Hi list, Dave Mielke <[email protected]> writes: > [quoted lines by Aura Kelloniemi on 2020/08/23 at 11:48 +0300] > >But aren't there two things to test? > Yes, exactly! And I'd also like to test this on your system anyway, just to > be > sure that that part of the code isn't contributing to the problem.
I'll send you the log off-list. > >The other thing to test is whether the systemd configuration works. As far > >as > >I understand, the [email protected] defines the User, Group and > >AmbientCapabilities because systemd is capable for setting them for BRLTTY > >by > >itself. This I cannot test by running from the build tree, unless I install > >the systemd config files, which has nasty consequences on my system. > Okay, This is how I do it: Thank you for this explanation. I did not know about the service.d directory trick. > >crw------- 1 secret_user_name tty 4, 1 Aug 22 21:37 /dev/tty1 > Some hacker will figure it out! :-) Anyway, it looks good. I call them crackers. I leave figuring out this detail as an exercise for the reader. > So, just to get my understanding correct, when you start brltty as root, and > it > doesn't switch to an unprivileged user, is it having the tty1 access problem? > I'm confirming because it doesn't seem to make any sense. Yes, this is the case. I suppose, the fiddling with the capabilities somehow causes the root account not to be root anymore. As far as I understand, root (in Linux, nowadays) is a predefined set of capabilities. Could it be that when BRLTTY adds capabilities, it (implicitly) at the same time drops the normal root capabilities, and then it does not matter any more that the process has uid 0. -- Aura _______________________________________________ This message was sent via the BRLTTY mailing list. To post a message, send an e-mail to: [email protected] For general information, go to: http://brltty.app/mailman/listinfo/brltty
