Now that we have a switch in place with kern.video.record which requires
initial root access to enable video recording, I want propose the idea
of making the /dev/video* devices accessible to users who are a member
of the 'video' group:
lrwxr-xr-x 1 root wheel 6 Dec 29 12:38 video -> video0
crw-rw---- 1 root video 44, 0 Dec 29 12:38 video0
crw-rw---- 1 root video 44, 1 Dec 29 12:38 video1
With this we would enable a default setup which avoids running
video programs as root, or pushing people to manually tweak the
/dev/video* permissions.
In this diff I'm re-using group id 6, which was the first free one
found. I'm not sure if this is the right approach.
What do you think?
Index: etc/group
===================================================================
RCS file: /cvs/src/etc/group,v
retrieving revision 1.94
diff -u -p -u -p -r1.94 group
--- etc/group 28 Jan 2020 16:51:03 -0000 1.94
+++ etc/group 29 Dec 2020 11:40:07 -0000
@@ -4,6 +4,7 @@ kmem:*:2:root
sys:*:3:root
tty:*:4:root
operator:*:5:root
+video:*:6:
bin:*:7:
wsrc:*:9:
users:*:10:
Index: etc/MAKEDEV.common
===================================================================
RCS file: /cvs/src/etc/MAKEDEV.common,v
retrieving revision 1.111
diff -u -p -u -p -r1.111 MAKEDEV.common
--- etc/MAKEDEV.common 6 Jul 2020 06:11:26 -0000 1.111
+++ etc/MAKEDEV.common 29 Dec 2020 11:40:07 -0000
@@ -428,7 +428,7 @@ __devitem(au, audio*, Audio devices,audi
_mkdev(au, audio*, {-M audio$U c major_au_c $U 660 _sndiop
M audioctl$U c major_au_c Add($U, 192) 660 _sndiop-})dnl
__devitem(vi, video*, Video V4L2 devices,video)dnl
-_mkdev(vi, video*, {-M video$U c major_vi_c $U 600
+_mkdev(vi, video*, {-M video$U c major_vi_c $U 660 video
MKlist[${#MKlist[*]}]=";[ -e video ] || ln -s video$U
video"-})dnl __devitem(asc, asc*, ASC Audio device)dnl
_mkdev(asc, asc*, {-M asc$U major_asc_c 0-})dnl
