLs used in /dev. That could solve some
other minor problems like the ownership of /dev/tty* when doing a "su"
from root for example.
Charles
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
