Re: How to set device permissions at startup
Oliver Fromme wrote: Aryeh M. Friedman wrote: > Oliver Fromme wrote: > > Roland Smith wrote: > > > But one has to run '/etc/rc.d/devfs restart' for newly added rules to take > > > effect! (or reboot the system, which is overkill). > > > > Yes, of course. I thought that was obvious. > > > > > Maybe I whould add that to the manual page for devfs.rules? > > > > Agreed, that might be an appropriate clarification. > > It should be included because not everyone uses the standard /etc/rc.* > hierachy. For example I have a completely custom rc which before I did > an other hack to make this issue not an issue read: Well, if you completely rewrite /etc/rc, then you're on your own anyway, and you're supposed to know what you're doing. In general it is not a good idea and will lead to serious foot-shooting. By the way, what is the reason that you don't use the standard rc(8) facilities? I don't see anything in you custom script that wouldn't be covered by them. Mostly a matter of style... namely I personally like to know every last detail of how my machine boots (even having the hald and dbus onestarts is too much relience on "magic code" (code that works but is overly complex and hard to understand) but I was not able to deduce by reading their startup srcipts/man pages/ps -agx listings what args they needed so had to use the rc.d's)... in general it is a "bad thing" to have code that is not 100% user understandable (read not 100% author unreadable)... the metaphor I often give is it is like the difference between a modern computer controlled car and say a model T or VW bug (the first being so complex that only an expert can work on it and the second being simple enough that any mechincally inclined owner can work on it)... same thing with devfs (an other common example is ipfw and natd [those man pages are greate because if you read them close enough it tells you everything you need to know to set up a vpn router/firewall from scratch) there are a number of cases where stuff is not fully documented for stuff like this in the base system and/or ports (sysutils/fusefs-ntfs is a classic example because it fails to state that you need to export the PATH with /usr/loca/sbin on it) Bottom line 99% of the "weird" aspects in my rc (calling rc.d's and such) are due to incomplete documentation ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to set device permissions at startup
Aryeh M. Friedman wrote: > Oliver Fromme wrote: > > Roland Smith wrote: > > > But one has to run '/etc/rc.d/devfs restart' for newly added rules to > > > take > > > effect! (or reboot the system, which is overkill). > > > > Yes, of course. I thought that was obvious. > > > > > Maybe I whould add that to the manual page for devfs.rules? > > > > Agreed, that might be an appropriate clarification. > > It should be included because not everyone uses the standard /etc/rc.* > hierachy. For example I have a completely custom rc which before I did > an other hack to make this issue not an issue read: Well, if you completely rewrite /etc/rc, then you're on your own anyway, and you're supposed to know what you're doing. In general it is not a good idea and will lead to serious foot-shooting. By the way, what is the reason that you don't use the standard rc(8) facilities? I don't see anything in you custom script that wouldn't be covered by them. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "A language that doesn't have everything is actually easier to program in than some that do." -- Dennis M. Ritchie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to set device permissions at startup
Oliver Fromme wrote: Roland Smith wrote: > Oliver Fromme wrote: > > Quote from the manpage: > > "The devfs.rules file provides an easy way to create and apply > > devfs(8) rules, even for devices that are not available at boot." > > > > The rules take effect whenever a new node (devide) appears, > > even after devfs was mounted. > > But one has to run '/etc/rc.d/devfs restart' for newly added rules to take > effect! (or reboot the system, which is overkill). Yes, of course. I thought that was obvious. > Maybe I whould add that to the manual page for devfs.rules? Agreed, that might be an appropriate clarification. Best regards Oliver It should be included because not everyone uses the standard /etc/rc.* hierachy. For example I have a completely custom rc which before I did an other hack to make this issue not an issue read: #!/bin/sh PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/boot/kernel:/boot/modules export PATH kldload fuse swapon -a fsck -p mount -rw / mount -a sysctl vfs.usermount=1 ntfs-3g /dev/ad4s1 /mnt/c /usr/local/etc/rc.d/hald onestart hostname aryeh-desktop.istudentunion.com ifconfig ale0 192.168.2.2 ifconfig lo0 127.0.0.1 route add 127.0.0.1 102.168.2.2 route add default 192.168.2.1 named ntpdate pool.ntp.org cupsd noip2 sendmail -bd -q1m ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to set device permissions at startup
Roland Smith wrote: > Oliver Fromme wrote: > > Quote from the manpage: > > "The devfs.rules file provides an easy way to create and apply > > devfs(8) rules, even for devices that are not available at boot." > > > > The rules take effect whenever a new node (devide) appears, > > even after devfs was mounted. > > But one has to run '/etc/rc.d/devfs restart' for newly added rules to take > effect! (or reboot the system, which is overkill). Yes, of course. I thought that was obvious. > Maybe I whould add that to the manual page for devfs.rules? Agreed, that might be an appropriate clarification. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd With Perl you can manipulate text, interact with programs, talk over networks, drive Web pages, perform arbitrary precision arithmetic, and write programs that look like Snoopy swearing. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to set device permissions at startup
On Fri, Oct 09, 2009 at 12:34:21PM +0200, Oliver Fromme wrote: > Aryeh M. Friedman wrote: > > Herbert J. Skuhra wrote: > > > Den 9. okt. 2009 kl. 05.25 skrev "Aryeh M. Friedman" > > > : > > > > > > > Since certain currently unused devices are not created in /dev > > > > (specifically in my case /dev/fuse*) how do I tell what ever (I can't > > > > tell it is devfs or what) to always make /dev/fuse* (when needed) > > > > with 777 perms (the security implications are not an issue here) > > > > > > Have you tried devfs.rules(5)? > > > > yes and since the device doesn't exist at the mount time for devfs they > > are ignored > > Then you did something wrong, or you're confusing devfs.rules > and devfs.conf. > > Quote from the manpage: > "The devfs.rules file provides an easy way to create and apply > devfs(8) rules, even for devices that are not available at boot." > > The rules take effect whenever a new node (devide) appears, > even after devfs was mounted. But one has to run '/etc/rc.d/devfs restart' for newly added rules to take effect! (or reboot the system, which is overkill). You can try it out by adding a rule to /etc/devfs.rules and running 'devfs rule show' (as root). The new rule won't show up until after one has run 'etc/rc.d/devfs restart'. Maybe I whould add that to the manual page for devfs.rules? I thought this was obvious, because most if not all rc.d scripts work that way, but mayby it's not clear enough. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpC0k2H279Ni.pgp Description: PGP signature
Re: How to set device permissions at startup
On Fri, Oct 09, 2009 at 02:18:46AM -0400, Aryeh M. Friedman wrote: > Roland Smith wrote: > > On Thu, Oct 08, 2009 at 11:25:12PM -0400, Aryeh M. Friedman wrote: > > > >> Since certain currently unused devices are not created in /dev > >> (specifically in my case /dev/fuse*) how do I tell what ever (I can't > >> tell it is devfs or what) to always make /dev/fuse* (when needed) with > >> 777 perms (the security implications are not an issue here) > > > > See devfs.rules(5). > > Should of been more specific in the orginal question then I added a rule > and since the device doesn't exist at devfs mount time it does not honor > the rule Do you have a ruleset named in /etc/devfs.rules? And is it enabled in /etc/rc.conf? Have you restarted devfs after changing /etc/devfs.rules? Can you post your /etc/devfs.rules, and the output of 'devfs rule show'? Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpWA3xCX7cFM.pgp Description: PGP signature
Re: How to set device permissions at startup
Aryeh M. Friedman wrote: > Herbert J. Skuhra wrote: > > Den 9. okt. 2009 kl. 05.25 skrev "Aryeh M. Friedman" > > : > > > > > Since certain currently unused devices are not created in /dev > > > (specifically in my case /dev/fuse*) how do I tell what ever (I can't > > > tell it is devfs or what) to always make /dev/fuse* (when needed) > > > with 777 perms (the security implications are not an issue here) > > > > Have you tried devfs.rules(5)? > > yes and since the device doesn't exist at the mount time for devfs they > are ignored Then you did something wrong, or you're confusing devfs.rules and devfs.conf. Quote from the manpage: "The devfs.rules file provides an easy way to create and apply devfs(8) rules, even for devices that are not available at boot." The rules take effect whenever a new node (devide) appears, even after devfs was mounted. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing b. M. Handelsregister: Registergericht Muenchen, HRA 74606, Geschäftsfuehrung: secnetix Verwaltungsgesellsch. mbH, Handelsregister: Registergericht Mün- chen, HRB 125758, Geschäftsführer: Maik Bachmann, Olaf Erb, Ralf Gebhart FreeBSD-Dienstleistungen, -Produkte und mehr: http://www.secnetix.de/bsd "Python is an experiment in how much freedom programmers need. Too much freedom and nobody can read another's code; too little and expressiveness is endangered." -- Guido van Rossum ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to set device permissions at startup
Roland Smith wrote: On Thu, Oct 08, 2009 at 11:25:12PM -0400, Aryeh M. Friedman wrote: Since certain currently unused devices are not created in /dev (specifically in my case /dev/fuse*) how do I tell what ever (I can't tell it is devfs or what) to always make /dev/fuse* (when needed) with 777 perms (the security implications are not an issue here) See devfs.rules(5). Should of been more specific in the orginal question then I added a rule and since the device doesn't exist at devfs mount time it does not honor the rule ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to set device permissions at startup
On Thu, Oct 08, 2009 at 11:25:12PM -0400, Aryeh M. Friedman wrote: > Since certain currently unused devices are not created in /dev > (specifically in my case /dev/fuse*) how do I tell what ever (I can't > tell it is devfs or what) to always make /dev/fuse* (when needed) with > 777 perms (the security implications are not an issue here) See devfs.rules(5). Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpAjOIhCcIn6.pgp Description: PGP signature
Re: How to set device permissions at startup
Herbert J. Skuhra wrote: Den 9. okt. 2009 kl. 05.25 skrev "Aryeh M. Friedman" : Since certain currently unused devices are not created in /dev (specifically in my case /dev/fuse*) how do I tell what ever (I can't tell it is devfs or what) to always make /dev/fuse* (when needed) with 777 perms (the security implications are not an issue here) Have you tried devfs.rules(5)? -Herbert ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" yes and since the device doesn't exist at the mount time for devfs they are ignored ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to set device permissions at startup
Den 9. okt. 2009 kl. 05.25 skrev "Aryeh M. Friedman" >: Since certain currently unused devices are not created in /dev (specifically in my case /dev/fuse*) how do I tell what ever (I can't tell it is devfs or what) to always make /dev/fuse* (when needed) with 777 perms (the security implications are not an issue here) Have you tried devfs.rules(5)? -Herbert ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"