During my testing I've noticed the following issue.
I may be doing something wrong so please let me know if I'm way off.
Most of this detail is from the following URL (and relevant links within)
http://www.x.org/wiki/Events/XDC2012/XDC2012AbstractAlanCoopersmith/SolarisXorgPrivileges.pdf
Solaris 11 uses "/etc/logindevperm" and "/dev/vt/console_user" to set
the permissions of relevant devices.
As I understand it, an "ioctl" call is made by Xorg to the kernel to set
the permissions of the devices and the "console".
Normally GDM sends a trigger to Xorg. Xorg then makes an "ioctl" call
to the kernel which sets the permission to the user logged into the
console. Below is an example when logged onto the console via GDM as
"murrayb".
$ ls -l /dev/vt
total 0
...<snip>...
*crw--w---- 1 murrayb tty 144, 7 Nov 17 00:56 7*
...<snip>...
lrwxrwxrwx 1 root root 1 Nov 17 00:55 active -> 7
lrwxrwxrwx 1 root root 1 Nov 17 00:55 console_user -> 7
Permissions on all devices listed in "/etc/logindevperm" are also set to
the "console_user", including the sound devices.
$ cat /etc/logindevperm | grep /dev/sound
/dev/vt/console_user 0600 /dev/sound/* # audio devices
When logged into the console via Dtlogin as "murrayb", these are the
permissions.
$ ls -l /dev/vt
total 0
...<snip>...
*crw------- 1 root root 270, 7 Nov 18 21:29 7*
...<snip>...
lrwxrwxrwx 1 root root 1 Nov 18 21:29 active -> 7
lrwxrwxrwx 1 root root 1 Nov 19 15:23 console_user -> 7
This mean that all devices in "/etc/logindevperm" can only be accessed
by "root" unless the permissions are changed manually.
The Dtlogin provided with Solaris from Sun/Oracle was obviously patched
to send the relevant trigger to Xorg.
The patch used in GDM can be found here (I think this is it)
https://hg.java.net/hg/solaris-desktop~spec-files/file/eb13b6860b6c/patches/gdm-28-logindevperm.diff
I'm trying to locate the relevant patch for Dtlogin but considering it
was closed source at the time, it may not be readily available.
Note that when running CDE via "env LANG=C startx /usr/dt/bin/Xsession"
the permissions on the relevant files are fine but I noticed that the
search folders for DT related files are different. Not sure why that is.
Regards
Murray
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
cdesktopenv-devel mailing list
cdesktopenv-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/cdesktopenv-devel
