The following test confirms all that:
$ cat test.c
#include <stdio.h>
#include <libusb-1.0/libusb.h>
int main()
{
int rc=0;
rc = libusb_init(NULL);
if (rc != 0) {
printf("Fail");
return -1;
}
printf("Initialized");
}
$ gcc -Wall test.c -lusb-1.0 -o test
$ strace -e open ./test 2>&1 | grep '/run'
open("/run/udev/data/c189:1", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:129", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:130", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:135", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:136", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:137", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:257", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:128", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:256", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:131", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:132", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:133", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/c189:134", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:3-0:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:3-2:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-1.1:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-1.2:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-1.2:1.1", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-1.3:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-1.3:1.1", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-1.4:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-1.4:1.1", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-1.4:1.2", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-1.4:1.3", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:1-0:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:1-1:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-0:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-1:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-5:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-6:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-7:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-7:1.1", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-8:1.0", O_RDONLY|O_CLOEXEC) = 8
open("/run/udev/data/+usb:2-8:1.1", O_RDONLY|O_CLOEXEC) = 8
We might be safe to say /run/udev/data/+usb* but for the c189 we would need to
know major/minor number.
Yes it is 189 mostly, but we need to do it right which is a dynamic check.
Non dynamic according to [1] that would be:
c - for char
and IDs 166,167,180,188,189
So something like the following:
/run/udev/data/c16[6,7]* r,
/run/udev/data/c18[0,8,9]* r,
That already is much safer than the full blanket that users use as workaround
atm.
Need to think what we could do dynamically to track down just the device needed.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1552241
Title:
libvirt-bin apparmor settings for usb host device
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1552241/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
