On Thu, Dec 30, 2021 at 8:34 AM Larry Finger <Larry.Finger@lwfinger.net> wrote:
On 12/29/21 02:17, Andrei Borzenkov wrote:
Sorry? What exactly does "user of VirtualBox" mean? We are talking about the *guest* system. Guest system does not have "VirtualBox users" at all, it has normal users created as part of installation. And normal installation most certainly does not add users to "vboxusers" group.
You seem to think about the host system. The problem is inside the guest system.
Sorry that I was so dense. The creation of /dev/vboxusers comes the the line KERNEL=="vboxuser", NAME="vboxuser", OWNER="root", GROUP="users", MODE="0660" in /usr/lib/udev/rules.d/60-vboxguest.rules.
Changing that line to KERNEL=="vboxuser", NAME="vboxuser", OWNER="root", MODE="0660" , TAG+="uaccess" results in a /dev/vboxuser as 0660 root:root, but it works without the user belonging to any group other than the default assigned when the system was installed.
I think that is what you meant for me to do.
Yes, I use this on my (the only available) TW VM under VirtualBox and it allows me to use the shared clipboard again for users created on current TW.
That said, I have no idea how it works. More learning to do.
systemd-logind adds ACLs to allow access to currently logged in user. Note that it also revokes access when switching between users and VirtualBox tools may not expect it.