On 01/27/15 21:40, Lennart Poettering wrote: > On Tue, 27.01.15 21:38, Topi Miettinen (toiwo...@gmail.com) wrote: > >>>> CAP_SYS_RAWIO, yes. Only read access is needed otherwise: >>>> DevicePolicy=closed >>>> DeviceAllow=block-sd r >>>> DeviceAllow=/dev/sda r >>>> DeviceAllow=/dev/sdb r >>>> works fine here. >>> >>> You should be able to reduce this to simply: >>> >>> DeviceAllow=block-sd r >>> >>> This should suffic since DevicePolicy=closed is implied if there's at >>> least one DeviceAllow= specified. And "DeviceAllow=block-sd r" enables >>> access to all /dev/sd* access, which includes /dev/sda and /dev/sdb, >>> of course. >> >> In general yes, but I didn't want to allow SMART requests to /dev/sdc, >> it's a DVD-ROM drive and there are useless errors if accessed with >> SMART. > > Well, don't you just get a different error then?
Embarrassingly it looks like I actually fixed the error by editing smartd.conf and not with the unit file... -Topi > > That said, if this is really what you want, then you should really > remove the "DeviceAllow=block-sd r" line, since that opens up access > to /dev/sdc, too... > > Lennart > _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel