On Tue, 2022-08-09 at 11:10 +0200, Bastien Nocera wrote: > The process goes something like: > - change permissions on the device node so user A can't access it > - revoke access so that the device is effectively "muted" > - change permissions on the device node so user B can access it > > It's already what exists for input devices. Correction, it does: - change ACL on device from user A to user B: https://github.com/systemd/systemd/blob/main/src/shared/devnode-acl.c#L139 - revoke access for user A: https://github.com/systemd/systemd/blob/main/src/login/logind-session-device.c#L116
