[Bug 1222186] VirtualBox not allowed to access USB devices although user is in vboxusers group
https://bugzilla.suse.com/show_bug.cgi?id=1222186 https://bugzilla.suse.com/show_bug.cgi?id=1222186#c20 --- Comment #20 from Javier de San Pedro <javispedro@gmail.com> --- (In reply to Larry Rainey from comment #18)
You have to replace the one in /usr/lib/virtualbox/vboxdrv.sh with the one in susepaste just running will not fix the issue - you have to vi new.sh with the code in susepaste then chmod 755 new.sh, then sudo new.sh. If it fixes your usb issue then move new.sh to /usr/lib/virtualbox/vboxdrv.sh
I matched exactly how Oracle Virtualbox installed the device nodes.
Regarding the /vbox/vboxdrvu permissions and owner, I agree: this is how Oracle installs things. However, I wouldn't do this change anyway because it just opens up some attack surface to users outside the vboxusr group. I also don't see why this would fix any vboxusb issue. The problem with vboxusb is because of these snippets: diff -u /usr/lib/virtualbox/vboxdrv.sh pastebin_vboxdrv.sh @@ -60,6 +60,10 @@ [ -r /etc/default/virtualbox ] && . /etc/default/virtualbox +chmod "${DEVICE_MODE}" /dev/vboxusb/ +chmod "${DEVICE_MODE}" /dev/vboxusb/* +chmod "${DEVICE_MODE}" /dev/vboxusb/*/* + begin_msg() { test -n "${2}" && echo "${SCRIPTNAME}: ${1}." This should be entirely removed. chmod /dev/vboxusb to 0660 just makes accessing this directory impossible for vboxuser users and _should not be needed at all_ since the VBoxCreateUsbNode.sh script works fine (and also require no patches). If this was for bug 1219766, we should never silently workaround it in the script, and rather fix it in systemd level (which to my knowledge has already been fixed). Also, regarding this other change: @@ -249,6 +254,20 @@ if grep -q usb_device /proc/devices; then mkdir -p -m 0750 /dev/vboxusb 2>/dev/null chown root:vboxusers /dev/vboxusb 2>/dev/null + + rm /dev/vboxnetctl + mknod -m 0660 /dev/vboxnetctl c 10 120 + # mknod -m 0660 /dev/vboxnetctl with major 10 and minor 120 + chown root:vboxusers /dev/vboxnetctl + rm /dev/vboxdrvu + mknod -m 0666 /dev/vboxdrvu c 10 121 + # mknod -m 0666 /dev/vboxdrvu with major 10 and minor 121 + chown root:root /dev/vboxdrvu 2>/dev/null + rm /dev/vboxdrv + mknod -m 0660 /dev/vboxdrv c 10 122 + # mknod -m 0660 /dev/vboxdrv with major 10 and minor 122 + chown root:vboxusers /dev/vboxdrv 2>/dev/null + fi succ_msg "VirtualBox services started" } This is dangerous. (misc) minors can be assigned dynamically and may be different between different sessions. But I just can't see how this can be possibly related to USB, unless we are merging multiple issues here. Can't we do just something like https://build.opensuse.org/package/rdiff/home:javispedro:branches:Virtualization/virtualbox?linkrev=base&rev=2 to remove these vboxusb workarounds? For me at least it fixes the issue. I would be submitting a request, but I can't get OBS to cooperate today (it fails to publish my packages due to requiring a SSL certificate, the first time I see this). -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com