Johannes Meixner wrote:
All I can do is to provide some background information how the udev/HAL/resmgr machinery currently (for openSUSE 10.2) works:
YaST sets scanner access permissions by calling /usr/lib/YaST2/bin/test_and_set_scanner_access_permissions which checks if the scanner is already listed in /etc/hal/fdi/policy/10osvendor/70-scanner.fdi and if not it writes /etc/hal/fdi/policy/10osvendor/80-scanner.fdi to set up HAL to trigger resmgr to grant access for normal users. For some background information have a look at https://bugzilla.novell.com/show_bug.cgi?id=218393 in particular start at comment #19. Don't get confused by "sane-dev", it was used for SCSI scanners.
Tried to follow this, though I don't pretend to understand all of it. I guess the part I really need to understand if I'm to make any further headway is the bit about how the script "sets scanner access permissions"; it's still muddy after looking at the .fdi files how the presence of my scanner in one of them will "trigger resmgr to grant access for normal users"; I don't see anything in the XML which seems related to specifying who gets to see what. Is there a HOWTO explaining how all of this stuff works for mortal users (rather than systems administrators)?
You may check the following:
Note the USB IDs for vendor and model in the "lsusb" output. E.g. my Canon LiDE 30 is listed this way: --------------------------------------------------------------------- Bus 001 Device 003: ID 04a9:220e Canon, Inc. CanoScan N1240U/LiDE 30 ---------------------------------------------------------------------
Right -- different bus and device numbers, of course, but the hardware ID is identical to yours.
Check if those USB IDs are in your /etc/hal/fdi/policy/10osvendor/70-scanner.fdi or at least in your /etc/hal/fdi/policy/10osvendor/80-scanner.fdi E.g. in my 70-scanner.fdi there is --------------------------------------------------------------------- <match key="info.category" string="usbraw"> <match key="@info.parent:usb_device.vendor_id" int="0x04a9"> <match key="@info.parent:usb_device.product_id" int="0x220e"> <append key="info.capabilities" type="strlist">scanner</append> </match> </match> </match> ---------------------------------------------------------------------
OK, I've got that block in 70-scanner.fdi.
This way via udev and HAL the resmgr will be notified that this USB device is a scanner so that resmgr will set an appropriate ACL on its device file.
That's the part that doesn't work on my system. So perhaps the presence of my scanner in the .fdi file is necessary, but not sufficient.
Accordingly /usr/sbin/hal-resmgr --list shows my Canon LiDE 30 as ---------------------------------------------------------------------- UDI /org/freedesktop/Hal/devices/usb_device_4a9_220e_noserial_usbraw Device /dev/bus/usb/001/003 Class scanner ----------------------------------------------------------------------
That command's output is empty here.
and getfacl /dev/bus/usb/001/003 shows the actual ACL on the scanner's device file ---------------------------------------------------------------------- getfacl: Removing leading '/' from absolute path names # file: dev/bus/usb/001/003 # owner: root # group: root user::rw- user:jsmeix:rw- group::r-- mask::rw- other::r-- ---------------------------------------------------------------------- i.e. my normal user "jsmeix" has "rw" permissions.
$ getfacl /dev/bus/usb/007/001 getfacl: Removing leading '/' from absolute path names # file: dev/bus/usb/007/001 # owner: root # group: users user::rw- group::r-- other::r-- Thanks for your assistance, Johannes. Never saw a shell script that parsed and wrote XML before. Very impressive. :-) -- Bob Kline http://www.rksystems.com mailto:bkline@rksystems.com -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org