Author: dnicholson
Date: 2006-08-09 08:21:54 -0600 (Wed, 09 Aug 2006)
New Revision: 6282
Modified:
trunk/BOOK/general/sysutils/hal.xml
trunk/BOOK/gnome/add/gnome-volume-manager.xml
trunk/BOOK/introduction/welcome/changelog.xml
trunk/BOOK/postlfs/config/devices.xml
trunk/BOOK/postlfs/security/iptables.xml
Log:
Configuration for HAL and gnome-volume-manager without pam_console.
Modified: trunk/BOOK/general/sysutils/hal.xml
===================================================================
--- trunk/BOOK/general/sysutils/hal.xml 2006-08-09 14:20:38 UTC (rev 6281)
+++ trunk/BOOK/general/sysutils/hal.xml 2006-08-09 14:21:54 UTC (rev 6282)
@@ -41,10 +41,8 @@
providing a rich and extensible description of device characteristics and
features. One example of the functionality provided by
<application>HAL</application> is when you plug in a USB storage device.
- <application>HAL</application> can automatically create an appropriate
- entry in the <filename>/etc/fstab</filename> file and create the
- corresponding mount point in
- <filename class="directory">/media</filename>.</para>
+ <application>HAL</application> can automatically create a mount point in
+ <filename class="directory">/media</filename> and mount the device.</para>
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing="compact">
@@ -266,7 +264,8 @@
<sect3 id="hal-config">
<title>Config Files</title>
- <para><filename>/etc/dbus-1/system.d/hal.conf</filename> and
+ <para><filename>/etc/dbus-1/system.d/hal.conf</filename>,
+ <filename>/etc/dbus-1/system.d/halusers.conf</filename> and
<filename>/etc/hal/*</filename></para>
<indexterm zone="hal hal-config">
@@ -274,14 +273,71 @@
</indexterm>
<indexterm zone="hal hal-config">
+ <primary
sortas="e-etc-dbus-1-system.d-halusers.conf">/etc/dbus-1/system.d/halusers.conf</primary>
+ </indexterm>
+
+ <indexterm zone="hal hal-config">
<primary sortas="e-etc-hal-star">/etc/hal/*</primary>
</indexterm>
</sect3>
+ <sect3><title>Configuration Information</title>
+
+ <para>The default setup for <application>HAL</application> is to allow
+ only certain users to invoke methods such as Mount(). These are
+ the <systemitem class="username">root</systemitem> user and the user
+ determined to be at the active console using <ulink
+ url="&blfs-wiki;/linux-pam">pam_console</ulink>. If you are not set
+ up to use <xref linkend="linux-pam"/> and <ulink
+ url="&blfs-wiki;/linux-pam">pam_console</ulink>, create a group that
+ is allowed to invoke <application>HAL</application> methods with the
+ following commands:</para>
+
+<screen role="root"><userinput>groupadd -g 61 halusers &&
+cat > /etc/dbus-1/system.d/halusers.conf << "EOF"
+<literal><!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+
+ <!-- Allow users in the halusers group invoke HAL methods -->
+ <policy group="halusers">
+ <allow
send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"/>
+ <allow send_interface="org.freedesktop.Hal.Device.LaptopPanel"/>
+ <allow send_interface="org.freedesktop.Hal.Device.Volume"/>
+ <allow send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/>
+ </policy>
+
+</busconfig></literal>
+EOF</userinput></screen>
+
+ <para>Now add the users you would like to the <systemitem
+ class="groupname">halusers</systemitem> group to use
+ <application>HAL</application>. Note that these users still need
+ to have appropriate permissions to access the devices that
+ <application>HAL</application> will invoke its methods on.</para>
+
+ <para><application>HAL</application> only provides the methods such
+ as Mount() to act on hardware. In order to take advantage of these,
+ a <application>HAL</application> event handler such as
+ <xref linkend="gnome-volume-manager"/> or <ulink
+ url="http://ivman.sourceforge.net/";>Ivman</ulink> should be
+ installed.</para>
+
+ <!-- Following note is only relevant for HAL-0.5.7.x.
+ Fixed upstream. -->
+ <note>
+ <para><application>HAL</application> will ignore any devices listed
+ in <filename>/etc/fstab</filename> for the purpose of automounting.
+ You must remove any listings for devices that you would like
+ automounted such as CD-ROMs or USB keys.</para>
+ </note>
+
<!-- This section commented out for now until it is determined what should
be placed in this section
- <sect3><title>Configuration Information</title>
+ FIXME: I think this information is still relevant with the
+ exception of its interaction with /etc/fstab. Needs investigation.
<para>No configuration is necessary for the majority of installations
on systems configured with ISO-8859-1 compatible locales. The defaults
@@ -355,10 +411,10 @@
</note>
+ -->
+
</sect3>
- -->
-
<sect3 id="hal-init">
<title>Boot Script</title>
Modified: trunk/BOOK/gnome/add/gnome-volume-manager.xml
===================================================================
--- trunk/BOOK/gnome/add/gnome-volume-manager.xml 2006-08-09 14:20:38 UTC
(rev 6281)
+++ trunk/BOOK/gnome/add/gnome-volume-manager.xml 2006-08-09 14:21:54 UTC
(rev 6282)
@@ -110,9 +110,13 @@
<xi:include xmlns:xi="http://www.w3.org/2003/XInclude";
href="../../xincludes/gnome-sysconfdir.xml"/>
- <para><parameter>--disable-multiuser</parameter>: This parameter is used
- because a stock [B]LFS system does not have the appropriate setup to use
- the multiuser capability.</para>
+ <para><parameter>--disable-multiuser</parameter>: Without this parameter,
+ <application>gnome-volume-manager</application> will only allow the user
+ who is at the active console to manage volumes. This is determined
+ through the <xref linkend="linux-pam"/> module <ulink
+ url="&blfs-wiki;/linux-pam">pam_console</ulink>. If your system is
+ configured to use <ulink url="&blfs-wiki;/linux-pam">pam_console</ulink>,
+ you can drop this parameter.</para>
</sect2>
Modified: trunk/BOOK/introduction/welcome/changelog.xml
===================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml 2006-08-09 14:20:38 UTC
(rev 6281)
+++ trunk/BOOK/introduction/welcome/changelog.xml 2006-08-09 14:21:54 UTC
(rev 6282)
@@ -59,6 +59,10 @@
vulnerabilities in Xorg-6.9.0. See ticket #2100. Removed
fix for Glibc sys/kd.h as it is now in LFS stable.</para>
</listitem>
+ <listitem>
+ <para>[dnicholson] - Added configuration for HAL and
+ gnome-volume-manager for use without the pam_console module.</para>
+ </listitem>
</itemizedlist>
</listitem>
Modified: trunk/BOOK/postlfs/config/devices.xml
===================================================================
--- trunk/BOOK/postlfs/config/devices.xml 2006-08-09 14:20:38 UTC (rev
6281)
+++ trunk/BOOK/postlfs/config/devices.xml 2006-08-09 14:21:54 UTC (rev
6282)
@@ -35,7 +35,7 @@
sound card becomes random. The method to establish sound card order
depends on whether the drivers are modules or not. If the sound card
drivers are compiled into the kernel, control is via kernel command line
- parameters in <filename>/boot/grib/menu.lst</filename>. For example,
+ parameters in <filename>/boot/grub/menu.lst</filename>. For example,
if a system has both an FM801 card and a SoundBlaster PCI card, the
following can be appended to the command line:</para>
Modified: trunk/BOOK/postlfs/security/iptables.xml
===================================================================
--- trunk/BOOK/postlfs/security/iptables.xml 2006-08-09 14:20:38 UTC (rev
6281)
+++ trunk/BOOK/postlfs/security/iptables.xml 2006-08-09 14:21:54 UTC (rev
6282)
@@ -16,7 +16,7 @@
<!-- <para>This package does not come with a test suite.</para> -->
<!-- <para>To test the results, issue: <command>make
check</command>.</para> -->
- <!ENTITY iptables-download-http
"http://www.iptables.org/files/iptables-&iptables-version;.tar.bz2";>
+ <!ENTITY iptables-download-http
"http://www.netfilter.org/projects/iptables/files/iptables-&iptables-version;.tar.bz2";>
<!ENTITY iptables-download-ftp
"ftp://ftp.netfilter.org/pub/iptables/iptables-&iptables-version;.tar.bz2";>
<!ENTITY iptables-md5sum "00fb916fa8040ca992a5ace56d905ea5">
<!ENTITY iptables-size "187 KB">
--
http://linuxfromscratch.org/mailman/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
