Re: [systemd-devel] How to unset "uaccess" tag in udev rule?
Hi On Sun, Mar 26, 2017 at 8:07 PM, Manuel Reimerwrote: > On 03/25/2017 05:16 PM, David Herrmann wrote: So far I did this by creating an empty file with the same name in /etc/udev/rules.d which works well, but for no reason the name was changed some time ago which overrides my empty file and reactivates the problematic rule. >>> >>> That's the only way. Tags cannot be unset. >> >> >> Use TAG-="foobar". > > > I've tried that and it doesn't work. The `-=' operator was introduced for exactly this use-case (which the commit I quoted should explain). If it does not work, it has to be fixed. Last time I checked, it worked. Hence, if you need help using it, please give us as much information as possible. Please verify the operator works with something that is not already used (set some random TAG and remove it again, check with `udevadm` whether it works). If you have no clue how to debug it yourself, please specify _what_ you changed, what systemd version / distro / etc., you're running, so we can reproduce it and help you further. Thanks David ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] How to unset "uaccess" tag in udev rule?
Hi On Tue, Mar 14, 2017 at 10:44 PM, Zbigniew Jędrzejewski-Szmekwrote: > On Sun, Mar 12, 2017 at 07:38:13PM +0100, Manuel Reimer wrote: >> Hello, >> >> my distributor sets the following rule in /usr/lib/udev/rules.d: >> >> KERNEL=="uinput", SUBSYSTEM=="misc", OPTIONS+="static_node=uinput", >> TAG+="uaccess" >> >> I think this is not a good idea and that there is a good reason why >> users can't create uinput devices, so I want to get rid of that >> rule. >> >> So far I did this by creating an empty file with the same name in >> /etc/udev/rules.d which works well, but for no reason the name was >> changed some time ago which overrides my empty file and reactivates >> the problematic rule. > That's the only way. Tags cannot be unset. Use TAG-="foobar". Thanks David commit 8e3ba3772cadf6a8292b0da533062dd4d377af67 Author: David Herrmann Date: Thu Sep 11 13:25:21 2014 +0200 udev: allow removing tags via TAG-="foobar" This extends the udev parser to support OP_REMOVE (-=) and adds support for TAG-= to remove previously set tags. We don't fail if the tag didn't exist. This is pretty handy if we ship default rules for seat-assignments and users want to exclude specific devices from that. They can easily add rules that drop any automatically added "seat" tags again. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] How to unset "uaccess" tag in udev rule?
On Sun, Mar 12, 2017 at 07:38:13PM +0100, Manuel Reimer wrote: > Hello, > > my distributor sets the following rule in /usr/lib/udev/rules.d: > > KERNEL=="uinput", SUBSYSTEM=="misc", OPTIONS+="static_node=uinput", > TAG+="uaccess" > > I think this is not a good idea and that there is a good reason why > users can't create uinput devices, so I want to get rid of that > rule. > > So far I did this by creating an empty file with the same name in > /etc/udev/rules.d which works well, but for no reason the name was > changed some time ago which overrides my empty file and reactivates > the problematic rule. That's the only way. Tags cannot be unset. Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] How to unset "uaccess" tag in udev rule?
Hello, my distributor sets the following rule in /usr/lib/udev/rules.d: KERNEL=="uinput", SUBSYSTEM=="misc", OPTIONS+="static_node=uinput", TAG+="uaccess" I think this is not a good idea and that there is a good reason why users can't create uinput devices, so I want to get rid of that rule. So far I did this by creating an empty file with the same name in /etc/udev/rules.d which works well, but for no reason the name was changed some time ago which overrides my empty file and reactivates the problematic rule. What I want is some rule in /etc/udev/rules.d which nullifies the above rule independent on which name the rule file, which creates it, has. Is this possible and if: How? I tried the following in a file "/etc/udev/rules.d/99-no-uinput-uaccess.rules: KERNEL=="uinput", SUBSYSTEM=="misc", OPTIONS-="static_node=uinput", TAG-="uaccess" But it doesn't work. Still get the ACL which allows users to write to that device. Thanks in advance. Manuel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel