I am sponsoring this case for Gaopeng Chen.
Requested binding is patch/micro, timeout 06/13/2007.
-Artem.
Template Version: @(#)sac_nextcase 1.61 05/24/07 SMI
This information is Copyright 2007 Sun Microsystems
1. Introduction
1.1. Project/Component Working Name:
logindevperm device exception list
1.2. Name of Document Author/Supplier:
Author: Gaopeng Chen
1.3 Date of This Document:
06 June, 2007
4. Technical Description
4.1. Problem
The default logindevperm(4) policy assigns ownership of all
USB multi-interface devices to the console user:
# console mode devices
/dev/console 0600 /dev/usb/[0-9a-f]+[.][0-9a-f]+/[0-9]+/* \
driver=scsa2usb,usb_mid,usbprn,ugen #libusb/ugen devices
However, it might not be a safe choice for certain devices, such as
fingerprint readers or smartdcards. We need an opt out method.
4.2. Proposal
Introduce a new optional modifier, "except_dev", that contains a
comma-separated list of devices to which the current entry should
not apply. For example:
/dev/console 0600 /dev/usb/[0-9a-f]+[.][0-9a-f]+/[0-9]+/* \
driver=scsa2usb,usb_mid,usbprn,ugen \
except_dev=/dev/usb/483.2016/*,/dev/usb/45e.bb/*
The permissions of the two USB devices identified by product/vendor
IDs 483.2016 and 45e.bb will not be affected by logindevperm.
4.3. Interfaces
---------------------+-----------+----------------------------------
logindevperm(4) | Committed | login-based device permissions
---------------------+-----------+----------------------------------
Binding: patch/micro
6. Resources and Schedule
6.4. Steering Committee requested information
6.4.1. Consolidation C-team Name:
ON
6.5. ARC review type: FastTrack
