[Bug 558720] New: hal-acl-tool is missing
http://bugzilla.novell.com/show_bug.cgi?id=558720 http://bugzilla.novell.com/show_bug.cgi?id=558720#c0 Summary: hal-acl-tool is missing Classification: openSUSE Product: openSUSE 11.2 Version: Final Platform: Other OS/Version: openSUSE 11.2 Status: NEW Severity: Major Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: pierre.berthier@ini.phys.ethz.ch QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.5) Gecko/20091109 Ubuntu/9.10 (karmic) Firefox/3.5.5 I want to add some ACLs to serial ports, particularly when users log in and remove the ACLs when they log out. With Suse 10.3 I was using resmgr, but it is not here in SuSE 11.2 anymore. Now It seems to me I should use /usr/lib/hal/hal-acl-tool for this and trigger it by defining some HAL devices callouts. The problem is I cannot find a file /usr/lib/hal/hal-acl-tool (or /usr/lib64/hal/hal-acl-tool). On SLES 11 and OpenSuSE 11.1 I can find this file. Is this a Bug or should I use another method to play with devices ACLs upon new sessions? Reproducible: Always Steps to Reproduce: 1. Look for /usr/lib/hal/hal-acl-tool or /usr/lib64/hal/hal-acl-tool Actual Results: File not found. Expected Results: File found. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=558720
http://bugzilla.novell.com/show_bug.cgi?id=558720#c1
Marcus Meissner
http://bugzilla.novell.com/show_bug.cgi?id=558720
http://bugzilla.novell.com/show_bug.cgi?id=558720#c2
--- Comment #2 from Kay Sievers
http://bugzilla.novell.com/show_bug.cgi?id=558720
http://bugzilla.novell.com/show_bug.cgi?id=558720#c3
--- Comment #3 from Pierre Berthier
Take a look at: /lib/udev/rules.d/70-acl.rules
Thanks -- would you have any pointer to a documentation explaining how this udev-acl is working? I have tried to add my own rule: KERNEL=="ttyS*", ENV{ACL_MANAGE}="1" but it does not seem to do anything. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=558720
http://bugzilla.novell.com/show_bug.cgi?id=558720#c4
Pierre Berthier
(In reply to comment #2)
Take a look at: /lib/udev/rules.d/70-acl.rules
Thanks -- would you have any pointer to a documentation explaining how this udev-acl is working? I have tried to add my own rule:
KERNEL=="ttyS*", ENV{ACL_MANAGE}="1"
but it does not seem to do anything.
OK, actually it works but only if I login on the local console. However, I want this mechanism to work for any sessions (in particular those initiated by sshd). For this I have added the following line to /etc/pam.d/common-session: "session optional pam_ck_connector.so" I was then expecting the ACLs to be applied also for users logged in through SSH. This is the way it worked with the hal solution, but this is not the case with udev-hal. As far as I understand the source code in udev-acl.c (in udev-146-3.2.src.rpm), this is because at line 165 the consolekit_called() will return before setting the value for uid if the session is not local. Therefore in the main() after line 278, the program believes that there is nothing to do and returns code 2 with a message "missing action". Should I open a new bug? -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=558720
http://bugzilla.novell.com/show_bug.cgi?id=558720#c5
Kay Sievers
Should I open a new bug?
Sorry, currently there is only one local and active session supported. That might change with the ConsoleKit multi-seat stuff people are working on, but there is no specific plan when they are ready for merging. For the time being, there will be no action taken with any bug about this in the openSUSE bugzilla. It is entirely driven by the involved upstream projects. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com