bug#36335: Is /dev/kvm missing ACLs?

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#36335: Is /dev/kvm missing ACLs?

From:	Ludovic Courtès
Subject:	bug#36335: Is /dev/kvm missing ACLs?
Date:	Thu, 27 Jun 2019 15:45:33 +0200
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux)

Hi Chris,

Chris Marusich <address@hidden> skribis:

> Ludovic Courtès <address@hidden> writes:
>
>> Guix System doesn’t use ACLs at all.
>>
>> However, the udev rule for kvm sets it up like this:
>>
>>   crw-rw---- 1 root kvm 10, 232 Jun 24 08:38 /dev/kvm
>>
>> and the build users are part of the ‘kvm’ group.  I personally arrange
>> to have my user account in that group too.
>
> It's good to know that the "kvm" group is the right way to grant
> permissions.  However, if Guix System doesn't use ACLs, then why do some
> of my device files have ACLs on them, such as the video device file?
>
> $ getfacl /dev/video0 
> getfacl: Removing leading '/' from absolute path names
> # file: dev/video0
> # owner: root
> # group: video
> user::rw-
> user:marusich:rw-
> group::rw-
> mask::rw-
> other::---

Good question, I see the same thing here.

I suspected a udev rule but ‘grep’ didn’t find any that explicitly does
that, and there’s no code in eudev that fiddles with ACLs either, and
nothing obvious in devtmpfs.c in Linux.  So… it’s a mystery.

Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

bug#36335: Is /dev/kvm missing ACLs?, Chris Marusich, 2019/06/23
- bug#36335: Is /dev/kvm missing ACLs?, Ludovic Courtès, 2019/06/24
  - bug#36335: Is /dev/kvm missing ACLs?, Chris Marusich, 2019/06/27
    - bug#36335: Is /dev/kvm missing ACLs?, Ludovic Courtès <=

Prev by Date: bug#36374: ‘guix pull’ should not suggest running ‘guix pull’
Next by Date: bug#36402: installation error
Previous by thread: bug#36335: Is /dev/kvm missing ACLs?
Next by thread: bug#36336: Bug found while upgrading a GuixSD installation
Index(es):
- Date
- Thread